Dev_Work
(Aleksandr)
March 18, 2019, 2:10pm
1
Route site.local/logs/messages.json
Note, that Cache-Control headers are missing in the response headers
Ideally, the web server should return the following HTTP headers in all responses
containing sensitive content:
Cache-control: no-store
Pragma: no-cache
1 Like
I am also interested in this qiestion
Falco
(Falco)
March 19, 2019, 7:15pm
3
3 Likes
Dev_Work
(Aleksandr)
March 19, 2019, 10:41pm
4
I want to add headers for this route.
Falco
(Falco)
March 19, 2019, 10:46pm
5
Yes, I got that. The entire /logs
route is handled by the aforementioned library, so you will have to hack on it.
3 Likes
Dev_Work
(Aleksandr)
March 19, 2019, 10:53pm
7
can i override methods from my custom plugin?
Dev_Work
(Aleksandr)
March 21, 2019, 12:58am
8
I think this will help in resolving the issue
add to nginx
location /logs/messages.json {
}
add_header Cache-Control "no-store";
add_header Pragma "no-cache";
How to do this through middleware?
req = Rack::Request.new(@env)
route = req.path_info.to_s
if (route == '/logs/messages.json')
#add headers
end
pfaffman
(Jay Pfaffman)
March 21, 2019, 1:21am
9
You could submit a PR to discourse_docker that added those headers via nginx (note: I have nothing to do with accepting a PR, but this seems reasonable).
Dev_Work
(Aleksandr)
March 21, 2019, 6:29am
10
And there is no easy way for example?
# plugin.rb
Rails.application.config.action_dispatch.default_headers.merge! ({'Cache-Control' => 'no-store'}, 'my_route_name')
or
Rails.application.config.action_dispatch.default_headers.merge! ({'Cache-Control' => 'no-store'}, '/logs/messages.json')
pfaffman
(Jay Pfaffman)
March 21, 2019, 10:26am
11
You have already identified the solution. You don’t need a plugin. Adding a few lines to your app.yml is easy and requires no plugin.
See Subfolder support with Docker for examples of how to modify the nginx config in the yml file.
3 Likes
Dev_Work
(Aleksandr)
March 25, 2019, 11:39am
12
How do I add these settings in app.yml?
I could not get
Dev_Work
(Aleksandr)
March 26, 2019, 6:34am
13
Happened!!
The Hour of the Dead was when men died. And when a man died, they sent him home by clacks. Moist’s mouth dropped open. ‘Huh?’
‘That’s what they call it,’ said Harry. ‘Not lit’rally, o’ course. But they send his name from one end of the Trunk to the other, ending up at the tower nearest his home.’
‘Yeah, but they say sometimes the person stays on in the towers, somehow,’ said Jim.’ “Living in the Overhead”, they call it.’
A lot of what travelled on the Grand Trunk was called the Overhea…
- replace:
filename: "/etc/nginx/conf.d/discourse.conf"
from: /sendfile on;/
to: |
add_header Cache-Control "no-store";
add_header Pragma "no-cache";
sendfile on;
pfaffman
(Jay Pfaffman)
March 26, 2019, 11:21am
14
Great! Glad you got it!
Hey @falco . Does this seem like something that should be added to the web template?
Falco
(Falco)
March 26, 2019, 3:17pm
15
No, that should be handled in the library code.
4 Likes