mirror of
https://github.com/moodle/moodle.git
synced 2025-01-17 21:49:15 +01:00
MDL-40379 Files Prevent mobile network providers from modifying content.
This commit is contained in:
parent
bbb291b7b7
commit
c3a3f54053
@ -2188,11 +2188,11 @@ function send_temp_file($path, $filename, $pathisstring=false) {
|
|||||||
|
|
||||||
header('Content-Disposition: attachment; filename="'.$filename.'"');
|
header('Content-Disposition: attachment; filename="'.$filename.'"');
|
||||||
if (strpos($CFG->wwwroot, 'https://') === 0) { //https sites - watch out for IE! KB812935 and KB316431
|
if (strpos($CFG->wwwroot, 'https://') === 0) { //https sites - watch out for IE! KB812935 and KB316431
|
||||||
header('Cache-Control: private, max-age=10');
|
header('Cache-Control: private, max-age=10, no-transform');
|
||||||
header('Expires: '. gmdate('D, d M Y H:i:s', 0) .' GMT');
|
header('Expires: '. gmdate('D, d M Y H:i:s', 0) .' GMT');
|
||||||
header('Pragma: ');
|
header('Pragma: ');
|
||||||
} else { //normal http - prevent caching at all cost
|
} else { //normal http - prevent caching at all cost
|
||||||
header('Cache-Control: private, must-revalidate, pre-check=0, post-check=0, max-age=0');
|
header('Cache-Control: private, must-revalidate, pre-check=0, post-check=0, max-age=0, no-transform');
|
||||||
header('Expires: '. gmdate('D, d M Y H:i:s', 0) .' GMT');
|
header('Expires: '. gmdate('D, d M Y H:i:s', 0) .' GMT');
|
||||||
header('Pragma: no-cache');
|
header('Pragma: no-cache');
|
||||||
}
|
}
|
||||||
@ -2274,18 +2274,18 @@ function send_file($path, $filename, $lifetime = null , $filter=0, $pathisstring
|
|||||||
$private = ' private,';
|
$private = ' private,';
|
||||||
}
|
}
|
||||||
$nobyteserving = false;
|
$nobyteserving = false;
|
||||||
header('Cache-Control:'.$private.' max-age='.$lifetime);
|
header('Cache-Control:'.$private.' max-age='.$lifetime.', no-transform');
|
||||||
header('Expires: '. gmdate('D, d M Y H:i:s', time() + $lifetime) .' GMT');
|
header('Expires: '. gmdate('D, d M Y H:i:s', time() + $lifetime) .' GMT');
|
||||||
header('Pragma: ');
|
header('Pragma: ');
|
||||||
|
|
||||||
} else { // Do not cache files in proxies and browsers
|
} else { // Do not cache files in proxies and browsers
|
||||||
$nobyteserving = true;
|
$nobyteserving = true;
|
||||||
if (strpos($CFG->wwwroot, 'https://') === 0) { //https sites - watch out for IE! KB812935 and KB316431
|
if (strpos($CFG->wwwroot, 'https://') === 0) { //https sites - watch out for IE! KB812935 and KB316431
|
||||||
header('Cache-Control: private, max-age=10');
|
header('Cache-Control: private, max-age=10, no-transform');
|
||||||
header('Expires: '. gmdate('D, d M Y H:i:s', 0) .' GMT');
|
header('Expires: '. gmdate('D, d M Y H:i:s', 0) .' GMT');
|
||||||
header('Pragma: ');
|
header('Pragma: ');
|
||||||
} else { //normal http - prevent caching at all cost
|
} else { //normal http - prevent caching at all cost
|
||||||
header('Cache-Control: private, must-revalidate, pre-check=0, post-check=0, max-age=0');
|
header('Cache-Control: private, must-revalidate, pre-check=0, post-check=0, max-age=0, no-transform');
|
||||||
header('Expires: '. gmdate('D, d M Y H:i:s', 0) .' GMT');
|
header('Expires: '. gmdate('D, d M Y H:i:s', 0) .' GMT');
|
||||||
header('Pragma: no-cache');
|
header('Pragma: no-cache');
|
||||||
}
|
}
|
||||||
@ -2445,17 +2445,17 @@ function send_stored_file($stored_file, $lifetime=null, $filter=0, $forcedownloa
