From fb309f3d4f49b56464e3dd97d6540e092294baf2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E3=81=8B=E3=81=A3=E3=81=93=E3=81=8B=E3=82=8A?= <67428053+kakkokari-gtyih@users.noreply.github.com> Date: Sun, 21 Jan 2024 18:14:42 +0900 Subject: [PATCH] return a `Vary: Accept` header for all dual-format endpoints #365 (#13044) `/users/:user`, `/@:user`, `/notes/:note` return different responses depending on the request's `Accept:` header. If we don't consistently return a `Vary: Accept` header, browsers and caching proxies will get confused, and return AP representations when HTML was requested, or vice versa. Co-authored-by: dakkar Co-authored-by: syuilo --- packages/backend/src/server/ActivityPubServerService.ts | 4 ++++ packages/backend/src/server/web/ClientServerService.ts | 4 ++++ 2 files changed, 8 insertions(+) diff --git a/packages/backend/src/server/ActivityPubServerService.ts b/packages/backend/src/server/ActivityPubServerService.ts index 68e426b5bc..4fa6b8afee 100644 --- a/packages/backend/src/server/ActivityPubServerService.ts +++ b/packages/backend/src/server/ActivityPubServerService.ts @@ -648,6 +648,8 @@ export class ActivityPubServerService { }); fastify.get<{ Params: { user: string; } }>('/users/:user', { constraints: { apOrHtml: 'ap' } }, async (request, reply) => { + vary(reply.raw, 'Accept'); + const userId = request.params.user; const user = await this.usersRepository.findOneBy({ @@ -660,6 +662,8 @@ export class ActivityPubServerService { }); fastify.get<{ Params: { user: string; } }>('/@:user', { constraints: { apOrHtml: 'ap' } }, async (request, reply) => { + vary(reply.raw, 'Accept'); + const user = await this.usersRepository.findOneBy({ usernameLower: request.params.user.toLowerCase(), host: IsNull(), diff --git a/packages/backend/src/server/web/ClientServerService.ts b/packages/backend/src/server/web/ClientServerService.ts index 3e35d5415e..2de5156fec 100644 --- a/packages/backend/src/server/web/ClientServerService.ts +++ b/packages/backend/src/server/web/ClientServerService.ts @@ -476,6 +476,8 @@ export class ClientServerService { isSuspended: false, }); + vary(reply.raw, 'Accept'); + if (user != null) { const profile = await this.userProfilesRepository.findOneByOrFail({ userId: user.id }); const meta = await this.metaService.fetch(); @@ -515,6 +517,8 @@ export class ClientServerService { return; } + vary(reply.raw, 'Accept'); + reply.redirect(`/@${user.username}${ user.host == null ? '' : '@' + user.host}`); });