Discover cache: switch from public to private
Self-review nit on b0e7dae. Discover data is user-specific (hero
artists from your watchlist, similar artists from your taste,
recently-played derivations, etc.) — `Cache-Control: public` would let
intermediate proxies (corporate caching proxy, Cloudflare with cache
rules, Nginx with proxy_cache) store one user's response and serve
it to another. Privacy leak.
Switched to `private, max-age=300`. Browser-only cache, proxies skip.
Static assets stay `public` (shared content — everyone gets the same
library.js). Streaming and backup endpoints already correct
(`no-cache` and `no-store` respectively).
603 tests pass.
This commit is contained in:
parent
b0e7dae7c6
commit
5d9e5e5781
1 changed files with 7 additions and 1 deletions
|
|
@ -325,6 +325,12 @@ def _add_discover_cache_headers(response):
|
|||
Scope: only `/api/discover/` and `/api/discovery/` paths, only GET,
|
||||
only successful 2xx responses. Any endpoint that explicitly sets
|
||||
its own Cache-Control wins (we don't override).
|
||||
|
||||
Uses `private` not `public` because discover data is user-specific
|
||||
(hero artists from your watchlist, similar artists from your taste,
|
||||
etc.). `private` keeps it browser-only — intermediate proxies
|
||||
(corporate caching proxies, Cloudflare with cache rules, Nginx
|
||||
proxy_cache) won't store one user's response and serve it to another.
|
||||
"""
|
||||
try:
|
||||
if request.method != 'GET':
|
||||
|
|
@ -336,7 +342,7 @@ def _add_discover_cache_headers(response):
|
|||
return response
|
||||
if response.headers.get('Cache-Control'):
|
||||
return response
|
||||
response.headers['Cache-Control'] = 'public, max-age=300'
|
||||
response.headers['Cache-Control'] = 'private, max-age=300'
|
||||
except Exception as exc:
|
||||
# Don't let a header-tagging bug turn a successful response into
|
||||
# a 500 — log and ship the response without the cache header.
|
||||
|
|
|
|||
Loading…
Reference in a new issue