This repository has been archived on 2024-06-09. You can view files and clone it, but you cannot make any changes to it's state, such as pushing and creating new issues, pull requests or comments.

Daniel Axtens 4d85c27d1a Add 'private' to Cache-Control, match Rails expectations (#20608) ... Several controlers set quite intricate Cache-Control headers in order to hopefully not be cached by any intermediate proxies or local caches. Unfortunately, these headers are processed by ActionDispatch::HTTP::Cache in a way that squashes and discards any values set alongside no-store other than private: 8015c2c2cf/actionpack/lib/action_dispatch/http/cache.rb (L207-L209) We want to preserve no-store on these responses, but we might as well remove parts that are going to be dropped anyway. As many of the endpoints in these controllers are private to a particular user, we should also add "private", which will be preserved alongside no-store.		2022-11-16 04:56:30 +01:00
..
challenges_controller.rb	Add password challenge to 2FA settings, e-mail notifications (#11878)	2019-09-18 16:37:27 +02:00
confirmations_controller.rb	Fix confirmation redirect to app without Location header (#18523)	2022-05-26 22:03:54 +02:00
omniauth_callbacks_controller.rb	Fix crash when external auth provider has no display_name set (#19962)	2022-11-07 15:43:24 +01:00
passwords_controller.rb	Fix reviving revoked sessions and invalidating login (#16943)	2021-11-06 00:13:58 +01:00
registrations_controller.rb	Add 'private' to Cache-Control, match Rails expectations (#20608)	2022-11-16 04:56:30 +01:00
sessions_controller.rb	Fix suspicious sign-in mails never being sent (#18599)	2022-06-21 15:16:22 +02:00
setup_controller.rb	Change unconfirmed user login behaviour (#11375)	2019-07-22 10:48:50 +02:00