Added Vary header to credentials /static/ path

This header will provide more information to downstream caches so they know which headers to consider when determining a match. This is especially important to ensure browsers do not cache incorrect CORS headers when switching between sites/tenants. DEVOPS-5807

Added Vary header to credentials /static/ path
This header will provide more information to downstream caches so they know which headers to consider when determining a match. This is especially important to ensure browsers do not cache incorrect CORS headers when switching between sites/tenants. DEVOPS-5807
92efd532 · Clinton Blackburn · Clinton Blackburn · 054e0705 · 92efd532
Commit 92efd532 authored Apr 20, 2017 by Clinton Blackburn Committed by Clinton Blackburn Apr 23, 2017
Hide whitespace changes
Inline Side-by-side

Showing with 4 additions and 0 deletions

playbooks/roles/credentials/templates/edx/app/nginx/sites-available/credentials.j2
+4 -0

No files found.
--- a/playbooks/roles/credentials/templates/edx/app/nginx/sites-available/credentials.j2
+++ b/playbooks/roles/credentials/templates/edx/app/nginx/sites-available/credentials.j2
@@ -54,6 +54,10 @@ server {
    root {{ CREDENTIALS_STATIC_ROOT }};
    add_header Cache-Control "max-age=31536000";
    add_header 'Access-Control-Allow-Origin' $cors_origin;
+
+    # Inform downstream caches to take certain headers into account when reading/writing to cache.
+    add_header 'Vary' 'Accept-Encoding,Origin';
+
    try_files /$file =404;
  }