exchange

Base system with REST service to issue digital coins, run by the payment service provider
Log | Files | Refs | Submodules | README | LICENSE
commit b161b36af2f2f68bc8155dd0f97977100f6e3148
parent 0ddab477708740ac1f930e68c0f24ab76dde7a3e
Author: Christian Grothoff <christian@grothoff.org>
Date:   Sun,  7 Apr 2024 19:40:56 +0200

add cache control to /config; eliminate cache expiration distinguisher from /keys

Diffstat:

Msrc/exchange/taler-exchange-httpd_config.c | 24++++++++++++++++++++++++


Msrc/exchange/taler-exchange-httpd_keys.c | 6++++++


2 files changed, 30 insertions(+), 0 deletions(-)

diff --git a/src/exchange/taler-exchange-httpd_config.c b/src/exchange/taler-exchange-httpd_config.c
@@ -36,6 +36,21 @@ TEH_handler_config (struct TEH_RequestContext *rc,
 
   if (NULL == resp)
   {
+    struct GNUNET_TIME_Absolute a;
+    struct GNUNET_TIME_Timestamp km;
+    char dat[128];
+
+    a = GNUNET_TIME_relative_to_absolute (GNUNET_TIME_UNIT_DAYS);
+    /* Round up to next full day to ensure the expiration
+       time does not become a fingerprint! */
+    a = GNUNET_TIME_absolute_round_down (a,
+                                         GNUNET_TIME_UNIT_DAYS);
+    a = GNUNET_TIME_absolute_add (a,
+                                  GNUNET_TIME_UNIT_DAYS);
+    /* => /config response stays at most 48h in caches! */
+    km = GNUNET_TIME_absolute_to_timestamp (a);
+    TALER_MHD_get_date_string (km.abs_time,
+                               dat);
     resp = TALER_MHD_MAKE_JSON_PACK (
       GNUNET_JSON_pack_array_steal ("supported_kyc_requirements",
                                     TALER_KYCLOGIC_get_satisfiable ()),
@@ -50,6 +65,15 @@ TEH_handler_config (struct TEH_RequestContext *rc,
                                "urn:net:taler:specs:exchange:c-reference"),
       GNUNET_JSON_pack_string ("version",
                                EXCHANGE_PROTOCOL_VERSION));
+
+    GNUNET_break (MHD_YES ==
+                  MHD_add_response_header (resp,
+                                           MHD_HTTP_HEADER_EXPIRES,
+                                           dat));
+    GNUNET_break (MHD_YES ==
+                  MHD_add_response_header (resp,
+                                           MHD_HTTP_HEADER_CACHE_CONTROL,
+                                           "public,max-age=21600")); /* 6h */
   }
   return MHD_queue_response (rc->connection,
                              MHD_HTTP_OK,
diff --git a/src/exchange/taler-exchange-httpd_keys.c b/src/exchange/taler-exchange-httpd_keys.c
@@ -2290,6 +2290,12 @@ setup_general_response_headers (void *cls,
     r = GNUNET_TIME_relative_min (TEH_max_keys_caching,
                                   ksh->rekey_frequency);
     a = GNUNET_TIME_relative_to_absolute (r);
+    /* Round up to next full day to ensure the expiration
+       time does not become a fingerprint! */
+    a = GNUNET_TIME_absolute_round_down (a,
+                                         GNUNET_TIME_UNIT_DAYS);
+    a = GNUNET_TIME_absolute_add (a,
+                                  GNUNET_TIME_UNIT_DAYS);
     km = GNUNET_TIME_absolute_to_timestamp (a);
     we = GNUNET_TIME_absolute_to_timestamp (wire_state->cache_expiration);
     m = GNUNET_TIME_timestamp_min (we,