Changeset 59728 for trunk/src/wp-includes/class-wp.php

Timestamp:

01/29/2025 06:10:47 PM (15 months ago)

Author:

johnbillion

Message:

Posts, Post Types: Add no-cache headers to password protected posts.

This instructs an intermediate cache, for example a proxy server, to not cache a password protected post both before and after a visitor has entered a password.

Props brevilo, haozi, ironprogrammer, narenin

Fixes #61711

File:

• trunk/src/wp-includes/class-wp.php (modified) (1 diff)

trunk/src/wp-includes/class-wp.php

@@ -546 +546 @@
                 $headers['X-Pingback'] = get_bloginfo( 'pingback_url', 'display' );
             }
+
+            // Send nocache headers for password protected posts to avoid unwanted caching.
+            if ( ! empty( $post->post_password ) ) {
+                $headers = array_merge( $headers, wp_get_nocache_headers() );
+            }
         }