Don't set cookies in feed filters

2 files changed, 5 insertions, 0 deletions

diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 959caf7ef..e2f303c05 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -37,6 +37,7 @@ class ApplicationController < ActionController::Base
     # Set cookie expiry according to "remember me" checkbox, as per "An easier
     # and more flexible hack" on this page:
     #   http://wiki.rubyonrails.org/rails/pages/HowtoChangeSessionOptions
+    # Note: This is skipped in TrackController
     before_filter :session_remember_me
     def session_remember_me
         # Reset the "sliding window" session expiry time.
@@ -189,6 +190,7 @@ class ApplicationController < ActionController::Base
     end
 
     # Default layout shows user in corner, so needs access to it
+    # Note: This is skipped in TrackController
     before_filter :authentication_check
     def authentication_check
         if session[:user_id]
diff --git a/app/controllers/track_controller.rb b/app/controllers/track_controller.rb
index 863477c0a..c1186172f 100644
--- a/app/controllers/track_controller.rb
+++ b/app/controllers/track_controller.rb
@@ -8,6 +8,9 @@
 # $Id: track_controller.rb,v 1.31 2009-09-02 14:18:26 francis Exp $
 
 class TrackController < ApplicationController
+    # Don't do authentication checks, so we don't set cookie headers for feeds
+    # (so they can be cached by a reverse proxy)
+    skip_before_filter :session_remember_me, :authentication_check
 
     # Track all updates to a particular request
     def track_request