possible fix for #1705

This commit is contained in:
Alec Armbruster 2023-06-29 13:09:37 -04:00
parent 08370d4c4e
commit b86dce69e9
No known key found for this signature in database
GPG key ID: 52BC7C84E960FD1B
2 changed files with 7 additions and 9 deletions

View file

@ -5,13 +5,9 @@ export default async ({ res }: { res: Response }) => {
res.send(
`Contact: mailto:security@lemmy.ml
Contact: mailto:admin@` +
process.env.LEMMY_UI_LEMMY_EXTERNAL_HOST +
`
Contact: mailto:security@` +
process.env.LEMMY_UI_LEMMY_EXTERNAL_HOST +
`
Expires: 2024-01-01T04:59:00.000Z
Contact: mailto:admin@${process.env.LEMMY_UI_LEMMY_EXTERNAL_HOST}
Contact: mailto:security@${process.env.LEMMY_UI_LEMMY_EXTERNAL_HOST}
Expires: 2024-01-01T04:59:00.000Z
`
);
};

View file

@ -18,7 +18,7 @@ export function setDefaultCsp({
// Set cache-control headers. If user is logged in, set `private` to prevent storing data in
// shared caches (eg nginx) and leaking of private data. If user is not logged in, allow caching
// all responses for 60 seconds to reduce load on backend and database. The specific cache
// all responses for 5 seconds to reduce load on backend and database. The specific cache
// interval is rather arbitrary and could be set higher (less server load) or lower (fresher data).
//
// https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cache-Control
@ -31,11 +31,13 @@ export function setCacheControl({
}) {
const user = UserService.Instance;
let caching: string;
if (user.auth()) {
caching = "private";
} else {
caching = "public, max-age=60";
caching = "public, max-age=5";
}
res.setHeader("Cache-Control", caching);
next();