From dd811e6c700a573979b30dfddafcb59fcc328289 Mon Sep 17 00:00:00 2001 From: chme Date: Sat, 29 Aug 2020 12:40:49 +0200 Subject: [PATCH] [jsonapi] Prevent browsers to cache playlist tracks The tracks of a smart playlist might change between library rescans. Allowing them to be cached based on the last rescan timestamp ("Last-Modified" header in the response) leads to potentially showing incorrect track listing if a cached version is used. Thus the response for playlist tracks should never be cached by the browser (this is achieved with setting "Cache-Control" header to "no-store"). --- src/httpd.c | 16 ++++++++++++++++ src/httpd.h | 3 +++ src/httpd_jsonapi.c | 4 ++-- 3 files changed, 21 insertions(+), 2 deletions(-) diff --git a/src/httpd.c b/src/httpd.c index 29a347d5..8a12d5e7 100644 --- a/src/httpd.c +++ b/src/httpd.c @@ -344,6 +344,22 @@ httpd_request_not_modified_since(struct evhttp_request *req, time_t mtime) return false; } +void +httpd_response_not_cachable(struct evhttp_request *req) +{ + struct evkeyvalq *output_headers; + + output_headers = evhttp_request_get_output_headers(req); + + // Remove potentially set cache control headers + evhttp_remove_header(output_headers, "Cache-Control"); + evhttp_remove_header(output_headers, "Last-Modified"); + evhttp_remove_header(output_headers, "ETag"); + + // Tell clients that they are not allowed to cache this response + evhttp_add_header(output_headers, "Cache-Control", "no-store"); +} + static void serve_file(struct evhttp_request *req, const char *uri) { diff --git a/src/httpd.h b/src/httpd.h index de295442..dc0479af 100644 --- a/src/httpd.h +++ b/src/httpd.h @@ -107,6 +107,9 @@ httpd_request_not_modified_since(struct evhttp_request *req, time_t mtime); bool httpd_request_etag_matches(struct evhttp_request *req, const char *etag); +void +httpd_response_not_cachable(struct evhttp_request *req); + /* * Gzips an evbuffer * diff --git a/src/httpd_jsonapi.c b/src/httpd_jsonapi.c index d3eea58c..0c6525b8 100644 --- a/src/httpd_jsonapi.c +++ b/src/httpd_jsonapi.c @@ -3516,8 +3516,8 @@ jsonapi_reply_library_playlist_tracks(struct httpd_request *hreq) int total; int ret = 0; - if (!is_modified(hreq->req, DB_ADMIN_DB_MODIFIED)) - return HTTP_NOTMODIFIED; + // Due to smart playlists possibly changing their tracks between rescans, disable caching in clients + httpd_response_not_cachable(hreq->req); ret = safe_atoi32(hreq->uri_parsed->path_parts[3], &playlist_id); if (ret < 0)