Caching prevented due to DisallowSimpleOauthRequests

Created on 13 October 2024, 2 months ago

Hello,

I'm developing a headless application using Drupal 10 as the backend and utilizing the Simple OAuth module for OAuth 2.0 authentication. I've noticed that the DisallowSimpleOauthRequests class prevents caching of responses when the Authorization header is present in the request.

My questions are:

I'm surprised to find little to no documentation or discussions addressing this issue. Am I missing something or going down the wrong path?

Is there a recommended way to allow caching of authenticated responses while maintaining adequate security?

Thanks for you help!

💬 Support request

Status

Active

Version

6.0

Component

Documentation

Created by

🇫🇷France jmdall

Live updates comments and jobs are added and updated live.

Comments & Activities

Issue created by @jmdall
Comment 2 months ago →
🇫🇷France jmdall
Comment 2 months ago →
🇳🇱Netherlands bojan_dev
Authenticated request are by default not cachable (coupled or decoupled). You could try enabling "Dynamic Page Cache" module, it caches pages minus the personalized parts (both anonymous & authenticated). If you want to leverage a reverse-proxy you could take a look on https://www.drupal.org/project/adv_varnish → .
Comment about 2 months ago →
🇳🇱Netherlands bojan_dev

contrib.social Blog FAQ Discussions

Production build 0.71.5 2024