From 1bf5d997f620f78b8283a0b413c6297f41b395b5 Mon Sep 17 00:00:00 2001
From: Mihai Parparita <mihai@persistent.info>
Date: Sat, 13 Dec 2014 15:35:10 -0800
Subject: [PATCH] Make sure HTTP responses are not cacheable.

---
 app/app.go | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/app/app.go b/app/app.go
index 91660d1..541fb24 100644
--- a/app/app.go
+++ b/app/app.go
@@ -136,6 +136,7 @@ type AppHandler func(http.ResponseWriter, *http.Request) *AppError
 
 func (fn AppHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 	defer panicRecovery(w, r)
+	makeUncacheable(w)
 	if e := fn(w, r); e != nil {
 		handleAppError(e, w, r)
 	}
@@ -145,6 +146,7 @@ type SignedInAppHandler func(http.ResponseWriter, *http.Request, *AppSignedInSta
 
 func (fn SignedInAppHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 	defer panicRecovery(w, r)
+	makeUncacheable(w)
 	session, _ := sessionStore.Get(r, sessionConfig.CookieName)
 	userId, ok := session.Values[sessionConfig.UserIdKey].(int)
 	if !ok {
@@ -181,6 +183,12 @@ func panicRecovery(w http.ResponseWriter, r *http.Request) {
 	}
 }
 
+func makeUncacheable(w http.ResponseWriter) {
+	w.Header().Set(
+		"Cache-Control", "no-cache, no-store, max-age=0, must-revalidate")
+	w.Header().Set("Expires", "0")
+}
+
 func handleAppError(e *AppError, w http.ResponseWriter, r *http.Request) {
 	c := appengine.NewContext(r)
 	if e.Type == AppErrorTypeGitHubFetch {