Hello,
I have a foreign php-app and try to find the location where the cache-control is defined.
The header output is
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
I scanned the complete site for things like
cache-control
HttpResponse::setCacheControl
session_cache_limiter
but could not find anything.
Where could it be hidden?
Do things like output buffing add headers?
Thanks for suggestions.
Flözen
It can be set from php with the function [fphp]header[/fphp] or it may be configured in the webserver or in a proxy/loadbalancer, if there is one.
When set with header, I would find
header("cache-control:
… somewhere…
The server does not add it. Othere files are delivered without the cache-control header.
So these both option can be excluded.
Further suggestions?
Which files has these headers? There are some modules for Apache that will add headers for certain filetypes.
All pages generated by the CMS have these headers, so these files are php files.
But not all PHP files do have such a header.
These headers in the CMS are also produced, when Apache is set to
ExpiresActive Off
In that case, I would suggest that you look at all calls to header. It might be a variable that you should be looking for. Eg. something like header($foo)
But $foo must be defined somewhere too. So I should at least find words like cache or cache-control…?!
I agree. But it could be read from many places. A config file or a database or some such thing. If you already grepped the code (case-insensitively), then I would find all calls to header and work back from there.
You said you scanned for session_cache_limiter, but did you check the value? It has a default, and I know I’ve seen that combination of values as a default before. All or part of it can be set via config file. You also might want to strategically sprinkle the code with calls to headers_list(). You might be able to divide and conquer your way to the origin.