summaryrefslogtreecommitdiffstats
path: root/web/lib/aurjson.class.php
diff options
context:
space:
mode:
Diffstat (limited to 'web/lib/aurjson.class.php')
-rw-r--r--web/lib/aurjson.class.php30
1 files changed, 29 insertions, 1 deletions
diff --git a/web/lib/aurjson.class.php b/web/lib/aurjson.class.php
index 50cf6d0f..a96cc4b5 100644
--- a/web/lib/aurjson.class.php
+++ b/web/lib/aurjson.class.php
@@ -29,6 +29,17 @@ class AurJSON {
* @return string The JSON formatted response data.
**/
public function handle($http_data) {
+ // unset global aur headers from aur.inc
+ // leave expires header to enforce validation
+ // header_remove('Expires');
+ // unset global aur.inc pragma header. We want to allow caching of data
+ // in proxies, but require validation of data (if-none-match) if
+ // possible
+ header_remove('Pragma');
+ // overwrite cache-control header set in aur.inc to allow caching, but
+ // require validation
+ header('Cache-Control: public, must-revalidate, max-age=0');
+
// handle error states
if ( !isset($http_data['type']) || !isset($http_data['arg']) ) {
return $this->json_error('No request type/data specified.');
@@ -43,6 +54,24 @@ class AurJSON {
$json = call_user_func(array(&$this, $http_data['type']),
$http_data['arg']);
+ // calculate etag as an md5 based on the json result
+ // this could be optimized by calculating the etag on the
+ // query result object before converting to json (step into
+ // the above function call) and adding the 'type' to the response,
+ // but having all this code here is cleaner and 'good enough'
+ $etag = md5($json);
+ header("Etag: \"$etag\"");
+ // make sure to strip a few things off the if-none-match
+ // header. stripping whitespace may not be required, but
+ // removing the quote on the incoming header is required
+ // to make the equality test
+ $if_none_match = isset($_SERVER['HTTP_IF_NONE_MATCH']) ?
+ trim($_SERVER['HTTP_IF_NONE_MATCH'], "\t\n\r\" ") : false;
+ if ($if_none_match && $if_none_match == $etag) {
+ header('HTTP/1.1 304 Not Modified');
+ return;
+ }
+
// allow rpc callback for XDomainAjax
if ( isset($http_data['callback']) ) {
// it is more correct to send text/javascript
@@ -179,7 +208,6 @@ class AurJSON {
$where_condition = sprintf("Name=\"%s\"",
mysql_real_escape_string($pqdata, $this->dbh));
}
-
return $this->process_query('info', $where_condition);
}