From fb309f3d4f49b56464e3dd97d6540e092294baf2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E3=81=8B=E3=81=A3=E3=81=93=E3=81=8B=E3=82=8A?=
 <67428053+kakkokari-gtyih@users.noreply.github.com>
Date: Sun, 21 Jan 2024 18:14:42 +0900
Subject: [PATCH] return a `Vary: Accept` header for all dual-format endpoints
 #365 (#13044)

`/users/:user`, `/@:user`, `/notes/:note` return different responses
depending on the request's `Accept:` header. If we don't consistently
return a `Vary: Accept` header, browsers and caching proxies will get
confused, and return AP representations when HTML was requested, or
vice versa.

Co-authored-by: dakkar <dakkar@thenautilus.net>
Co-authored-by: syuilo <Syuilotan@yahoo.co.jp>
---
 packages/backend/src/server/ActivityPubServerService.ts | 4 ++++
 packages/backend/src/server/web/ClientServerService.ts  | 4 ++++
 2 files changed, 8 insertions(+)

diff --git a/packages/backend/src/server/ActivityPubServerService.ts b/packages/backend/src/server/ActivityPubServerService.ts
index 68e426b5bc..4fa6b8afee 100644
--- a/packages/backend/src/server/ActivityPubServerService.ts
+++ b/packages/backend/src/server/ActivityPubServerService.ts
@@ -648,6 +648,8 @@ export class ActivityPubServerService {
 		});
 
 		fastify.get<{ Params: { user: string; } }>('/users/:user', { constraints: { apOrHtml: 'ap' } }, async (request, reply) => {
+			vary(reply.raw, 'Accept');
+
 			const userId = request.params.user;
 
 			const user = await this.usersRepository.findOneBy({
@@ -660,6 +662,8 @@ export class ActivityPubServerService {
 		});
 
 		fastify.get<{ Params: { user: string; } }>('/@:user', { constraints: { apOrHtml: 'ap' } }, async (request, reply) => {
+			vary(reply.raw, 'Accept');
+
 			const user = await this.usersRepository.findOneBy({
 				usernameLower: request.params.user.toLowerCase(),
 				host: IsNull(),
diff --git a/packages/backend/src/server/web/ClientServerService.ts b/packages/backend/src/server/web/ClientServerService.ts
index 3e35d5415e..2de5156fec 100644
--- a/packages/backend/src/server/web/ClientServerService.ts
+++ b/packages/backend/src/server/web/ClientServerService.ts
@@ -476,6 +476,8 @@ export class ClientServerService {
 				isSuspended: false,
 			});
 
+			vary(reply.raw, 'Accept');
+
 			if (user != null) {
 				const profile = await this.userProfilesRepository.findOneByOrFail({ userId: user.id });
 				const meta = await this.metaService.fetch();
@@ -515,6 +517,8 @@ export class ClientServerService {
 				return;
 			}
 
+			vary(reply.raw, 'Accept');
+
 			reply.redirect(`/@${user.username}${ user.host == null ? '' : '@' + user.host}`);
 		});