0
0

return a Vary: Accept header for all dual-format endpoints #365 (#13044)

`/users/:user`, `/@:user`, `/notes/:note` return different responses
depending on the request's `Accept:` header. If we don't consistently
return a `Vary: Accept` header, browsers and caching proxies will get
confused, and return AP representations when HTML was requested, or
vice versa.

Co-authored-by: dakkar <dakkar@thenautilus.net>
Co-authored-by: syuilo <Syuilotan@yahoo.co.jp>
This commit is contained in:
かっこかり 2024-01-21 18:14:42 +09:00 committed by GitHub
parent 4c87e98e12
commit fb309f3d4f
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 8 additions and 0 deletions

View File

@ -648,6 +648,8 @@ export class ActivityPubServerService {
});
fastify.get<{ Params: { user: string; } }>('/users/:user', { constraints: { apOrHtml: 'ap' } }, async (request, reply) => {
vary(reply.raw, 'Accept');
const userId = request.params.user;
const user = await this.usersRepository.findOneBy({
@ -660,6 +662,8 @@ export class ActivityPubServerService {
});
fastify.get<{ Params: { user: string; } }>('/@:user', { constraints: { apOrHtml: 'ap' } }, async (request, reply) => {
vary(reply.raw, 'Accept');
const user = await this.usersRepository.findOneBy({
usernameLower: request.params.user.toLowerCase(),
host: IsNull(),

View File

@ -476,6 +476,8 @@ export class ClientServerService {
isSuspended: false,
});
vary(reply.raw, 'Accept');
if (user != null) {
const profile = await this.userProfilesRepository.findOneByOrFail({ userId: user.id });
const meta = await this.metaService.fetch();
@ -515,6 +517,8 @@ export class ClientServerService {
return;
}
vary(reply.raw, 'Accept');
reply.redirect(`/@${user.username}${ user.host == null ? '' : '@' + user.host}`);
});