Logout bug when Guest caching is enabled

[K a M a L]

Affected version

2.1,2.2

The issue described here https://xenforo.com/community/threads/guest-page-caching.164816/ has been existing for a long time with no resolution .. I tried doing some troubleshooting to see the reason behind it because it was really annoying , I found the bug is very simple
at method PageCache->getCachedPage() .. there is a call $response->replaceHeaders($result['headers']);
result header will typically look like

array (size=5)
  'X-Frame-Options' => string 'SAMEORIGIN' (length=10)
  'X-Content-Type-Options' => string 'nosniff' (length=7)
  'Last-Modified' => string 'Mon, 06 Dec 2021 02:00:48 GMT' (length=29)
  'Expires' => string 'Thu, 19 Nov 1981 08:52:00 GMT' (length=29)
  'Cache-Control' => string 'private, no-cache, max-age=0' (length=28)

Last-Modified is coming from the cached response and it is the time when the cache file was created .. user browser already have a fresh cached version of index page ( just before logout ) .. the browser will display the internal data cached after the given Last-Modified without looking at the HTML response returned from the server.
simple resolution is unsetting
unset($result['headers']['Last-Modified']);

 

[Hristo Avramov]

The issue described here https://xenforo.com/community/threads/guest-page-caching.164816/ has been existing for a long time with no resolution .. I tried doing some troubleshooting to see the reason behind it because it was really annoying , I found the bug is very simple
at method PageCache->getCachedPage() .. there is a call $response->replaceHeaders($result['headers']);
result header will typically look like

array (size=5)
  'X-Frame-Options' => string 'SAMEORIGIN' (length=10)
  'X-Content-Type-Options' => string 'nosniff' (length=7)
  'Last-Modified' => string 'Mon, 06 Dec 2021 02:00:48 GMT' (length=29)
  'Expires' => string 'Thu, 19 Nov 1981 08:52:00 GMT' (length=29)
  'Cache-Control' => string 'private, no-cache, max-age=0' (length=28)

Last-Modified is coming from the cached response and it is the time when the cache file was created .. user browser already have a fresh cached version of index page ( just before logout ) .. the browser will display the internal data cached after the given Last-Modified without looking at the HTML response returned from the server.
simple resolution is unsetting
unset($result['headers']['Last-Modified']);

Hi,

Can you explain what do I need to edit exactly? I am not very good in this.

 

[hongtrang]

The issue described here https://xenforo.com/community/threads/guest-page-caching.164816/ has been existing for a long time with no resolution .. I tried doing some troubleshooting to see the reason behind it because it was really annoying , I found the bug is very simple
at method PageCache->getCachedPage() .. there is a call $response->replaceHeaders($result['headers']);
result header will typically look like

array (size=5)
  'X-Frame-Options' => string 'SAMEORIGIN' (length=10)
  'X-Content-Type-Options' => string 'nosniff' (length=7)
  'Last-Modified' => string 'Mon, 06 Dec 2021 02:00:48 GMT' (length=29)
  'Expires' => string 'Thu, 19 Nov 1981 08:52:00 GMT' (length=29)
  'Cache-Control' => string 'private, no-cache, max-age=0' (length=28)

Last-Modified is coming from the cached response and it is the time when the cache file was created .. user browser already have a fresh cached version of index page ( just before logout ) .. the browser will display the internal data cached after the given Last-Modified without looking at the HTML response returned from the server.
simple resolution is unsetting
unset($result['headers']['Last-Modified']);

That's exactly what I'm getting if cachePage is enabled
Thanks for the solution you gave. It was perfect, problem solved. Thank you very much

Hi,

Can you explain what do I need to edit exactly? I am not very good in this.

