extend no-cache for more controllers (#554)

opencollective · Apr 12, 2024 · 078dbff · 078dbff
1 parent fcf424c
commit 078dbff
Show file tree

Hide file tree

Showing 3 changed files with 7 additions and 2 deletions.
diff --git a/src/server/controllers/account-contributors.js b/src/server/controllers/account-contributors.js
@@ -188,6 +188,10 @@ const accountContributors = async (req, res) => {
     switch (req.params.format) {
       case 'txt':
       case 'csv': {
+        // don't cache at CDN level as the result may contain private information
+        if (authorization || apiKey || personalToken) {
+          res.append('Cache-Control', 'no-cache');
+        }
         if (req.params.format === 'csv') {
           res.append('Content-Type', `text/csv;charset=utf-8`);
         } else {

diff --git a/src/server/controllers/account-transactions.js b/src/server/controllers/account-transactions.js
@@ -653,6 +653,7 @@ const accountTransactions = async (req, res) => {
     switch (req.params.format) {
       case 'txt':
       case 'csv': {
+        // don't cache at CDN level as the result may contain private information
         if (authorization || apiKey || personalToken) {
           res.append('Cache-Control', 'no-cache');
         }

diff --git a/src/server/controllers/members.js b/src/server/controllers/members.js
@@ -38,8 +38,8 @@ export async function list(req, res, next) {
     headers['Personal-Token'] = personalToken;
   }
 
-  // don't cache at CDN level as the result contains private information
-  if (Object.keys(headers).length) {
+  // don't cache at CDN level as the result may contain private information
+  if (authorization || apiKey || personalToken) {
     res.setHeader('cache-control', 'no-cache');
   }