From 05b2193e9fa49c429df62c2661af0086396660ef Mon Sep 17 00:00:00 2001 From: Ian Duncan Date: Fri, 8 Sep 2017 09:00:12 +0900 Subject: [PATCH] Code review fixes for #1444 --- yesod-core/Yesod/Core/Handler.hs | 6 +++++- yesod-core/test/YesodCoreTest/Redirect.hs | 4 +++- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/yesod-core/Yesod/Core/Handler.hs b/yesod-core/Yesod/Core/Handler.hs index aaf7de3a..94dd27dc 100644 --- a/yesod-core/Yesod/Core/Handler.hs +++ b/yesod-core/Yesod/Core/Handler.hs @@ -877,10 +877,14 @@ setEtag :: MonadHandler m => Text -> m () setEtag etag = do mmatch <- lookupHeader "if-none-match" let matches = maybe [] parseMatch mmatch - if StrongEtag (encodeUtf8 etag) `elem` matches + baseTag = encodeUtf8 etag + strongTag = StrongEtag baseTag + badTag = InvalidEtag baseTag + if any (\tag -> tag == strongTag || tag == badTag) matches then notModified else addHeader "etag" $ T.concat ["\"", etag, "\""] + -- | Parse an if-none-match field according to the spec. parseMatch :: S.ByteString -> [Etag] parseMatch = diff --git a/yesod-core/test/YesodCoreTest/Redirect.hs b/yesod-core/test/YesodCoreTest/Redirect.hs index b916d784..c922113a 100644 --- a/yesod-core/test/YesodCoreTest/Redirect.hs +++ b/yesod-core/test/YesodCoreTest/Redirect.hs @@ -79,12 +79,14 @@ specs = describe "Redirect" $ do res <- request defaultRequest { pathInfo = ["etag"] } assertStatus 200 res assertHeader "etag" "\"hello world\"" res + -- Note: this violates the RFC around ETag format, but is being left as is + -- out of concerns that it might break existing users with misbehaving clients. it "single, unquoted if-none-match" $ app $ do res <- request defaultRequest { pathInfo = ["etag"] , requestHeaders = [("if-none-match", "hello world")] } - assertStatus 200 res + assertStatus 304 res it "different if-none-match" $ app $ do res <- request defaultRequest { pathInfo = ["etag"]