This is an automated email from the ASF dual-hosted git repository. erikrit pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/incubator-superset.git
The following commit(s) were added to refs/heads/master by this push: new d3406e0 [Config] Cache static resources (#8370) d3406e0 is described below commit d3406e0a0470ecc5107dce1729c8aec7770b6bed Author: Erik Ritter <erik.rit...@airbnb.com> AuthorDate: Thu Oct 17 09:09:25 2019 -0700 [Config] Cache static resources (#8370) --- UPDATING.md | 6 ++++++ superset/config.py | 13 +++++++++++-- superset/views/core.py | 13 ++++++++++--- 3 files changed, 27 insertions(+), 5 deletions(-) diff --git a/UPDATING.md b/UPDATING.md index 7ee7e10..b4aa9e5 100644 --- a/UPDATING.md +++ b/UPDATING.md @@ -23,6 +23,12 @@ assists people when migrating to a new version. ## Next Version +* [8370](https://github.com/apache/incubator-superset/pull/8370): Deprecates + the `HTTP_HEADERS` variable in favor of `DEFAULT_HTTP_HEADERS` and + `OVERRIDE_HTTP_HEADERS`. To retain the same behavior you should use + `OVERRIDE_HTTP_HEADERS` instead of `HTTP_HEADERS`. `HTTP_HEADERS` will still + work but may be removed in a future update. + * We're deprecating the concept of "restricted metric", this feature was not fully working anyhow. * [8117](https://github.com/apache/incubator-superset/pull/8117): If you are diff --git a/superset/config.py b/superset/config.py index 79f723d..235783e 100644 --- a/superset/config.py +++ b/superset/config.py @@ -435,8 +435,14 @@ CELERY_CONFIG = CeleryConfig # CELERY_CONFIG = None # Additional static HTTP headers to be served by your Superset server. Note -# Flask-Talisman aplies the relevant security HTTP headers. -HTTP_HEADERS = {} +# Flask-Talisman applies the relevant security HTTP headers. +# +# DEFAULT_HTTP_HEADERS: sets default values for HTTP headers. These may be overridden +# within the app +# OVERRIDE_HTTP_HEADERS: sets override values for HTTP headers. These values will +# override anything set within the app +DEFAULT_HTTP_HEADERS = {} +OVERRIDE_HTTP_HEADERS = {} # The db id here results in selecting this one as a default in SQL Lab DEFAULT_DB_ID = None @@ -665,6 +671,9 @@ SESSION_COOKIE_HTTPONLY = True # Prevent cookie from being read by frontend JS? SESSION_COOKIE_SECURE = False # Prevent cookie from being transmitted over non-tls? SESSION_COOKIE_SAMESITE = "Lax" # One of [None, 'Lax', 'Strict'] +# Flask configuration variables +SEND_FILE_MAX_AGE_DEFAULT = 60 * 60 * 24 * 365 # Cache static resources + # URI to database storing the example data, points to # SQLALCHEMY_DATABASE_URI by default if set to `None` SQLALCHEMY_EXAMPLES_URI = None diff --git a/superset/views/core.py b/superset/views/core.py index 52f488d..4d081ed 100755 --- a/superset/views/core.py +++ b/superset/views/core.py @@ -3076,10 +3076,17 @@ appbuilder.add_separator("Sources") @app.after_request -def apply_http_headers(response): +def apply_http_headers(response: Response): """Applies the configuration's http headers to all responses""" - for k, v in config.get("HTTP_HEADERS").items(): - response.headers[k] = v + + # HTTP_HEADERS is deprecated, this provides backwards compatibility + response.headers.extend( + {**config["OVERRIDE_HTTP_HEADERS"], **config.get("HTTP_HEADERS", {})} + ) + + for k, v in config["DEFAULT_HTTP_HEADERS"].items(): + if k not in response.headers: + response.headers[k] = v return response