Prevent caching of redirect

Dynamic redirects shouldn't be cached. This especially causes a problem with redirection to the login page, since trying to actually access the page the user logged in to see can get them redirected back to the login page on some browsers. This patch adds headers to prevent caching of all redirects, which isn't ideal, but better than allowing caching of all of them.
2012-11-21 22:39:53 -08:00 · 2012-11-21 22:39:53 -08:00 · a2ad8fe704
commit a2ad8fe704
parent d37b0634a5
1 changed files with 5 additions and 1 deletions
--- a/yesod-core/Yesod/Handler.hs
+++ b/yesod-core/Yesod/Handler.hs
@ -522,7 +522,11 @@ runHandler handler mrender sroute tomr master sub upload log' =
                Right c' -> return $ YARPlain status (appEndo headers []) ct c' finalSession
        HCError e -> handleError e
        HCRedirect status loc -> do
-            let hs = Header "Location" (encodeUtf8 loc) : appEndo headers []
+            let hs =
+                    [ Header "Cache-Control" "no-cache, must-revalidate"
+                    , Header "Expires" "Thu, 01 Jan 1970 05:05:05 GMT"
+                    , Header "Location" (encodeUtf8 loc)
+                    ] ++ appEndo headers []
            return $ YARPlain
                status hs typePlain emptyContent
                finalSession