id	summary	reporter	owner	description	type	status	component	version	severity	resolution	keywords	cc	stage	has_patch	needs_docs	needs_tests	needs_better_patch	easy	ui_ux
17590	patch_response_headers clips the cache_timeout value inappropriately	Calvin Spealman	nobody	"Specifically, add_never_cache_headers() wants to pass a negative cache_timeout to produce a expiration in the past, but before the expiration is set the cache_timeout is clipped to no less than 0. The result is the expiration is the current time, not the past.

{{{
def patch_response_headers(response, cache_timeout=None):
    """"""
    Adds some useful headers to the given HttpResponse object:
        ETag, Last-Modified, Expires and Cache-Control

    Each header is only added if it isn't already set.

    cache_timeout is in seconds. The CACHE_MIDDLEWARE_SECONDS setting is used
    by default.
    """"""
    if cache_timeout is None:
        cache_timeout = settings.CACHE_MIDDLEWARE_SECONDS
    if cache_timeout < 0:
        cache_timeout = 0 # Can't have max-age negative
    if settings.USE_ETAGS and not response.has_header('ETag'):
        if hasattr(response, 'render') and callable(response.render):
            response.add_post_render_callback(_set_response_etag)
        else:
            response = _set_response_etag(response)
    if not response.has_header('Last-Modified'):
        response['Last-Modified'] = http_date()
    if not response.has_header('Expires'):
        response['Expires'] = http_date(time.time() + cache_timeout)
    patch_cache_control(response, max_age=cache_timeout)

def add_never_cache_headers(response):
    """"""
    Adds headers to a response to indicate that a page should never be cached.
    """"""
    patch_response_headers(response, cache_timeout=-1)
}}}
"	Bug	closed	Core (Cache system)	dev	Normal	invalid			Unreviewed	0	0	0	0	0	0