diff options
Diffstat (limited to 'web/lib/aurjson.class.php')
-rw-r--r-- | web/lib/aurjson.class.php | 30 |
1 files changed, 29 insertions, 1 deletions
diff --git a/web/lib/aurjson.class.php b/web/lib/aurjson.class.php index 50cf6d0f..a96cc4b5 100644 --- a/web/lib/aurjson.class.php +++ b/web/lib/aurjson.class.php @@ -29,6 +29,17 @@ class AurJSON { * @return string The JSON formatted response data. **/ public function handle($http_data) { + // unset global aur headers from aur.inc + // leave expires header to enforce validation + // header_remove('Expires'); + // unset global aur.inc pragma header. We want to allow caching of data + // in proxies, but require validation of data (if-none-match) if + // possible + header_remove('Pragma'); + // overwrite cache-control header set in aur.inc to allow caching, but + // require validation + header('Cache-Control: public, must-revalidate, max-age=0'); + // handle error states if ( !isset($http_data['type']) || !isset($http_data['arg']) ) { return $this->json_error('No request type/data specified.'); @@ -43,6 +54,24 @@ class AurJSON { $json = call_user_func(array(&$this, $http_data['type']), $http_data['arg']); + // calculate etag as an md5 based on the json result + // this could be optimized by calculating the etag on the + // query result object before converting to json (step into + // the above function call) and adding the 'type' to the response, + // but having all this code here is cleaner and 'good enough' + $etag = md5($json); + header("Etag: \"$etag\""); + // make sure to strip a few things off the if-none-match + // header. stripping whitespace may not be required, but + // removing the quote on the incoming header is required + // to make the equality test + $if_none_match = isset($_SERVER['HTTP_IF_NONE_MATCH']) ? + trim($_SERVER['HTTP_IF_NONE_MATCH'], "\t\n\r\" ") : false; + if ($if_none_match && $if_none_match == $etag) { + header('HTTP/1.1 304 Not Modified'); + return; + } + // allow rpc callback for XDomainAjax if ( isset($http_data['callback']) ) { // it is more correct to send text/javascript @@ -179,7 +208,6 @@ class AurJSON { $where_condition = sprintf("Name=\"%s\"", mysql_real_escape_string($pqdata, $this->dbh)); } - return $this->process_query('info', $where_condition); } |