From 488fc86c403b288a3fd73b0c2321bdad316b7668 Mon Sep 17 00:00:00 2001 From: dakkar Date: Fri, 19 Jan 2024 12:30:59 +0000 Subject: [PATCH] return a `Vary: Accept` header for all dual-format endpoints #365 `/users/:user`, `/@:user`, `/notes/:note` return different responses depending on the request's `Accept:` header. If we don't consistently return a `Vary: Accept` header, browsers and caching proxies will get confused, and return AP representations when HTML was requested, or vice versa. --- packages/backend/src/server/ActivityPubServerService.ts | 4 ++++ packages/backend/src/server/web/ClientServerService.ts | 4 ++++ 2 files changed, 8 insertions(+) diff --git a/packages/backend/src/server/ActivityPubServerService.ts b/packages/backend/src/server/ActivityPubServerService.ts index 68e426b5bcf8..4fa6b8afeeb7 100644 --- a/packages/backend/src/server/ActivityPubServerService.ts +++ b/packages/backend/src/server/ActivityPubServerService.ts @@ -648,6 +648,8 @@ export class ActivityPubServerService { }); fastify.get<{ Params: { user: string; } }>('/users/:user', { constraints: { apOrHtml: 'ap' } }, async (request, reply) => { + vary(reply.raw, 'Accept'); + const userId = request.params.user; const user = await this.usersRepository.findOneBy({ @@ -660,6 +662,8 @@ export class ActivityPubServerService { }); fastify.get<{ Params: { user: string; } }>('/@:user', { constraints: { apOrHtml: 'ap' } }, async (request, reply) => { + vary(reply.raw, 'Accept'); + const user = await this.usersRepository.findOneBy({ usernameLower: request.params.user.toLowerCase(), host: IsNull(), diff --git a/packages/backend/src/server/web/ClientServerService.ts b/packages/backend/src/server/web/ClientServerService.ts index 3e35d5415e6b..2de5156feccb 100644 --- a/packages/backend/src/server/web/ClientServerService.ts +++ b/packages/backend/src/server/web/ClientServerService.ts @@ -476,6 +476,8 @@ export class ClientServerService { isSuspended: false, }); + vary(reply.raw, 'Accept'); + if (user != null) { const profile = await this.userProfilesRepository.findOneByOrFail({ userId: user.id }); const meta = await this.metaService.fetch(); @@ -515,6 +517,8 @@ export class ClientServerService { return; } + vary(reply.raw, 'Accept'); + reply.redirect(`/@${user.username}${ user.host == null ? '' : '@' + user.host}`); });