|
|||||||
if (isloggedin() and !isguestuser()) {
|
if (isloggedin() and !isguestuser()) {
|
||||||
$private = ' private,';
|
$private = ' private,';
|
||||||
}
|
}
|
||||||
header('Cache-Control:'.$private.' max-age='.$lifetime);
|
header('Cache-Control:'.$private.' max-age='.$lifetime.', no-transform');
|
||||||
header('Expires: '. gmdate('D, d M Y H:i:s', time() + $lifetime) .' GMT');
|
header('Expires: '. gmdate('D, d M Y H:i:s', time() + $lifetime) .' GMT');
|
||||||
header('Pragma: ');
|
header('Pragma: ');
|
||||||
|
|
||||||
} else { // Do not cache files in proxies and browsers
|
} else { // Do not cache files in proxies and browsers
|
||||||
if (strpos($CFG->wwwroot, 'https://') === 0) { //https sites - watch out for IE! KB812935 and KB316431
|
if (strpos($CFG->wwwroot, 'https://') === 0) { //https sites - watch out for IE! KB812935 and KB316431
|
||||||
header('Cache-Control: private, max-age=10');
|
header('Cache-Control: private, max-age=10, no-transform');
|
||||||
header('Expires: '. gmdate('D, d M Y H:i:s', 0) .' GMT');
|
header('Expires: '. gmdate('D, d M Y H:i:s', 0) .' GMT');
|
||||||
header('Pragma: ');
|
header('Pragma: ');
|
||||||
} else { //normal http - prevent caching at all cost
|
} else { //normal http - prevent caching at all cost
|
||||||
header('Cache-Control: private, must-revalidate, pre-check=0, post-check=0, max-age=0');
|
header('Cache-Control: private, must-revalidate, pre-check=0, post-check=0, max-age=0, no-transform');
|
||||||
header('Expires: '. gmdate('D, d M Y H:i:s', 0) .' GMT');
|
header('Expires: '. gmdate('D, d M Y H:i:s', 0) .' GMT');
|
||||||
header('Pragma: no-cache');
|
header('Pragma: no-cache');
|
||||||
}
|
}
|
||||||
|
@ -677,7 +677,7 @@ Connection: close
|
|||||||
HTTP/1.0 200 OK
|
HTTP/1.0 200 OK
|
||||||
Server: Apache
|
Server: Apache
|
||||||
X-Lb-Nocache: true
|
X-Lb-Nocache: true
|
||||||
Cache-Control: private, max-age=15
|
Cache-Control: private, max-age=15, no-transform
|
||||||
ETag: "4d69af5d8ba873ea9192c489e151bd7b"
|
ETag: "4d69af5d8ba873ea9192c489e151bd7b"
|
||||||
Content-Type: text/html
|
Content-Type: text/html
|
||||||
Date: Thu, 08 Dec 2011 14:44:53 GMT
|
Date: Thu, 08 Dec 2011 14:44:53 GMT
|
||||||
@ -693,7 +693,7 @@ EOF;
|
|||||||
HTTP/1.0 200 OK
|
HTTP/1.0 200 OK
|
||||||
Server: Apache
|
Server: Apache
|
||||||
X-Lb-Nocache: true
|
X-Lb-Nocache: true
|
||||||
Cache-Control: private, max-age=15
|
Cache-Control: private, max-age=15, no-transform
|
||||||
ETag: "4d69af5d8ba873ea9192c489e151bd7b"
|
ETag: "4d69af5d8ba873ea9192c489e151bd7b"
|
||||||
Content-Type: text/html
|
Content-Type: text/html
|
||||||
Date: Thu, 08 Dec 2011 14:44:53 GMT
|
Date: Thu, 08 Dec 2011 14:44:53 GMT
|
||||||
|
@ -2034,13 +2034,13 @@ function send_headers($contenttype, $cacheable = true) {
|
|||||||
|
|
||||||
if ($cacheable) {
|
if ($cacheable) {
|
||||||
// Allow caching on "back" (but not on normal clicks).
|
// Allow caching on "back" (but not on normal clicks).
|
||||||
@header('Cache-Control: private, pre-check=0, post-check=0, max-age=0');
|
@header('Cache-Control: private, pre-check=0, post-check=0, max-age=0, no-transform');
|
||||||
@header('Pragma: no-cache');
|
@header('Pragma: no-cache');
|
||||||
@header('Expires: ');
|
@header('Expires: ');
|
||||||
} else {
|
} else {
|
||||||
// Do everything we can to always prevent clients and proxies caching.
|
// Do everything we can to always prevent clients and proxies caching.
