http://bugs.winehq.org/show_bug.cgi?id=2888

Summary: last-modified information not sent, not even with images Product: WineHQ Apps Database Version: unspecified Platform: Other URL: http://appdb.winehq.com OS/Version: other Status: NEW Severity: normal Priority: P2 Component: website-bugs AssignedTo: wine-bugs@winehq.org ReportedBy: lamber45@cse.msu.edu

In the app database, there are a number of objects for which we have a historical modification time and which shouldn't get changed very often, but the PHP scripts always set the "no-cache" header and otherwise make sure that they aren cached. In particular, /appimage.php (the screenshot viewer) sets the following headers on a positive lookup:

Set-Cookie: whq_appdb=91649fe42c6dbd10991df9899e4cfa7b; expires=Thu, 21-Jul-05 14:47:31 GMT; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache

Note the absence of a Last-Modified: header, the cookie, and the Cache-Control: line. Since the URL includes "id" (which is the primary key of the appData table) and a parameter for "thumbnail", there is no reason for these headers in the response. Instead, the Last-Modified: header ought to be the modification time (i.e., upload time) of the underlying image file, and it would be best to also send:

Cache-Control: public

along with the response.

Furthermore, it should be OK to optimize the response to "HEAD" requests by checking the REQUEST_METHOD CGI variable. At present, the script would not need to do any image-processing, just:

1. Check whether the URL is valid 2. Check that the image is in the database 3. Get the file's access-time, and look for a JPEG or PNG header 4. Make sure it is public, or that the user (verified by the login cookie) is an administrator. (This will prevent spam.)