You can edit the file:

/src/XF/PageCache.php

Line: 137

public function getCachedPage(\XF\App $app)
    {
        $cacheId = $this->getCacheId();

        $result = $this->cache->fetch($cacheId);
        if (!$result)
        {
            return null;
        }

        if (!empty($result['sessionActivity']))
        {
            $activity = $result['sessionActivity'];

            /** @var \XF\Repository\SessionActivity $activityRepo */
            $activityRepo = $app->repository('XF:SessionActivity');
            $activityRepo->updateSessionActivity(
                \XF::visitor()->user_id, $this->request->getIp(),
                $activity['controller'], $activity['action'], $activity['params'], $activity['viewState'],
                $this->request->getRobotName()
            );
        }
        unset($result['headers']['Last-Modified']); //add to
        $response = $app->response();
        $response->contentType($result['contentType'], $result['charset']);
        $response->replaceHeaders($result['headers']);
        $response->header('Expires', gmdate('D, d M Y H:i:s', $result['expires']) . ' GMT');
        $response->header('X-XF-Cache-Status', 'HIT');

        $now = \XF::$time;
        $body = str_replace($result['csrfToken'], $app['csrf.token'], $result['body']);
        $body = str_replace("now: $result[date],", "now: $now,", $body);
        // accept that some dates might be slightly off

        $response->body($body);
        
        return $response;
    }

 

[Hristo Avramov]

So will xf include this in the next versions or we will need to modify it every time we update the software?

 

[Paul B]

You will need to wait for the developers to respond to the bug report.

 

[damexdecoder]

@Brogan this is still not edited in the current version, is there any chance to loss the google ranking ? because i have lost 75% traffic and keywords since i added the above code into my cache file

 

[damexdecoder]

@K a M a L this is still not edited in the current version, is there any chance to loss the google ranking ? because i have lost 75% traffic and keywords since i added the above code into my cache file

 

[K a M a L]

@K a M a L this is still not edited in the current version, is there any chance to loss the google ranking ? because i have lost 75% traffic and keywords since i added the above code into my cache file

This has nothing to do with SEO or search engine rankings .. check the other changes you did on same time frame that may have affected your rankings.

 

[damexdecoder]

This has nothing to do with SEO or search engine rankings .. check the other changes you did on same time frame that may have affected your rankings.

I installed Brotli and Mod_http2 on same day and deleted belows mods, can they effect the SEO? its weird that i was getting 250 google clicks and now im getting 30 to 35 clicks within 5 days.

• mod_mpm_itk
• mod_mpm_prefork
• mod_ruid2

 

[K a M a L]

I installed Brotli and Mod_http2 on same day and deleted belows mods, can they effect the SEO? its weird that i was getting 250 google clicks and now im getting 30 to 35 clicks within 5 days.

• mod_mpm_itk
• mod_mpm_prefork
• mod_ruid2

This shouldn't impact SEO unless your site speed (TTFB) has significantly dropped due to server changes.. there are tons of factors affecting SEO and usually they don't take effect immediately so it may be some changes you did few months earlier or it is just Google search algorithm update that changed your site rankings

 

[javilonas]

The issue described here https://xenforo.com/community/threads/guest-page-caching.164816/ has been existing for a long time with no resolution .. I tried doing some troubleshooting to see the reason behind it because it was really annoying , I found the bug is very simple
at method PageCache->getCachedPage() .. there is a call $response->replaceHeaders($result['headers']);
result header will typically look like

array (size=5)
  'X-Frame-Options' => string 'SAMEORIGIN' (length=10)
  'X-Content-Type-Options' => string 'nosniff' (length=7)
  'Last-Modified' => string 'Mon, 06 Dec 2021 02:00:48 GMT' (length=29)
  'Expires' => string 'Thu, 19 Nov 1981 08:52:00 GMT' (length=29)
  'Cache-Control' => string 'private, no-cache, max-age=0' (length=28)

Last-Modified is coming from the cached response and it is the time when the cache file was created .. user browser already have a fresh cached version of index page ( just before logout ) .. the browser will display the internal data cached after the given Last-Modified without looking at the HTML response returned from the server.
simple resolution is unsetting
unset($result['headers']['Last-Modified']);

I had been looking for a solution to the problem for a long time, now it respects the change of language, style, etc... Without moving from the page you are browsing, it solved my problem, thank you very much.

This should already be added in the new versions by default:

unset($result['headers']['Last-Modified']);

 

[K a M a L]

@Chris D
The chrome Clear-Site-Data issue was resolved a couple of years ago
https://bugs.chromium.org/p/chromium/issues/detail?id=762417 .. I tested it and it works fine
I think uncommenting those two lines in Login controller plugin would solve this long standing issue

public function clearSiteData(){
// TODO: This causes performance issues on the client side in Chrome. See XF-167665.
// $response = $this->app->response();
// $response->header('Clear-Site-Data', '"cache"');
}