repo sync
This commit is contained in:
Octomerger Bot
@@ -4,6 +4,7 @@
|
||||
const { contentSecurityPolicy } = require('helmet')
|
||||
const isArchivedVersion = require('../lib/is-archived-version')
|
||||
const versionSatisfiesRange = require('../lib/version-satisfies-range')
|
||||
const AZURE_STORAGE_URL = 'githubdocs.azureedge.net'
|
||||
|
||||
// module.exports = contentSecurityPolicy({
|
||||
module.exports = async (req, res, next) => {
|
||||
@@ -18,13 +19,15 @@ module.exports = async (req, res, next) => {
|
||||
fontSrc: [
|
||||
"'self'",
|
||||
'data:',
|
||||
'github-images.s3.amazonaws.com'
|
||||
'github-images.s3.amazonaws.com',
|
||||
AZURE_STORAGE_URL
|
||||
],
|
||||
imgSrc: [
|
||||
"'self'",
|
||||
'data:',
|
||||
'github.githubassets.com',
|
||||
'github-images.s3.amazonaws.com',
|
||||
AZURE_STORAGE_URL,
|
||||
'placehold.it',
|
||||
'*.githubusercontent.com',
|
||||
'github.com'
|
||||
|
||||
@@ -1,45 +1,8 @@
|
||||
const FASTLY_TTL = process.env.FASTLY_TTL || String(60 * 60 * 24) // 24 hours
|
||||
const STALE_TTL = String(60 * 10) // 10 minutes
|
||||
|
||||
module.exports = (req, res, next) => {
|
||||
const BYPASS_FASTLY = process.env.TEST_BYPASS_FASTLY === 'true'
|
||||
|
||||
// Bypass Fastly caching for all rendered pages
|
||||
if (BYPASS_FASTLY) {
|
||||
// Disallow both Fastly AND the browser from caching HTML pages
|
||||
res.set({
|
||||
'surrogate-control': 'private, no-store',
|
||||
'cache-control': 'private, no-store'
|
||||
})
|
||||
return next()
|
||||
}
|
||||
|
||||
// Disallow both Fastly AND the browser from caching HTML pages
|
||||
res.set({
|
||||
|
||||
// Say you want Fastly to cache your content but you don't want it cached by browsers.
|
||||
// The best way to do this would be to send Fastly both the Cache-Control header as you want
|
||||
// it to go to the browsers, and use Surrogate-Control to tell us how long to cache for.
|
||||
|
||||
// Fastly does not currently respect no-store or no-cache directives.
|
||||
// Including either or both of these in a Cache-Control header has no effect on
|
||||
// Fastly's caching decision, unless you alter this behavior using custom VCL.
|
||||
|
||||
// https://docs.fastly.com/en/guides/configuring-caching
|
||||
'cache-control': 'no-store, must-revalidate',
|
||||
|
||||
// This header gets stripped and is only visible to Fastly caches.
|
||||
// https://docs.fastly.com/en/guides/serving-stale-content#manually-enabling-serve-stale
|
||||
'surrogate-control': `max-age=${FASTLY_TTL}, stale-if-error=${STALE_TTL}, stale-while-revalidate=${STALE_TTL}`,
|
||||
|
||||
// Fastly provides a Soft Purge feature that allows you to mark content as outdated (stale) instead of permanently
|
||||
// purging and thereby deleting it from Fastly's caches. Objects invalidated with Soft Purge will be treated as
|
||||
// outdated (stale) while Fastly fetches a new version from origin.
|
||||
//
|
||||
// Use of a surrogate key is required for soft purging
|
||||
// https://docs.fastly.com/en/guides/soft-purges
|
||||
// https://docs.fastly.com/en/guides/getting-started-with-surrogate-keys
|
||||
'surrogate-key': 'all-the-things'
|
||||
'surrogate-control': 'private, no-store',
|
||||
'cache-control': 'private, no-store'
|
||||
})
|
||||
|
||||
next()
|
||||
return next()
|
||||
}
|
||||
|
||||
@@ -5,6 +5,7 @@ const { describeViaActionsOnly } = require('../helpers/conditional-runs')
|
||||
const path = require('path')
|
||||
const { loadPages } = require('../../lib/pages')
|
||||
const builtAssets = require('../../lib/built-asset-urls')
|
||||
const AZURE_STORAGE_URL = 'githubdocs.azureedge.net'
|
||||
|
||||
describe('server', () => {
|
||||
jest.setTimeout(60 * 1000)
|
||||
@@ -45,12 +46,14 @@ describe('server', () => {
|
||||
|
||||
expect(csp.get('font-src').includes("'self'")).toBe(true)
|
||||
expect(csp.get('font-src').includes('github-images.s3.amazonaws.com')).toBe(true)
|
||||
expect(csp.get('font-src').includes(AZURE_STORAGE_URL)).toBe(true)
|
||||
|
||||
expect(csp.get('connect-src').includes("'self'")).toBe(true)
|
||||
expect(csp.get('connect-src').includes('*.algolia.net')).toBe(true)
|
||||
expect(csp.get('connect-src').includes('*.algolianet.com')).toBe(true)
|
||||
|
||||
expect(csp.get('img-src').includes("'self'")).toBe(true)
|
||||
expect(csp.get('img-src').includes(AZURE_STORAGE_URL)).toBe(true)
|
||||
expect(csp.get('img-src').includes('github-images.s3.amazonaws.com')).toBe(true)
|
||||
|
||||
expect(csp.get('script-src').includes("'self'")).toBe(true)
|
||||
@@ -59,16 +62,7 @@ describe('server', () => {
|
||||
expect(csp.get('style-src').includes("'unsafe-inline'")).toBe(true)
|
||||
})
|
||||
|
||||
test('sets Fastly cache control headers', async () => {
|
||||
const res = await get('/en')
|
||||
expect(res.headers['cache-control']).toBe('no-store, must-revalidate')
|
||||
expect(res.headers['surrogate-control']).toBe('max-age=86400, stale-if-error=600, stale-while-revalidate=600')
|
||||
expect(res.headers['surrogate-key']).toBe('all-the-things')
|
||||
})
|
||||
|
||||
test('sets Fastly cache control headers to bypass if enabled', async () => {
|
||||
process.env.TEST_BYPASS_FASTLY = 'true'
|
||||
|
||||
test('sets Fastly cache control headers to bypass pages', async () => {
|
||||
const res = await get('/en')
|
||||
expect(res.headers['cache-control']).toBe('private, no-store')
|
||||
expect(res.headers['surrogate-control']).toBe('private, no-store')
|
||||
|
||||
Reference in New Issue
Block a user