Set proper Cache-Control headers everywhere #42

Open
opened 3 years ago by phryk · 0 comments
phryk commented 3 years ago (Migrated from rnd.phryk.net)
Owner

I'd thought I'd done this already, but apparently only for theme resources and robots.txt.

Everything needs to have "public" enabled (at least optionally) for the httpd
to do proper caching so that not every single request gets processed by poobrains itself, which would make a DDoS or an outage due to lots of requests to expensive endpoints pretty easy to happen. This should most definitely be considered a bug.

config already contains 'CACHE_SHORT' which is used exactly nowhere.
It should apply to all non-Administerable Renderables.

Administerable should get an extra BooleanField to activate public caching (default=False).

I'd thought I'd done this already, but apparently only for theme resources and robots.txt. **Everything** needs to have "public" enabled (at least optionally) for the httpd to do proper caching so that not every single request gets processed by poobrains itself, which would make a DDoS or an outage due to lots of requests to expensive endpoints pretty easy to happen. This should most definitely be considered a bug. config already contains 'CACHE_SHORT' which is used exactly nowhere. It should apply to all non-`Administerable` `Renderable`s. `Administerable` should get an extra `BooleanField` to activate public caching (default=False).
Sign in to join this conversation.
No Milestone
No project
No Assignees
1 Participants
Notifications
Due Date

No due date set.

Dependencies

No dependencies set.

Reference: phryk-evil-mad-sciences-llc/poobrains#42
Loading…
There is no content yet.