You are here

Home » API reference » CDN 8.3 » CdnFarfutureController.php » CdnFarfutureController

protected function CdnFarfutureController::getFarfutureHeaders in CDN 8.3

Return the headers to serve with far future responses.

Return value

string[]

2 calls to CdnFarfutureController::getFarfutureHeaders()
CdnFarfutureController::download in src/CdnFarfutureController.php
Serves the requested file with optimal far future expiration headers.
CdnFarfutureController::downloadByScheme in src/CdnFarfutureController.php
Serves the requested file with optimal far future expiration headers.

File

src/CdnFarfutureController.php, line 143

Class

CdnFarfutureController

Namespace

Drupal\cdn

Code

protected function getFarfutureHeaders() : array {
  return [
    // Instead of being powered by PHP, tell the world this resource was
    // powered by the CDN module!
    'X-Powered-By' => 'Drupal CDN module (https://www.drupal.org/project/cdn)',
    // Browsers that implement the W3C Access Control specification might
    // refuse to use certain resources such as fonts if those resources
    // violate the same-origin policy. Send a header to explicitly allow
    // cross-domain use of those resources. (This is called Cross-Origin
    // Resource Sharing, or CORS.)
    // The CDN module allows any domain to access it by default, which means
    // hotlinking of these files is possible. If you want to prevent this,
    // implement a KernelEvents::RESPONSE subscriber that modifies this header
    // for this route.
    'Access-Control-Allow-Origin' => '*',
    'Access-Control-Allow-Methods' => 'GET, HEAD',
    // Set a far future Cache-Control header (480 weeks), which prevents
    // intermediate caches from transforming the data and allows any
    // intermediate cache to cache it, since it's marked as a public resource.
    // Finally, it's also marked as "immutable", which helps avoid
    // revalidation, see:
    // - https://bitsup.blogspot.be/2016/05/cache-control-immutable.html
    // - https://tools.ietf.org/html/rfc8246
    'Cache-Control' => 'max-age=290304000, no-transform, public, immutable',
    // Set a far future Expires header. The maximum UNIX timestamp is
    // somewhere in 2038. Set it to a date in 2037, just to be safe.
    'Expires' => 'Tue, 20 Jan 2037 04:20:42 GMT',
    // Pretend the file was last modified a long time ago in the past, this
    // will prevent browsers that don't support Cache-Control nor Expires
    // headers to still request a new version too soon (these browsers
    // calculate a heuristic to determine when to request a new version, based
    // on the last time the resource has been modified).
    // Also see http://code.google.com/speed/page-speed/docs/caching.html.
    'Last-Modified' => 'Wed, 20 Jan 1988 04:20:42 GMT',
  ];
}