Remove pre-check from forwarded response headers too

9 years ago · 6bf9c9fe90
3 changed files with 30 additions and 3 deletions
--- a/index.js
+++ b/index.js
@ -22,6 +22,15 @@ function parseCacheControl(header) {
    return cc;
 }

+function formatCacheControl(cc) {
+    let parts = [];
+    for(const k in cc) {
+        const v = cc[k];
+        parts.push(v === true ? k : k + '=' + v);
+    }
+    return parts.join(', ');
+}
+
 module.exports = class CachePolicy {
    constructor(req, res, {shared, cacheHeuristic, ignoreCargoCult, _fromObject} = {}) {
        if (_fromObject) {
@ -53,9 +62,12 @@ module.exports = class CachePolicy {
        // Assume that if someone uses legacy, non-standard uncecessary options they don't understand caching,
        // so there's no point stricly adhering to the blindly copy&pasted directives.
        if (ignoreCargoCult && "pre-check" in this._rescc && "post-check" in this._rescc) {
+            delete this._rescc['pre-check'];
+            delete this._rescc['post-check'];
            delete this._rescc['no-cache'];
            delete this._rescc['no-store'];
            delete this._rescc['must-revalidate'];
+            this._resHeaders = Object.assign({}, this._resHeaders, {'cache-control': formatCacheControl(this._rescc)});
        }

        // When the Cache-Control header field is not present in a request, caches MUST consider the no-cache request pragma-directive
--- a/package.json
+++ b/package.json
@ -1,6 +1,6 @@
 {
  "name": "http-cache-semantics",
-  "version": "3.3.0",
+  "version": "3.3.1",
  "description": "Parses Cache-Control headers and friends",
  "main": "index.js",
  "repository": "https://github.com/pornel/http-cache-semantics.git",
--- a/test/responsetest.js
+++ b/test/responsetest.js
@ -35,17 +35,32 @@ describe('Response headers', function() {
    });

    it('pre-check tolerated', function() {
-        const cache = new CachePolicy(req, {headers:{'cache-control': 'pre-check=0, post-check=0, no-store, no-cache, max-age=100'}});
+        const cc = 'pre-check=0, post-check=0, no-store, no-cache, max-age=100';
+        const cache = new CachePolicy(req, {headers:{'cache-control': cc}});
        assert(cache.stale());
        assert(!cache.storable());
        assert.equal(cache.maxAge(), 0);
+        assert.equal(cache.responseHeaders()['cache-control'], cc);
    });

    it('pre-check poison', function() {
-        const cache = new CachePolicy(req, {headers:{'cache-control': 'pre-check=0, post-check=0, no-cache, no-store, max-age=100'}}, {ignoreCargoCult:true});
+        const origCC = 'pre-check=0, post-check=0, no-cache, no-store, max-age=100, custom, foo=bar';
+        const res = {headers:{'cache-control': origCC}};
+        const cache = new CachePolicy(req, res, {ignoreCargoCult:true});
        assert(!cache.stale());
        assert(cache.storable());
        assert.equal(cache.maxAge(), 100);
+
+        const cc = cache.responseHeaders()['cache-control'];
+        assert(!/pre-check/.test(cc), cc);
+        assert(!/post-check/.test(cc), cc);
+        assert(!/no-store/.test(cc), cc);
+
+        assert(/max-age=100/.test(cc));
+        assert(/custom(,|$)/.test(cc));
+        assert(/foo=bar/.test(cc));
+
+        assert.equal(res.headers['cache-control'], origCC);
    });

    it('cache with expires', function() {