Fixed #30594 -- Added 'private' Cache-Control directive to never_cache() decorator.

2019-06-25 15:15:00 +09:00 · 2019-06-25 15:15:00 +09:00 · a289e79679
parent 8454f6dea4
commit a289e79679
5 changed files with 18 additions and 7 deletions
--- a/django/utils/cache.py
+++ b/django/utils/cache.py
@ -250,7 +250,7 @@ def add_never_cache_headers(response):
    Add headers to a response to indicate that a page should never be cached.
    """
    patch_response_headers(response, cache_timeout=-1)
-    patch_cache_control(response, no_cache=True, no_store=True, must_revalidate=True)
+    patch_cache_control(response, no_cache=True, no_store=True, must_revalidate=True, private=True)


 def patch_vary_headers(response, newheaders):
--- a/docs/ref/utils.txt
+++ b/docs/ref/utils.txt
@ -62,8 +62,13 @@ need to distinguish caches by the ``Accept-language`` header.

 .. function:: add_never_cache_headers(response)

-    Adds a ``Cache-Control: max-age=0, no-cache, no-store, must-revalidate``
-    header to a response to indicate that a page should never be cached.
+    Adds a ``Cache-Control: max-age=0, no-cache, no-store, must-revalidate,
+    private`` header to a response to indicate that a page should never be
+    cached.
+
+    .. versionchanged:: 3.0
+
+        ``private`` directive was added.

 .. function:: patch_vary_headers(response, newheaders)

--- a/docs/releases/3.0.txt
+++ b/docs/releases/3.0.txt
@ -167,7 +167,9 @@ Minor features
 Cache
 ~~~~~

-* ...
+* :func:`~django.utils.cache.add_never_cache_headers` and
+  :func:`~django.views.decorators.cache.never_cache` now adds ``private``
+  directive to a ``Cache-Control`` header.

 CSRF
 ~~~~
--- a/docs/topics/http/decorators.txt
+++ b/docs/topics/http/decorators.txt
@ -119,5 +119,9 @@ client-side caching.
 .. function:: never_cache(view_func)

    This decorator adds a ``Cache-Control: max-age=0, no-cache, no-store,
-    must-revalidate`` header to a response to indicate that a page should never
-    be cached.
+    must-revalidate, private`` header to a response to indicate that a page
+    should never be cached.
+
+    .. versionchanged:: 3.0
+
+        ``private`` directive was added.
--- a/tests/decorators/tests.py
+++ b/tests/decorators/tests.py
@ -478,5 +478,5 @@ class NeverCacheDecoratorTest(TestCase):
        r = a_view(HttpRequest())
        self.assertEqual(
            set(r['Cache-Control'].split(', ')),
-            {'max-age=0', 'no-cache', 'no-store', 'must-revalidate'},
+            {'max-age=0', 'no-cache', 'no-store', 'must-revalidate', 'private'},
        )