[BUGFIX] Send no-cache headers in t3lib_userauth
authorAlexander Stehlik <alexander.stehlik@googlemail.com>
Fri, 1 Apr 2011 17:32:21 +0000 (19:32 +0200)
committerThorsten Kahler <thorsten.kahler@dkd.de>
Thu, 4 Aug 2011 09:21:02 +0000 (11:21 +0200)
Adjust headers sent by t3lib_userauth to prevent caching, if Internet
Explorer is used when downloading files through PHP.

Resolves: #24125
Releases: 4.3, 4.4, 4.5

Change-Id: I9ebe84174256263b8b0cae6cf9db58da76985a96
Reviewed-on: http://review.typo3.org/1417
Reviewed-by: Helmut Hummel
Tested-by: Helmut Hummel
Reviewed-by: Thorsten Kahler
t3lib/class.t3lib_userauth.php

index 15a9e37..ef8c54b 100644 (file)
@@ -246,8 +246,25 @@ abstract class t3lib_userAuth {
                if ($this->sendNoCacheHeaders) {
                        header('Expires: 0');
                        header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
-                       header('Cache-Control: no-cache, must-revalidate');
-                       header('Pragma: no-cache');
+
+                       $cacheControlHeader = 'no-cache, must-revalidate';
+                       $pragmaHeader = 'no-cache';
+
+                               // Prevent error message in IE when using a https connection
+                               // see http://forge.typo3.org/issues/24125
+                       $clientInfo = t3lib_div::clientInfo();
+                       if (($clientInfo['BROWSER'] === 'msie') && t3lib_div::getIndpEnv('TYPO3_SSL')) {
+
+                                               // Some IEs can not handle no-cache
+                                               // see http://support.microsoft.com/kb/323308/en-us
+                                       $cacheControlHeader = 'must-revalidate';
+
+                                               // IE needs "Pragma: private" if SSL connection
+                                       $pragmaHeader = 'private';
+                       }
+
+                       header('Cache-Control: ' . $cacheControlHeader);
+                       header('Pragma: ' . $pragmaHeader);
                }
 
                        // Set $this->gc_time if not explicitely specified