.../Core/EventSubscriber/FinishResponseSubscriber.php | 16 ---------------- core/modules/views/src/Tests/Plugin/AccessTest.php | 1 + 2 files changed, 1 insertion(+), 16 deletions(-) diff --git a/core/lib/Drupal/Core/EventSubscriber/FinishResponseSubscriber.php b/core/lib/Drupal/Core/EventSubscriber/FinishResponseSubscriber.php index 269d452..c1daada 100644 --- a/core/lib/Drupal/Core/EventSubscriber/FinishResponseSubscriber.php +++ b/core/lib/Drupal/Core/EventSubscriber/FinishResponseSubscriber.php @@ -139,22 +139,6 @@ public function onRespond(FilterResponseEvent $event) { $this->updateDrupalCacheHeaders($response, $access_result); } - // The 'user.permissions' cache context ensures that if the permissions for - // a role are modified, users aren't served stale render cache content. But, - // when entire responses are cached in reverse proxies, the value for the - // cache context is never calculated, causing the stale response to not be - // invalidated. Therefore, when varying by permissions and the current user - // is the anonymous user, also add the cache tag for the 'anonymous' role. - $cache_contexts = $response->headers->get('X-Drupal-Cache-Contexts'); - if ($cache_contexts && in_array('user.permissions', explode(' ', $cache_contexts)) && \Drupal::currentUser()->isAnonymous()) { - $cache_tags = ['config:user.role.anonymous']; - if ($response->headers->get('X-Drupal-Cache-Tags')) { - $existing_cache_tags = explode(' ', $response->headers->get('X-Drupal-Cache-Tags')); - $cache_tags = Cache::mergeTags($existing_cache_tags, $cache_tags); - } - $response->headers->set('X-Drupal-Cache-Tags', implode(' ', $cache_tags)); - } - $is_cacheable = ($this->requestPolicy->check($request) === RequestPolicyInterface::ALLOW) && ($this->responsePolicy->check($response, $request) !== ResponsePolicyInterface::DENY); // Add headers necessary to specify whether the response should be cached by diff --git a/core/modules/views/src/Tests/Plugin/AccessTest.php b/core/modules/views/src/Tests/Plugin/AccessTest.php index c756706..715ebd5 100644 --- a/core/modules/views/src/Tests/Plugin/AccessTest.php +++ b/core/modules/views/src/Tests/Plugin/AccessTest.php @@ -107,6 +107,7 @@ function testStaticAccessPlugin() { // route's access requirements. That means that the 403 from above does // not have any cache tags, so modifying the View entity does not cause // the cached 403 page to be invalidated. + // Remove as part of https://www.drupal.org/node/2464657. Cache::invalidateTags(['rendered']); $this->assertTrue($access_plugin->access($this->normalUser));