From 38f1275fc66e8d21605ef9ad8f5bba892425d064 Mon Sep 17 00:00:00 2001
From: Joshua Fontany <joshua.fontany@gmail.com>
Date: Tue, 9 Apr 2024 21:53:58 -0700
Subject: [PATCH 1/5] cache-control no-store by default

---
 core/modules/server/server.js | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/core/modules/server/server.js b/core/modules/server/server.js
index 258ddfa3179..2c43c9f2313 100644
--- a/core/modules/server/server.js
+++ b/core/modules/server/server.js
@@ -141,6 +141,12 @@ function sendResponse(request,response,statusCode,headers,data,encoding) {
 			}
 		}
 	}
+	else
+	{
+		// broswers will try to cache 200, 203, 204, 206, 300, 301, 
+		// 404, 405, 410, 414, and 501 unless given explicit cache controls
+		headers["Cache-Control"] = "no-store";
+	}
 	/*
 	If the gzip=yes is set, check if the user agent permits compression. If so,
 	compress our response if the raw data is bigger than 2k. Compressing less

From 1ae9a71539a351f305baff8bf42e16292efa652d Mon Sep 17 00:00:00 2001
From: Joshua Fontany <joshua.fontany@gmail.com>
Date: Tue, 9 Apr 2024 21:56:13 -0700
Subject: [PATCH 2/5] clarify comment spec reference

---
 core/modules/server/server.js | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/core/modules/server/server.js b/core/modules/server/server.js
index 2c43c9f2313..6893ed53991 100644
--- a/core/modules/server/server.js
+++ b/core/modules/server/server.js
@@ -143,7 +143,8 @@ function sendResponse(request,response,statusCode,headers,data,encoding) {
 	}
 	else
 	{
-		// broswers will try to cache 200, 203, 204, 206, 300, 301, 
+		// RFC 7231, 6.1. Overview of Status Codes:
+		// Broswer clients may cache 200, 203, 204, 206, 300, 301, 
 		// 404, 405, 410, 414, and 501 unless given explicit cache controls
 		headers["Cache-Control"] = "no-store";
 	}

From 00bb39ea4a4ce1e7dbfea460adfb6b9ab97a80d1 Mon Sep 17 00:00:00 2001
From: Joshua Fontany <joshua.fontany@gmail.com>
Date: Tue, 9 Apr 2024 22:01:28 -0700
Subject: [PATCH 3/5] comment typo

---
 core/modules/server/server.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/modules/server/server.js b/core/modules/server/server.js
index 6893ed53991..c02a29cacc6 100644
--- a/core/modules/server/server.js
+++ b/core/modules/server/server.js
@@ -144,7 +144,7 @@ function sendResponse(request,response,statusCode,headers,data,encoding) {
 	else
 	{
 		// RFC 7231, 6.1. Overview of Status Codes:
-		// Broswer clients may cache 200, 203, 204, 206, 300, 301, 
+		// Browser clients may cache 200, 203, 204, 206, 300, 301, 
 		// 404, 405, 410, 414, and 501 unless given explicit cache controls
 		headers["Cache-Control"] = "no-store";
 	}

From c7ca6c7a24d01b3fc54dbc52877278f2eb63cff3 Mon Sep 17 00:00:00 2001
From: Joshua Fontany <joshua.fontany@gmail.com>
Date: Wed, 10 Apr 2024 18:36:43 -0700
Subject: [PATCH 4/5] fix else formatting

---
 core/modules/server/server.js | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/core/modules/server/server.js b/core/modules/server/server.js
index c02a29cacc6..1fa1caf3ddf 100644
--- a/core/modules/server/server.js
+++ b/core/modules/server/server.js
@@ -140,9 +140,7 @@ function sendResponse(request,response,statusCode,headers,data,encoding) {
 				return;
 			}
 		}
-	}
-	else
-	{
+	} else {
 		// RFC 7231, 6.1. Overview of Status Codes:
 		// Browser clients may cache 200, 203, 204, 206, 300, 301, 
 		// 404, 405, 410, 414, and 501 unless given explicit cache controls

From c5ced20f76caacc40b7b7f254e93c9129d404a8f Mon Sep 17 00:00:00 2001
From: Joshua Fontany <joshua.fontany@gmail.com>
Date: Thu, 11 Apr 2024 10:56:28 -0700
Subject: [PATCH 5/5] Update server.js

allow route definitions to set their own cache-control
---
 core/modules/server/server.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/modules/server/server.js b/core/modules/server/server.js
index 1fa1caf3ddf..d3c98f8fc2c 100644
--- a/core/modules/server/server.js
+++ b/core/modules/server/server.js
@@ -144,7 +144,7 @@ function sendResponse(request,response,statusCode,headers,data,encoding) {
 		// RFC 7231, 6.1. Overview of Status Codes:
 		// Browser clients may cache 200, 203, 204, 206, 300, 301, 
 		// 404, 405, 410, 414, and 501 unless given explicit cache controls
-		headers["Cache-Control"] = "no-store";
+		headers["Cache-Control"] = headers["Cache-Control"] || "no-store";
 	}
 	/*
 	If the gzip=yes is set, check if the user agent permits compression. If so,