Commit 7b947455 authored by Eugen Rochko's avatar Eugen Rochko Committed by Nathan Ladd
Browse files

Fix settings pages being cacheable by the browser (#12714)

Fix #12255
parent 58f89497
......@@ -10,6 +10,7 @@ class Auth::RegistrationsController < Devise::RegistrationsController
before_action :set_instance_presenter, only: [:new, :create, :update]
before_action :set_body_classes, only: [:new, :create, :edit, :update]
before_action :require_not_suspended!, only: [:update]
before_action :set_cache_headers, only: [:edit, :update]
skip_before_action :require_functional!, only: [:edit, :update]
......@@ -109,4 +110,8 @@ class Auth::RegistrationsController < Devise::RegistrationsController
def require_not_suspended!
forbidden if current_account.suspended?
end
def set_cache_headers
response.headers['Cache-Control'] = 'no-cache, no-store, max-age=0, must-revalidate'
end
end
......@@ -5,6 +5,7 @@ class Oauth::AuthorizationsController < Doorkeeper::AuthorizationsController
before_action :store_current_location
before_action :authenticate_resource_owner!
before_action :set_cache_headers
include Localized
......@@ -27,4 +28,8 @@ class Oauth::AuthorizationsController < Doorkeeper::AuthorizationsController
def truthy_param?(key)
ActiveModel::Type::Boolean.new.cast(params[key])
end
def set_cache_headers
response.headers['Cache-Control'] = 'no-cache, no-store, max-age=0, must-revalidate'
end
end
......@@ -2,10 +2,15 @@
class Settings::BaseController < ApplicationController
before_action :set_body_classes
before_action :set_cache_headers
private
def set_body_classes
@body_classes = 'admin'
end
def set_cache_headers
response.headers['Cache-Control'] = 'no-cache, no-store, max-age=0, must-revalidate'
end
end
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment