class BaseHandler(tornado.web.RequestHandler):
+ def prepare(self):
+ # Mark this as private when someone is logged in
+ if self.current_user:
+ self.set_header("Cache-Control", "private")
+
+ # Always send Vary: Cookie
+ self.set_header("Vary", "Cookie")
+
def set_expires(self, seconds):
# For HTTP/1.1
self.add_header("Cache-Control", "max-age=%s, must-revalidate" % seconds)
# For HTTP/1.0
expires = datetime.datetime.utcnow() + datetime.timedelta(seconds=seconds)
- self.add_header("Expires", expires)
+ self.set_header("Expires", expires)
def write_error(self, status_code, **kwargs):
# Translate code into message
self.render("error.html", status_code=status_code, message=message, **kwargs)
- def xsrf_form_html(self, *args, **kwargs):
- # Set Vary: Cookie header
- self.add_header("Vary", "Cookie")
-
- return super().xsrf_form_html(*args, **kwargs)
-
@property
def hostname(self):
# Return hostname in production
def releases(self):
return self.backend.releases
- @property
- def talk(self):
- return self.backend.talk
-
class APIHandler(BaseHandler):
def check_xsrf_cookie(self):