[BUGFIX] Use config.sendCacheHeaders only for cacheable content
This changes the behaviour of config.sendCacheHeaders = 1. When a non-cacheable option is used, the HTTP Response Headers for ensuring that a response should never be cached (that is Cache-Control: private, no-store) should be sent at any time, as it could contain sensitive information, regardless of the TypoScript option. The TypoScript option config.sendCacheHeaders is then only used to actually explicitly send the headers for a fully client-cacheable page (e.g. for a proxy), to explicitly allow the cached content to be stored for a defined amount of time. In addition, a lot of tests have been adapted to remove this option as it does not have any effect in the tests if the option is set. Resolves: #102445 Releases: main, 12.4 Change-Id: I603e73a114eb9668910484da7e9dc4e0e33e56ba Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81840 Tested-by:Benni Mack <benni@typo3.org> Reviewed-by:
Jörg Bösche <typo3@joergboesche.de> Tested-by:
Benjamin Franzke <ben@bnf.dev> Reviewed-by:
Sascha Nowak <sascha.nowak@netlogix.de> Tested-by:
core-ci <typo3@b13.com> Reviewed-by:
Showing
- typo3/sysext/core/Tests/Functional/Fixtures/Extensions/test_irre_csv/Configuration/TypoScript/JsonRenderer.typoscript 0 additions, 1 deletion...irre_csv/Configuration/TypoScript/JsonRenderer.typoscript
- typo3/sysext/core/Tests/Functional/Fixtures/Extensions/test_irre_foreignfield/Configuration/TypoScript/JsonRenderer.typoscript 0 additions, 1 deletion...ignfield/Configuration/TypoScript/JsonRenderer.typoscript
- typo3/sysext/core/Tests/Functional/Fixtures/Frontend/JsonRenderer.typoscript 0 additions, 1 deletion...ests/Functional/Fixtures/Frontend/JsonRenderer.typoscript
- typo3/sysext/extbase/Tests/Functional/Persistence/Fixtures/Frontend/ContentJsonRenderer.typoscript 0 additions, 1 deletion...sistence/Fixtures/Frontend/ContentJsonRenderer.typoscript
- typo3/sysext/extbase/Tests/Functional/Persistence/Fixtures/Frontend/JsonRenderer.typoscript 0 additions, 1 deletion...nal/Persistence/Fixtures/Frontend/JsonRenderer.typoscript
- typo3/sysext/fluid/Tests/Functional/Fixtures/Extensions/fluid_test/Configuration/TypoScript/Basic.typoscript 0 additions, 1 deletion...ions/fluid_test/Configuration/TypoScript/Basic.typoscript
- typo3/sysext/fluid_styled_content/Tests/Functional/Rendering/SecureHtmlRenderingTest.php 0 additions, 1 deletion...nt/Tests/Functional/Rendering/SecureHtmlRenderingTest.php
- typo3/sysext/form/Tests/Functional/Fixtures/Frontend/ContentRenderer.typoscript 0 additions, 1 deletion...s/Functional/Fixtures/Frontend/ContentRenderer.typoscript
- typo3/sysext/frontend/Classes/Controller/TypoScriptFrontendController.php 14 additions, 12 deletions...ntend/Classes/Controller/TypoScriptFrontendController.php
- typo3/sysext/frontend/Tests/Functional/SiteHandling/Fixtures/LinkGenerator.typoscript 0 additions, 1 deletion...Functional/SiteHandling/Fixtures/LinkGenerator.typoscript
- typo3/sysext/frontend/Tests/Functional/SiteHandling/Fixtures/LinkRequest.typoscript 0 additions, 1 deletion...s/Functional/SiteHandling/Fixtures/LinkRequest.typoscript
- typo3/sysext/redirects/Tests/Functional/Service/Fixtures/Redirects.typoscript 0 additions, 1 deletion...ts/Tests/Functional/Service/Fixtures/Redirects.typoscript
- typo3/sysext/seo/Tests/Functional/Fixtures/HrefLang.typoscript 0 additions, 1 deletion.../sysext/seo/Tests/Functional/Fixtures/HrefLang.typoscript
Please register or sign in to comment