Commits

Rob van der Linde committed 297e31e

Fix possible issue with page cache being used from other sites that are running on the same server (again!!) by adding more randomness and using the SECRET_KEY as part of generating the cache key hash.

Comments (1)

Files changed (1)

rvcms/cms/middleware.py

             url = "http://" + request.META["HTTP_HOST"] + request.path
             if request.META["QUERY_STRING"]:
                 url += "?" + request.META["QUERY_STRING"]
-            url_hash = hashlib.md5(url).hexdigest()
+            cache_key = "page_cache_%s" % hashlib.md5(settings.SECRET_KEY + url).hexdigest()
 
-            prev_date = cache.get(url_hash)
+            prev_date = cache.get(cache_key)
             if not prev_date:
                 prev_date = http_date()
-                cache.set(url_hash, prev_date)
+                cache.set(cache_key, prev_date)
                 response["Last-Modified"] = prev_date
             response["Date"] = http_date()
 
Tip: Filter by directory path e.g. /media app.js to search for public/media/app.js.
Tip: Use camelCasing e.g. ProjME to search for ProjectModifiedEvent.java.
Tip: Filter by extension type e.g. /repo .js to search for all .js files in the /repo directory.
Tip: Separate your search with spaces e.g. /ssh pom.xml to search for src/ssh/pom.xml.
Tip: Use ↑ and ↓ arrow keys to navigate and return to view the file.
Tip: You can also navigate files with Ctrl+j (next) and Ctrl+k (previous) and view the file with Ctrl+o.
Tip: You can also navigate files with Alt+j (next) and Alt+k (previous) and view the file with Alt+o.