From af8a1c668df1d1c2214bb600198a797f8b8fbff9 Mon Sep 17 00:00:00 2001
From: Yarden Shoham <hrsi88@gmail.com>
Date: Tue, 7 Mar 2023 15:34:30 +0000
Subject: [PATCH 1/2] Set `X-Gitea-Debug` header once

Instead of adding it

Signed-off-by: Yarden Shoham <hrsi88@gmail.com>
---
 modules/httpcache/httpcache.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules/httpcache/httpcache.go b/modules/httpcache/httpcache.go
index f0caa30eb82b3..4928ae5fbf98f 100644
--- a/modules/httpcache/httpcache.go
+++ b/modules/httpcache/httpcache.go
@@ -31,7 +31,7 @@ func AddCacheControlToHeader(h http.Header, maxAge time.Duration, additionalDire
 		directives = append(directives, "max-age=0", "private", "must-revalidate")
 
 		// to remind users they are using non-prod setting.
-		h.Add("X-Gitea-Debug", "RUN_MODE="+setting.RunMode)
+		h.Set("X-Gitea-Debug", "RUN_MODE="+setting.RunMode)
 	}
 
 	h.Set("Cache-Control", strings.Join(append(directives, additionalDirectives...), ", "))

From 3e9b484a4b6d19663d5a8c0c037a6acc1f735785 Mon Sep 17 00:00:00 2001
From: Yarden Shoham <hrsi88@gmail.com>
Date: Tue, 7 Mar 2023 18:45:33 +0000
Subject: [PATCH 2/2] Rename `AddCacheControlToHeader` to
 `SetCacheControlInHeader`

Signed-off-by: Yarden Shoham <hrsi88@gmail.com>
---
 modules/context/api.go         |  2 +-
 modules/context/context.go     |  4 ++--
 modules/httpcache/httpcache.go | 10 +++++-----
 routers/install/routes.go      |  2 +-
 routers/web/base.go            |  2 +-
 routers/web/user/avatar.go     |  2 +-
 6 files changed, 11 insertions(+), 11 deletions(-)

diff --git a/modules/context/api.go b/modules/context/api.go
index 3f938948aed66..f7a3384691246 100644
--- a/modules/context/api.go
+++ b/modules/context/api.go
@@ -244,7 +244,7 @@ func APIContexter() func(http.Handler) http.Handler {
 				}
 			}
 
-			httpcache.AddCacheControlToHeader(ctx.Resp.Header(), 0, "no-transform")
+			httpcache.SetCacheControlInHeader(ctx.Resp.Header(), 0, "no-transform")
 			ctx.Resp.Header().Set(`X-Frame-Options`, setting.CORSConfig.XFrameOptions)
 
 			ctx.Data["Context"] = &ctx
diff --git a/modules/context/context.go b/modules/context/context.go
index 0c8d7411ed5db..50c34edae2e53 100644
--- a/modules/context/context.go
+++ b/modules/context/context.go
@@ -388,7 +388,7 @@ func (ctx *Context) SetServeHeaders(opts *ServeHeaderOptions) {
 	if duration == 0 {
 		duration = 5 * time.Minute
 	}
-	httpcache.AddCacheControlToHeader(header, duration)
+	httpcache.SetCacheControlInHeader(header, duration)
 
 	if !opts.LastModified.IsZero() {
 		header.Set("Last-Modified", opts.LastModified.UTC().Format(http.TimeFormat))
@@ -753,7 +753,7 @@ func Contexter(ctx context.Context) func(next http.Handler) http.Handler {
 				}
 			}
 
-			httpcache.AddCacheControlToHeader(ctx.Resp.Header(), 0, "no-transform")
+			httpcache.SetCacheControlInHeader(ctx.Resp.Header(), 0, "no-transform")
 			ctx.Resp.Header().Set(`X-Frame-Options`, setting.CORSConfig.XFrameOptions)
 
 			ctx.Data["CsrfToken"] = ctx.csrf.GetToken()
diff --git a/modules/httpcache/httpcache.go b/modules/httpcache/httpcache.go
index 4928ae5fbf98f..46e0152ef4553 100644
--- a/modules/httpcache/httpcache.go
+++ b/modules/httpcache/httpcache.go
@@ -15,8 +15,8 @@ import (
 	"code.gitea.io/gitea/modules/setting"
 )
 
