[wp-trac] [WordPress Trac] #61711: Password-protected pages lacking appropriate 'Cache-Control' request header
WordPress Trac
noreply at wordpress.org
Thu Jan 23 19:58:30 UTC 2025
#61711: Password-protected pages lacking appropriate 'Cache-Control' request header
-------------------------------------------------+-------------------------
Reporter: brevilo | Owner:
| johnbillion
Type: defect (bug) | Status: accepted
Priority: normal | Milestone: 6.8
Component: Posts, Post Types | Version: 2.0.5
Severity: normal | Resolution:
Keywords: has-patch has-testing-info has- | Focuses:
unit-tests 2nd-opinion |
-------------------------------------------------+-------------------------
Comment (by brevilo):
Thanks John, you might be right there. I opted for `private` in my
proposed fix as I wanted to take the reverse proxy cache entirely out of
the equation, to be on the safe side with regards to fixing the problem I
saw.
I didn't question the alternative approach by haozi since it also fixed
the problem in my tests and my experience with reverse proxy caching is
limited.
So, yes, `private` is less efficient, but that's probably justified for
protected content. The same is probably true for when to send that header.
I'd expect that to be required for the password entry page as well as for
the protected pages themselves.
Cheers
--
Ticket URL: <https://core.trac.wordpress.org/ticket/61711#comment:24>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list