also clean away the NO_AUTO_CACHE_CONTROL_HEADER if we have no session

2018-10-23 15:46:56 +02:00 · 2018-10-23 15:46:56 +02:00 · 28d9f0c84c
commit 28d9f0c84c
parent f1795c07e6
2 changed files with 17 additions and 10 deletions
--- a/src/Symfony/Component/HttpKernel/EventListener/AbstractSessionListener.php
+++ b/src/Symfony/Component/HttpKernel/EventListener/AbstractSessionListener.php
@ -71,14 +71,17 @@ abstract class AbstractSessionListener implements EventSubscriberInterface
            return;
        }

+        $response = $event->getResponse();
+        $autoCacheControl = !$response->headers->has(self::NO_AUTO_CACHE_CONTROL_HEADER);
+        // Always remove the internal header if present
+        $response->headers->remove(self::NO_AUTO_CACHE_CONTROL_HEADER);
+
        if (!$session = $this->container && $this->container->has('initialized_session') ? $this->container->get('initialized_session') : $event->getRequest()->getSession()) {
            return;
        }

-        $response = $event->getResponse();
-
        if ($session instanceof Session ? $session->getUsageIndex() !== end($this->sessionUsageStack) : $session->isStarted()) {
-            if (!$response->headers->has(self::NO_AUTO_CACHE_CONTROL_HEADER)) {
+            if ($autoCacheControl) {
                $response
                    ->setPrivate()
                    ->setMaxAge(0)
@ -86,9 +89,6 @@ abstract class AbstractSessionListener implements EventSubscriberInterface
            }
        }

-        // Always remove the internal header if present
-        $response->headers->remove(self::NO_AUTO_CACHE_CONTROL_HEADER);
-
        if ($session->isStarted()) {
            /*
             * Saves the session, in case it is still open, before sending the response/headers.
--- a/src/Symfony/Component/HttpKernel/Tests/EventListener/SessionListenerTest.php
+++ b/src/Symfony/Component/HttpKernel/Tests/EventListener/SessionListenerTest.php
@ -106,17 +106,24 @@ class SessionListenerTest extends TestCase
        $this->assertFalse($response->headers->has(AbstractSessionListener::NO_AUTO_CACHE_CONTROL_HEADER));
    }

-    public function testUninitilizedSession()
+    public function testUninitializedSession()
    {
-        $event = $this->getMockBuilder(FilterResponseEvent::class)->disableOriginalConstructor()->getMock();
-        $event->expects($this->once())->method('isMasterRequest')->willReturn(true);
+        $kernel = $this->getMockBuilder(HttpKernelInterface::class)->disableOriginalConstructor()->getMock();
+        $response = new Response();
+        $response->setSharedMaxAge(60);
+        $response->headers->set(AbstractSessionListener::NO_AUTO_CACHE_CONTROL_HEADER, 'true');

        $container = new ServiceLocator(array(
            'initialized_session' => function () {},
        ));

        $listener = new SessionListener($container);
-        $listener->onKernelResponse($event);
+        $listener->onKernelResponse(new FilterResponseEvent($kernel, new Request(), HttpKernelInterface::MASTER_REQUEST, $response));
+        $this->assertTrue($response->headers->hasCacheControlDirective('public'));
+        $this->assertFalse($response->headers->hasCacheControlDirective('private'));
+        $this->assertFalse($response->headers->hasCacheControlDirective('must-revalidate'));
+        $this->assertSame('60', $response->headers->getCacheControlDirective('s-maxage'));
+        $this->assertFalse($response->headers->has(AbstractSessionListener::NO_AUTO_CACHE_CONTROL_HEADER));
    }

    public function testSurrogateMasterRequestIsPublic()