Issue #3067286 by e0ipso: Cacheability issues

a5795f56 · Mateu Aguiló Bosch · Mateu Aguiló Bosch · 5fe7b91e · a5795f56
Unverified Commit a5795f56 authored 5 years ago by Mateu Aguiló Bosch Committed by Mateu Aguiló Bosch 5 years ago
--- a/src/Controller/Forwarder.php
+++ b/src/Controller/Forwarder.php
@@ -33,14 +33,20 @@ final class Forwarder extends ControllerBase {
  public function forward(HttpApiInterface $api_proxy, Request $request): Response {
    // TODO: This belongs to the routing system.
    $account = $this->currentUser();
+    $cache_contexts = [
+      'url.query_args:' . Forwarder::QUERY_PARAM_URI,
+      'headers:Origin',
+      'user.permissions',
+    ];
+    $cacheability = (new CacheableMetadata())
+      ->addCacheContexts($cache_contexts);
    if (!$account->hasPermission(key($api_proxy->permissions()))) {
-      $cacheability = (new CacheableMetadata())
-        ->addCacheContexts(['user.permissions']);
-      throw new CacheableAccessDeniedHttpException($cacheability, 'The current user does not have access to this proxy');
+      throw new CacheableAccessDeniedHttpException(
+        $cacheability,
+        'The current user does not have access to this proxy'
+      );
    }
    $third_party_uri = $this->sanitizeUri($request->query->get(static::QUERY_PARAM_URI));
-    $cache_contexts = ['url.query_args:' . static::QUERY_PARAM_URI];
-    $cacheability = (new CacheableMetadata())->addCacheContexts($cache_contexts);
    if (empty($third_party_uri)) {
      throw new CacheableBadRequestHttpException(
        $cacheability,