From e5908f250859f8e4be13d662a077dba55cf35714 Mon Sep 17 00:00:00 2001 From: Thomas <9749173+uhthomas@users.noreply.github.com> Date: Thu, 29 Jun 2023 03:26:16 +0100 Subject: [PATCH] fix(server): use private cache (#3017) The omission of additional cache-control directives implied the resource could be stored in shared/public caches, which is not desirable. In addition, the no-transform directive will ensure content is not unintentionally mangled. Fixes: #3014 --- server/src/immich/api-v1/asset/asset.controller.ts | 4 ++-- server/src/immich/controllers/user.controller.ts | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/server/src/immich/api-v1/asset/asset.controller.ts b/server/src/immich/api-v1/asset/asset.controller.ts index 6b5fc488a0..e7cc8a4b17 100644 --- a/server/src/immich/api-v1/asset/asset.controller.ts +++ b/server/src/immich/api-v1/asset/asset.controller.ts @@ -162,7 +162,7 @@ export class AssetController { @SharedLinkRoute() @Get('/file/:id') - @Header('Cache-Control', 'max-age=31536000') + @Header('Cache-Control', 'private, max-age=86400, no-transform') @ApiOkResponse({ content: { 'application/octet-stream': { schema: { type: 'string', format: 'binary' } } } }) serveFile( @AuthUser() authUser: AuthUserDto, @@ -176,7 +176,7 @@ export class AssetController { @SharedLinkRoute() @Get('/thumbnail/:id') - @Header('Cache-Control', 'max-age=31536000') + @Header('Cache-Control', 'private, max-age=86400, no-transform') @ApiOkResponse({ content: { 'application/octet-stream': { schema: { type: 'string', format: 'binary' } } } }) getAssetThumbnail( @AuthUser() authUser: AuthUserDto, diff --git a/server/src/immich/controllers/user.controller.ts b/server/src/immich/controllers/user.controller.ts index b96d4bf39c..1a4b3faf19 100644 --- a/server/src/immich/controllers/user.controller.ts +++ b/server/src/immich/controllers/user.controller.ts @@ -98,7 +98,7 @@ export class UserController { } @Get('/profile-image/:userId') - @Header('Cache-Control', 'max-age=600') + @Header('Cache-Control', 'private, max-age=86400, no-transform') async getProfileImage(@Param() { userId }: UserIdDto, @Response({ passthrough: true }) res: Res): Promise { const readableStream = await this.service.getUserProfileImage(userId); res.header('Content-Type', 'image/jpeg');