From 15ddabf95a34d834295484d7e4ee21515e6fc9da Mon Sep 17 00:00:00 2001
From: ThibG <thib@sitedethib.com>
Date: Wed, 17 Jul 2019 00:00:39 +0200
Subject: [PATCH] Fix caching headers in ActivityPub endpoints (#11331)

* Fix reverse-proxy caching in public fetch mode

* Fix caching in ActivityPub-specific controllers
---
 app/controllers/activitypub/base_controller.rb        | 9 +++++++++
 app/controllers/activitypub/collections_controller.rb | 2 +-
 app/controllers/activitypub/outboxes_controller.rb    | 2 +-
 app/controllers/activitypub/replies_controller.rb     | 2 +-
 app/controllers/application_controller.rb             | 2 +-
 5 files changed, 13 insertions(+), 4 deletions(-)
 create mode 100644 app/controllers/activitypub/base_controller.rb

diff --git a/app/controllers/activitypub/base_controller.rb b/app/controllers/activitypub/base_controller.rb
new file mode 100644
index 000000000..a3b5c4dfa
--- /dev/null
+++ b/app/controllers/activitypub/base_controller.rb
@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+class ActivityPub::BaseController < Api::BaseController
+  private
+
+  def set_cache_headers
+    response.headers['Vary'] = 'Signature' if authorized_fetch_mode?
+  end
+end
diff --git a/app/controllers/activitypub/collections_controller.rb b/app/controllers/activitypub/collections_controller.rb
index 035467f41..fa925b204 100644
--- a/app/controllers/activitypub/collections_controller.rb
+++ b/app/controllers/activitypub/collections_controller.rb
@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-class ActivityPub::CollectionsController < Api::BaseController
+class ActivityPub::CollectionsController < ActivityPub::BaseController
   include SignatureVerification
   include AccountOwnedConcern
 
diff --git a/app/controllers/activitypub/outboxes_controller.rb b/app/controllers/activitypub/outboxes_controller.rb
index cdfd28ba8..891756b7e 100644
--- a/app/controllers/activitypub/outboxes_controller.rb
+++ b/app/controllers/activitypub/outboxes_controller.rb
@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-class ActivityPub::OutboxesController < Api::BaseController
+class ActivityPub::OutboxesController < ActivityPub::BaseController
   LIMIT = 20
 
   include SignatureVerification
diff --git a/app/controllers/activitypub/replies_controller.rb b/app/controllers/activitypub/replies_controller.rb
index 020c077ab..ab755ed4e 100644
--- a/app/controllers/activitypub/replies_controller.rb
+++ b/app/controllers/activitypub/replies_controller.rb
@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-class ActivityPub::RepliesController < Api::BaseController
+class ActivityPub::RepliesController < ActivityPub::BaseController
   include SignatureAuthentication
   include Authorization
   include AccountOwnedConcern
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 16e7d70a3..26f3b1def 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -160,6 +160,6 @@ class ApplicationController < ActionController::Base
   end
 
   def set_cache_headers
-    response.headers['Vary'] = 'Accept, Signature'
+    response.headers['Vary'] = public_fetch_mode? ? 'Accept' : 'Accept, Signature'
   end
 end