|
||||||
@header('Cache-Control: no-store, no-cache, must-revalidate');
|
@header('Cache-Control: no-store, no-cache, must-revalidate');
|
||||||
@header('Cache-Control: post-check=0, pre-check=0', false);
|
@header('Cache-Control: post-check=0, pre-check=0, no-transform', false);
|
||||||
@header('Pragma: no-cache');
|
@header('Pragma: no-cache');
|
||||||
@header('Expires: Mon, 20 Aug 1969 09:23:00 GMT');
|
@header('Expires: Mon, 20 Aug 1969 09:23:00 GMT');
|
||||||
@header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
|
@header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
|
||||||
|
@ -111,7 +111,7 @@ if ($rev > 0) {
|
|||||||
$mimetype = get_contenttype_from_ext($ext);
|
$mimetype = get_contenttype_from_ext($ext);
|
||||||
header('HTTP/1.1 304 Not Modified');
|
header('HTTP/1.1 304 Not Modified');
|
||||||
header('Expires: '. gmdate('D, d M Y H:i:s', time() + $lifetime) .' GMT');
|
header('Expires: '. gmdate('D, d M Y H:i:s', time() + $lifetime) .' GMT');
|
||||||
header('Cache-Control: public, max-age='.$lifetime);
|
header('Cache-Control: public, max-age='.$lifetime.', no-transform');
|
||||||
header('Content-Type: '.$mimetype);
|
header('Content-Type: '.$mimetype);
|
||||||
header('Etag: "'.$etag.'"');
|
header('Etag: "'.$etag.'"');
|
||||||
die;
|
die;
|
||||||
@ -217,7 +217,7 @@ function send_cached_image($imagepath, $etag) {
|
|||||||
header('Last-Modified: '. gmdate('D, d M Y H:i:s', filemtime($imagepath)) .' GMT');
|
header('Last-Modified: '. gmdate('D, d M Y H:i:s', filemtime($imagepath)) .' GMT');
|
||||||
header('Expires: '. gmdate('D, d M Y H:i:s', time() + $lifetime) .' GMT');
|
header('Expires: '. gmdate('D, d M Y H:i:s', time() + $lifetime) .' GMT');
|
||||||
header('Pragma: ');
|
header('Pragma: ');
|
||||||
header('Cache-Control: public, max-age='.$lifetime);
|
header('Cache-Control: public, max-age='.$lifetime.', no-transform');
|
||||||
header('Accept-Ranges: none');
|
header('Accept-Ranges: none');
|
||||||
header('Content-Type: '.$mimetype);
|
header('Content-Type: '.$mimetype);
|
||||||
header('Content-Length: '.filesize($imagepath));
|
header('Content-Length: '.filesize($imagepath));
|
||||||
|
@ -98,7 +98,7 @@ if (strpos($path, '/-1/') === false and (!empty($_SERVER['HTTP_IF_NONE_MATCH'])
|
|||||||
header('HTTP/1.1 304 Not Modified');
|
header('HTTP/1.1 304 Not Modified');
|
||||||
header('Last-Modified: '. gmdate('D, d M Y H:i:s', filemtime($imagepath)) .' GMT');
|
header('Last-Modified: '. gmdate('D, d M Y H:i:s', filemtime($imagepath)) .' GMT');
|
||||||
header('Expires: '. gmdate('D, d M Y H:i:s', time() + $lifetime) .' GMT');
|
header('Expires: '. gmdate('D, d M Y H:i:s', time() + $lifetime) .' GMT');
|
||||||
header('Cache-Control: public, max-age='.$lifetime);
|
header('Cache-Control: public, max-age='.$lifetime.', no-transform');
|
||||||
header('Content-Type: '.$mimetype);
|
header('Content-Type: '.$mimetype);
|
||||||
header('Etag: "'.$etag.'"');
|
header('Etag: "'.$etag.'"');
|
||||||
die;
|
die;
|
||||||
@ -117,7 +117,7 @@ function yui_image_cached($imagepath, $imagename, $mimetype, $etag) {
|
|||||||
header('Last-Modified: '. gmdate('D, d M Y H:i:s', filemtime($imagepath)) .' GMT');
|
header('Last-Modified: '. gmdate('D, d M Y H:i:s', filemtime($imagepath)) .' GMT');
|
||||||
header('Expires: '. gmdate('D, d M Y H:i:s', time() + $lifetime) .' GMT');
|
header('Expires: '. gmdate('D, d M Y H:i:s', time() + $lifetime) .' GMT');
|
||||||
header('Pragma: ');
|
header('Pragma: ');
|
||||||
header('Cache-Control: public, max-age=315360000');
|
header('Cache-Control: public, max-age=315360000, no-transform');
|
||||||
header('Accept-Ranges: none');
|
header('Accept-Ranges: none');
|
||||||
header('Content-Type: '.$mimetype);
|
header('Content-Type: '.$mimetype);
|
||||||
header('Content-Length: '.filesize($imagepath));
|
header('Content-Length: '.filesize($imagepath));
|
||||||
|
Loading…
x
Reference in New Issue
Block a user