Giter Site home page Giter Site logo

no_cache_control's Introduction

NoCacheControl

If you're building paranoid software where security must be bullet-proof, one concern is that Authenticated pages should not be browser cached.

This is due to fact that even when user is logged out, someone may sit at users computer and click browser back button and see the restricted data.

Gem will set these headers:

Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: -1

If you are building next-gen Twitter app then this is a bad idea because you want to cache as much as possible. But when you're building comertial dashboard, payment software, ... then you should set those headers.

Installation

Add this line to your application's Gemfile:

gem 'no_cache_control'

And then execute:

$ bundle

Or install it yourself as:

$ gem install no_cache_control

Usage

Gem will append these headers to all your controllers, you don't need to do anything else.

whitelisting controllers that should be cached

class MyCachableController < ActionController::Base
  skip_before_filter :set_no_cache_control  # rails 3 
  skip_before_action :set_no_cache_control  # rails 4
end

Now when I render MyCachableController the headers will be default Rails headers

How to test if it works

No tests for this project as this is deep integration thing. (If anyone want to write a test I'm more than happy to merge it in ๐Ÿ˜Š )

The only way how you can test it is to lunch your Rails server and:

  • open browser, go to the website, and view page headers (like with web developer tools plugin; then click in toolbar Information > View Response header)
  • curl http://0.0.0.0:3000/ -v

Tested Versions

Gem should work potentionally on any application that uses ActionController (meaning all Rails versions) but we've tested only these:

  • works on Rails 4.1.x
  • works on Rails 3.2.x (only under Production env, more info here and here

Please update this README file if you confirm any other

Contributing

  1. Fork it ( https://github.com/[my-github-username]/no_cache_control/fork )
  2. Create your feature branch (git checkout -b my-new-feature)
  3. Commit your changes (git commit -am 'Add some feature')
  4. Push to the branch (git push origin my-new-feature)
  5. Create a new Pull Request

no_cache_control's People

Contributors

equivalent avatar

Stargazers

avatar avatar avatar avatar avatar

Watchers

avatar avatar

Forkers

dcalixto paymaya nnhansg

no_cache_control's Issues

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.