-// AddCacheControlToHeader adds suitable cache-control headers to response
-func AddCacheControlToHeader(h http.Header, maxAge time.Duration, additionalDirectives ...string) {
+// SetCacheControlInHeader sets suitable cache-control headers in the response
+func SetCacheControlInHeader(h http.Header, maxAge time.Duration, additionalDirectives ...string) {
 	directives := make([]string, 0, 2+len(additionalDirectives))
 
 	// "max-age=0 + must-revalidate" (aka "no-cache") is preferred instead of "no-store"
@@ -50,7 +50,7 @@ func HandleTimeCache(req *http.Request, w http.ResponseWriter, fi os.FileInfo) (
 
 // HandleGenericTimeCache handles time-based caching for a HTTP request
 func HandleGenericTimeCache(req *http.Request, w http.ResponseWriter, lastModified time.Time) (handled bool) {
-	AddCacheControlToHeader(w.Header(), setting.StaticCacheTime)
+	SetCacheControlInHeader(w.Header(), setting.StaticCacheTime)
 
 	ifModifiedSince := req.Header.Get("If-Modified-Since")
 	if ifModifiedSince != "" {
@@ -81,7 +81,7 @@ func HandleGenericETagCache(req *http.Request, w http.ResponseWriter, etag strin
 			return true
 		}
 	}
-	AddCacheControlToHeader(w.Header(), setting.StaticCacheTime)
+	SetCacheControlInHeader(w.Header(), setting.StaticCacheTime)
 	return false
 }
 
@@ -125,6 +125,6 @@ func HandleGenericETagTimeCache(req *http.Request, w http.ResponseWriter, etag s
 			}
 		}
 	}
-	AddCacheControlToHeader(w.Header(), setting.StaticCacheTime)
+	SetCacheControlInHeader(w.Header(), setting.StaticCacheTime)
 	return false
 }
diff --git a/routers/install/routes.go b/routers/install/routes.go
index a8efc92fe17ca..82d9c34b41f18 100644
--- a/routers/install/routes.go
+++ b/routers/install/routes.go
@@ -64,7 +64,7 @@ func installRecovery(ctx goctx.Context) func(next http.Handler) http.Handler {
 						"SignedUserName": "",
 					}
 
-					httpcache.AddCacheControlToHeader(w.Header(), 0, "no-transform")
+					httpcache.SetCacheControlInHeader(w.Header(), 0, "no-transform")
 					w.Header().Set(`X-Frame-Options`, setting.CORSConfig.XFrameOptions)
 
 					if !setting.IsProd {
diff --git a/routers/web/base.go b/routers/web/base.go
index b0d8a7c3f1e6d..e537382a638a5 100644
--- a/routers/web/base.go
+++ b/routers/web/base.go
@@ -158,7 +158,7 @@ func Recovery(ctx goctx.Context) func(next http.Handler) http.Handler {
 						store["SignedUserName"] = ""
 					}
 
-					httpcache.AddCacheControlToHeader(w.Header(), 0, "no-transform")
+					httpcache.SetCacheControlInHeader(w.Header(), 0, "no-transform")
 					w.Header().Set(`X-Frame-Options`, setting.CORSConfig.XFrameOptions)
 
 					if !setting.IsProd {
diff --git a/routers/web/user/avatar.go b/routers/web/user/avatar.go
index 2dba74822e531..7ad65cd51e39c 100644
--- a/routers/web/user/avatar.go
+++ b/routers/web/user/avatar.go
@@ -17,7 +17,7 @@ func cacheableRedirect(ctx *context.Context, location string) {
 	// here we should not use `setting.StaticCacheTime`, it is pretty long (default: 6 hours)
 	// we must make sure the redirection cache time is short enough, otherwise a user won't see the updated avatar in 6 hours
 	// it's OK to make the cache time short, it is only a redirection, and doesn't cost much to make a new request
-	httpcache.AddCacheControlToHeader(ctx.Resp.Header(), 5*time.Minute)
+	httpcache.SetCacheControlInHeader(ctx.Resp.Header(), 5*time.Minute)
 	ctx.Redirect(location)
 }