[HttpKernel] Call Response->setPrivate() instead of sending raw header() when session is started
This commit is contained in:
parent
21dca38c00
commit
dbc1c1c4b6
@ -825,7 +825,7 @@ class FrameworkExtension extends Extension
|
||||
|
||||
// session storage
|
||||
$container->setAlias('session.storage', $config['storage_id'])->setPrivate(true);
|
||||
$options = array();
|
||||
$options = array('cache_limiter' => '0');
|
||||
foreach (array('name', 'cookie_lifetime', 'cookie_path', 'cookie_domain', 'cookie_secure', 'cookie_httponly', 'use_cookies', 'gc_maxlifetime', 'gc_probability', 'gc_divisor', 'use_strict_mode') as $key) {
|
||||
if (isset($config[$key])) {
|
||||
$options[$key] = $config[$key];
|
||||
|
@ -53,6 +53,10 @@ class SaveSessionListener implements EventSubscriberInterface
|
||||
$session = $event->getRequest()->getSession();
|
||||
if ($session && $session->isStarted()) {
|
||||
$session->save();
|
||||
$event->getResponse()
|
||||
->setPrivate()
|
||||
->setMaxAge(0)
|
||||
->headers->addCacheControlDirective('must-revalidate');
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -0,0 +1,53 @@
|
||||
<?php
|
||||
|
||||
/*
|
||||
* This file is part of the Symfony package.
|
||||
*
|
||||
* (c) Fabien Potencier <fabien@symfony.com>
|
||||
*
|
||||
* For the full copyright and license information, please view the LICENSE
|
||||
* file that was distributed with this source code.
|
||||
*/
|
||||
|
||||
namespace Symfony\Component\HttpKernel\Tests\EventListener;
|
||||
|
||||
use PHPUnit\Framework\TestCase;
|
||||
use Symfony\Component\HttpFoundation\Request;
|
||||
use Symfony\Component\HttpFoundation\Response;
|
||||
use Symfony\Component\HttpFoundation\Session\SessionInterface;
|
||||
use Symfony\Component\HttpKernel\Event\FilterResponseEvent;
|
||||
use Symfony\Component\HttpKernel\EventListener\SaveSessionListener;
|
||||
use Symfony\Component\HttpKernel\HttpKernelInterface;
|
||||
|
||||
class SaveSessionListenerTest extends TestCase
|
||||
{
|
||||
public function testOnlyTriggeredOnMasterRequest()
|
||||
{
|
||||
$listener = new SaveSessionListener();
|
||||
$event = $this->getMockBuilder(FilterResponseEvent::class)->disableOriginalConstructor()->getMock();
|
||||
$event->expects($this->once())->method('isMasterRequest')->willReturn(false);
|
||||
$event->expects($this->never())->method('getRequest');
|
||||
|
||||
// sub request
|
||||
$listener->onKernelResponse($event);
|
||||
}
|
||||
|
||||
public function testSessionSavedAndResponsePrivate()
|
||||
{
|
||||
$listener = new SaveSessionListener();
|
||||
$kernel = $this->getMockBuilder(HttpKernelInterface::class)->disableOriginalConstructor()->getMock();
|
||||
|
||||
$session = $this->getMockBuilder(SessionInterface::class)->disableOriginalConstructor()->getMock();
|
||||
$session->expects($this->once())->method('isStarted')->willReturn(true);
|
||||
$session->expects($this->once())->method('save');
|
||||
|
||||
$request = new Request();
|
||||
$request->setSession($session);
|
||||
$response = new Response();
|
||||
$listener->onKernelResponse(new FilterResponseEvent($kernel, $request, HttpKernelInterface::MASTER_REQUEST, $response));
|
||||
|
||||
$this->assertTrue($response->headers->hasCacheControlDirective('private'));
|
||||
$this->assertTrue($response->headers->hasCacheControlDirective('must-revalidate'));
|
||||
$this->assertSame('0', $response->headers->getCacheControlDirective('max-age'));
|
||||
}
|
||||
}
|
Reference in New Issue
Block a user