如何设置缓存控制:Spring 4.2或更高版本中的applicationContext.xml私有 [英] How to set Cache-control: private with applicationContext.xml in Spring 4.2 or later
问题描述
如何在Spring 4.2或更高版本中将Cache-control设置为applicationContext.xml私有?
How to set Cache-control: private with applicationContext.xml in Spring 4.2 or later?
缓存控制:可以从Spring 4.1中的 applicationContext.xml 设置HTTP标头,如下所示:
Cache-control: HTTP headers can be set from applicationContext.xml in Spring 4.1 like this:
<mvc:interceptors>
<bean id="webContentInterceptor"
class="org.springframework.web.servlet.mvc.WebContentInterceptor">
<property name="cacheSeconds" value="0"/>
<property name="useExpiresHeader" value="true"/>
<property name="useCacheControlHeader" value="true"/>
<property name="useCacheControlNoStore" value="true"/>
</bean>
</mvc:interceptors>
有一些基于注释的实现,例如 https://github.com/foo4u/spring-mvc-cache-control ,但我更喜欢基于XML的配置,因为我必须根据测试/生产环境更改HTTP标头(例如,如果页面返回 Cache-Control:私有,不存储,不缓存,必须重新验证,并使反CSRF令牌不匹配.
There are some annotation-based implementations like https://github.com/foo4u/spring-mvc-cache-control , but I prefer XML based configuration because I have to change HTTP headers according to testing/production environment (e.g. Chrome sends another request for "View page source" if the page returned with Cache-Control: private, no-store, no-cache, must-revalidate, and make anti-CSRF tokens unmatch).
从Spring 4.2开始不推荐使用这些设置.此外,不能从这些设置中设置 Cache-control:private .因为某些CDN提供程序仅在http标头包含 Cache-Control:private 时才存储内容,因此此HTTP标头的支持对于使用CDN的系统至关重要.例如 http://tech.mercari.com/entry/2017/06/22/204500 或 https://community.fastly.com/t/fastly-ttl/882 .
These settings are deprecated as of Spring 4.2.
Additionally, Cache-control: private cannot be set from these settings. Because some CDN provider do not store contents if and only if http header contaings Cache-Control: private, the support for this HTTP header is critical for the system that uses CDNs. e.g. http://tech.mercari.com/entry/2017/06/22/204500 or https://community.fastly.com/t/fastly-ttl/882 .
因此,为了安全起见,我正在寻找从 applicationContext.xml 设置Cache-Control:私有HTTP标头的方法.
So I am looking for the way to set Cache-Control: private HTTP header from applicationContext.xml for the sake of safety.
推荐答案
It seems to be there is no XML out-of-the-box support in Spring 4.2+. As you can see here, there is no set method for cacheControlMappings of WebContentInterceptor, so there is no chance to write values from XML configuration into it; and this map is intended to store url-cache-control mappings. However, CacheControl class has public cachePrivate method, that is possible to be used for registering custom configurations (I think that could be done with respect to dev or prod profiles); for example:
@Override
public void addResourceHandlers(ResourceHandlerRegistry registry) {
CacheControl cacheControl = CacheControl.empty().cachePrivate();
registry.addResourceHandler("/**")
.setCacheControl(cacheControl);
}
或直接在您的控制器中(也可能取决于活动配置文件):
Or directly in your controller (could be dependent on active profile too):
@RequestMapping(value = "/test")
public ResponseEntity<?> doHandleRequest () {
CacheControl cacheControl = CacheControl.empty().cachePrivate();
return ResponseEntity.ok()
.cacheControl(cacheControl);
}
如果您确实需要利用XML配置,没有人会阻止您使用适当的方法和逻辑编写 WebContentInterceptor 的自定义子类,幸运的是, WebContentInterceptor 具有 addCacheMapping 方法.
If you certainly need to utilize XML configuration, nobody prevents you from writing custom subclass of WebContentInterceptor with appropriate methods and logic, luckily, WebContentInterceptor has addCacheMapping method.
这篇关于如何设置缓存控制:Spring 4.2或更高版本中的applicationContext.xml私有的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
