Commit 900ad2b0 authored by Dries's avatar Dries
Browse files

- Patch #70521 by Grugnog2 et al: fixed 'double logins', caching, and logging in and out.

parent 2c0571b8
......@@ -382,6 +382,15 @@ function drupal_load($type, $name) {
/**
* Set HTTP headers in preparation for a page response.
*
* The general approach here is that anonymous users can keep a local
* cache of the page, but must revalidate it on every request. Then,
* they are given a '304 Not Modified' response as long as they stay
* logged out and the page has not been modified.
*
* Authenticated users are always given a 'no-cache' header, and will
* fetch a fresh page on every request. This prevents authenticated
* users seeing locally cached pages that show them as logged out.
*
* @see page_set_cache
*/
function drupal_page_header() {
......@@ -413,6 +422,10 @@ function drupal_page_header() {
header("Last-Modified: $date");
header("ETag: $etag");
// The following headers force validation of cache:
header("Expires: Sun, 19 Nov 1978 05:00:00 GMT");
header("Cache-Control: must-revalidate");
// Determine if the browser accepts gzipped data.
if (@strpos($_SERVER['HTTP_ACCEPT_ENCODING'], 'gzip') === FALSE && function_exists('gzencode')) {
// Strip the gzip header and run uncompress.
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment