[Django] #25490: Logout view can be cached by Safari

[Django]

#25490: Logout view can be cached by Safari
-------------------------------+--------------------
Reporter: belak | Owner: nobody
Type: Uncategorized | Status: new
Component: contrib.auth | Version: 1.8
Severity: Normal | Keywords:
Triage Stage: Unreviewed | Has patch: 1
Easy pickings: 0 | UI/UX: 0
-------------------------------+--------------------
Safari has a tendency to cache redirects, even when cookies are set.
Unfortunately this means that sometimes visiting a logout view with a
redirect will not log the user out.

https://github.com/django/django/pull/5379 contains a simple fix against
the master branch, but currently no tests.

--
Ticket URL: <https://code.djangoproject.com/ticket/25490>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.

[Django]

#25490: Logout view can be cached by Safari

---------------------------+----------------------------

Reporter: belak | Owner: nobody
Type: Uncategorized | Status: new
Component: contrib.auth | Version: 1.8

Severity: Normal | Resolution:

Keywords: | Triage Stage: Unreviewed
Has patch: 1 | Easy pickings: 0
UI/UX: 0 |

---------------------------+----------------------------
Changes (by belak):

* Attachment "never-cache-logout.patch" added.

add @never_cache to django.contrib.auth.views.logout

[Django]

#25490: Logout view can be cached by Safari

--------------------------------------+------------------------------------
Reporter: belak | Owner: nobody
Type: Cleanup/optimization | Status: new
Component: contrib.auth | Version: 1.8
Severity: Normal | Resolution:
Keywords: | Triage Stage: Accepted
Has patch: 1 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0

Easy pickings: 0 | UI/UX: 0

--------------------------------------+------------------------------------
Changes (by timgraham):

* needs_better_patch: => 0
* stage: Unreviewed => Accepted
* type: Uncategorized => Cleanup/optimization
* needs_tests: => 0
* needs_docs: => 0

Comment:

By the way, if you provide a pull request, you don't need to also attach a
patch on the ticket.

--
Ticket URL: <https://code.djangoproject.com/ticket/25490#comment:1>

[Django]

#25490: Logout view can be cached by Safari

--------------------------------------+------------------------------------
Reporter: belak | Owner: nobody
Type: Cleanup/optimization | Status: new
Component: contrib.auth | Version: 1.8

Severity: Normal | Resolution:
Keywords: | Triage Stage: Accepted
Has patch: 1 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0

Easy pickings: 0 | UI/UX: 0

--------------------------------------+------------------------------------

Comment (by belak):

Thanks. I'll keep that in mind for next time.

--
Ticket URL: <https://code.djangoproject.com/ticket/25490#comment:2>

[Django]

#25490: Logout view can be cached by Safari

--------------------------------------+------------------------------------
Reporter: belak | Owner: nobody
Type: Cleanup/optimization | Status: closed
Component: contrib.auth | Version: 1.8
Severity: Normal | Resolution: fixed

Keywords: | Triage Stage: Accepted
Has patch: 1 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0

Easy pickings: 0 | UI/UX: 0

--------------------------------------+------------------------------------
Changes (by Tim Graham <timograham@…>):

* status: new => closed
* resolution: => fixed

Comment:

In [changeset:"adcf823359d7402fc1f57a2e005cea52905d897d" adcf8233]:
{{{
#!CommitTicketReference repository=""
revision="adcf823359d7402fc1f57a2e005cea52905d897d"
Fixed #25490 -- Made the logout() view send "no-cache" headers.
}}}

--
Ticket URL: <https://code.djangoproject.com/ticket/25490#comment:3>