diff --git a/src/Symfony/Component/HttpKernel/EventListener/AbstractSessionListener.php b/src/Symfony/Component/HttpKernel/EventListener/AbstractSessionListener.php
index 4603052e933df..27749b24b2504 100644
--- a/src/Symfony/Component/HttpKernel/EventListener/AbstractSessionListener.php
+++ b/src/Symfony/Component/HttpKernel/EventListener/AbstractSessionListener.php
@@ -200,10 +200,11 @@ public function onKernelResponse(ResponseEvent $event)
}
if ($autoCacheControl) {
+ $maxAge = $response->headers->hasCacheControlDirective('public') ? 0 : (int) $response->getMaxAge();
$response
- ->setExpires(new \DateTime())
+ ->setExpires(new \DateTimeImmutable('+'.$maxAge.' seconds'))
->setPrivate()
- ->setMaxAge(0)
+ ->setMaxAge($maxAge)
->headers->addCacheControlDirective('must-revalidate');
}
diff --git a/src/Symfony/Component/HttpKernel/Tests/EventListener/SessionListenerTest.php b/src/Symfony/Component/HttpKernel/Tests/EventListener/SessionListenerTest.php
index 5e11875bb1db8..96f66354ba7e4 100644
--- a/src/Symfony/Component/HttpKernel/Tests/EventListener/SessionListenerTest.php
+++ b/src/Symfony/Component/HttpKernel/Tests/EventListener/SessionListenerTest.php
@@ -39,6 +39,7 @@ class SessionListenerTest extends TestCase
{
/**
* @dataProvider provideSessionOptions
+ *
* @runInSeparateProcess
*/
public function testSessionCookieOptions(array $phpSessionOptions, array $sessionOptions, array $expectedSessionOptions)
@@ -531,6 +532,64 @@ public function testUninitializedSessionWithoutInitializedSession()
$this->assertSame('60', $response->headers->getCacheControlDirective('s-maxage'));
}
+ public function testResponseHeadersMaxAgeAndExpiresNotBeOverridenIfSessionStarted()
+ {
+ $session = $this->createMock(Session::class);
+ $session->expects($this->exactly(2))->method('getUsageIndex')->will($this->onConsecutiveCalls(0, 1));
+
+ $container = new Container();
+ $container->set('initialized_session', $session);
+
+ $listener = new SessionListener($container);
+ $kernel = $this->createMock(HttpKernelInterface::class);
+
+ $request = new Request();
+ $listener->onKernelRequest(new RequestEvent($kernel, $request, HttpKernelInterface::MAIN_REQUEST));
+
+ $response = new Response();
+ $response->setPrivate();
+ $expiresHeader = gmdate('D, d M Y H:i:s', time() + 600).' GMT';
+ $response->setMaxAge(600);
+ $listener->onKernelResponse(new ResponseEvent($kernel, new Request(), HttpKernelInterface::MAIN_REQUEST, $response));
+
+ $this->assertTrue($response->headers->has('expires'));
+ $this->assertSame($expiresHeader, $response->headers->get('expires'));
+ $this->assertFalse($response->headers->has('max-age'));
+ $this->assertSame('600', $response->headers->getCacheControlDirective('max-age'));
+ $this->assertFalse($response->headers->hasCacheControlDirective('public'));
+ $this->assertTrue($response->headers->hasCacheControlDirective('private'));
+ $this->assertTrue($response->headers->hasCacheControlDirective('must-revalidate'));
+ $this->assertFalse($response->headers->has(AbstractSessionListener::NO_AUTO_CACHE_CONTROL_HEADER));
+ }
+
+ public function testResponseHeadersMaxAgeAndExpiresDefaultValuesIfSessionStarted()
+ {
+ $session = $this->createMock(Session::class);
+ $session->expects($this->exactly(2))->method('getUsageIndex')->will($this->onConsecutiveCalls(0, 1));
+
+ $container = new Container();
+ $container->set('initialized_session', $session);
+
+ $listener = new SessionListener($container);
+ $kernel = $this->createMock(HttpKernelInterface::class);
+
+ $request = new Request();
+ $listener->onKernelRequest(new RequestEvent($kernel, $request, HttpKernelInterface::MAIN_REQUEST));
+
+ $response = new Response();
+ $expiresHeader = gmdate('D, d M Y H:i:s', time()).' GMT';
+ $listener->onKernelResponse(new ResponseEvent($kernel, new Request(), HttpKernelInterface::MAIN_REQUEST, $response));
+
+ $this->assertTrue($response->headers->has('expires'));
+ $this->assertSame($expiresHeader, $response->headers->get('expires'));
+ $this->assertFalse($response->headers->has('max-age'));
+ $this->assertSame('0', $response->headers->getCacheControlDirective('max-age'));
+ $this->assertFalse($response->headers->hasCacheControlDirective('public'));
+ $this->assertTrue($response->headers->hasCacheControlDirective('private'));
+ $this->assertTrue($response->headers->hasCacheControlDirective('must-revalidate'));
+ $this->assertFalse($response->headers->has(AbstractSessionListener::NO_AUTO_CACHE_CONTROL_HEADER));
+ }
+
public function testSurrogateMainRequestIsPublic()
{
$session = $this->createMock(Session::class);
pFad - Phonifier reborn
Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.
Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.
Alternative Proxies:
Alternative Proxy
pFad Proxy
pFad v3 Proxy
pFad v4 Proxy