[wp-trac] [WordPress Trac] #52636: Add proper Cache-Control header to /wp-json REST endpoints
WordPress Trac
noreply at wordpress.org
Wed Feb 24 06:17:24 UTC 2021
#52636: Add proper Cache-Control header to /wp-json REST endpoints
-------------------------+-----------------------------
Reporter: isaumya | Owner: (none)
Type: enhancement | Status: new
Priority: normal | Milestone: Awaiting Review
Component: REST API | Version:
Severity: major | Keywords: needs-patch
Focuses: rest-api |
-------------------------+-----------------------------
Hi,
I've been doing some through audits with the `wp-json` endpoint,
especially in terms of caching. Currently if you look at the Response of
any WP-JSON endpoints you will see that there is no **Cache-control
header** specified.
This leads to these responses being cached via CDN and browsers.
While digging deeper I found that the only way to do this is by
reinitializing the rest-api as it is
[https://wordpress.stackexchange.com/a/326167 shown here].
But this seems like a hack. The REST endpoints should never be cached in
the first place. Looking deeper into it I found that inside `/wp-includes
/rest-api/class-wp-rest-response.php` on line no 160 the system is setting
a `Link` header. Then why not set the proper cache-control header as well?
We can take advantage of
[https://developer.wordpress.org/reference/functions/wp_get_nocache_headers/
wp_get_nocache_headers()] to pass the proper cache-control headers for the
wp-json endpoints.
Another problem is currently as the `/wp-json` endpoint is being set and
managed by PHP, adding a simply `add_headers` in `nginx.conf` does nothing
as the file is generated by PHP and any response headers needs to be added
at the PHP level only.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/52636>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list