diff --git a/core/includes/bootstrap.inc b/core/includes/bootstrap.inc index aa1cfa4..1f98e87 100644 --- a/core/includes/bootstrap.inc +++ b/core/includes/bootstrap.inc @@ -1252,6 +1252,13 @@ function drupal_serve_page_from_cache(stdClass $cache, Response $response, Reque } } + // If the client sent a session cookie, a cached copy will only be served + // to that one particular client due to Vary: Cookie. Thus, do not set + // max-age > 0, allowing the page to be cached by external proxies, when a + // session cookie is present unless the Vary header has been replaced. + $max_age = !$request->cookies->has(session_name()) || isset($boot_headers['vary']) ? $config->get('cache.page.max_age') : 0; + $response->headers->set('Cache-Control', 'public, max-age=' . $max_age); + // Entity tag should change if the output changes. $response->setEtag($cache->created); @@ -1268,13 +1275,6 @@ function drupal_serve_page_from_cache(stdClass $cache, Response $response, Reque // Second half: we're not returning a 304, so put in other headers. - // If the client sent a session cookie, a cached copy will only be served - // to that one particular client due to Vary: Cookie. Thus, do not set - // max-age > 0, allowing the page to be cached by external proxies, when a - // session cookie is present unless the Vary header has been replaced. - $max_age = !$request->cookies->has(session_name()) || isset($boot_headers['vary']) ? $config->get('cache.page.max_age') : 0; - $response->headers->set('Cache-Control', 'public, max-age=' . $max_age); - // Send the remaining headers. foreach ($cache->data['headers'] as $name => $value) { $response->headers->set($name, $value);