From f4fb98f366c62ac0300779c27a83816274667a6e Mon Sep 17 00:00:00 2001 From: Peter Wilson Date: Sun, 7 Apr 2024 23:53:19 +0000 Subject: [PATCH] Script Loader: Improve asset concatenation Etags. Include the asset version of JavaScript and CSS files when generating the ETag for concatenated assets in `load-scripts.php` and `load-styles.php`. This ensures the ETag is updated as script versions change (for example editor package updates) rather than only when the WordPress version changes. The `W\` prefix is added to the generated ETag to allow for CDNs and proxy servers modifying the script to add or improve the compression algorithm. Props azaozz, dav4, ironprogrammer, johnbillion, kkmuffme, monzuralam, peterwilsoncc, sergeybiryukov. Fixes #58433. Built from https://develop.svn.wordpress.org/trunk@57943 git-svn-id: http://core.svn.wordpress.org/trunk@57440 1a063a9b-81f0-0310-95a4-ce76da25c4cd --- wp-admin/load-scripts.php | 23 +++++++++++++++++++++-- wp-admin/load-styles.php | 23 +++++++++++++++++++++-- wp-includes/version.php | 2 +- 3 files changed, 43 insertions(+), 5 deletions(-) diff --git a/wp-admin/load-scripts.php b/wp-admin/load-scripts.php index 5675b86570..c7c952f651 100644 --- a/wp-admin/load-scripts.php +++ b/wp-admin/load-scripts.php @@ -45,7 +45,26 @@ wp_default_scripts( $wp_scripts ); wp_default_packages_vendor( $wp_scripts ); wp_default_packages_scripts( $wp_scripts ); -if ( isset( $_SERVER['HTTP_IF_NONE_MATCH'] ) && stripslashes( $_SERVER['HTTP_IF_NONE_MATCH'] ) === $wp_version ) { +$etag = "WP:{$wp_version};"; + +foreach ( $load as $handle ) { + if ( ! array_key_exists( $handle, $wp_scripts->registered ) ) { + continue; + } + + $ver = $wp_scripts->registered[ $handle ]->ver ? $wp_scripts->registered[ $handle ]->ver : $wp_version; + $etag .= "{$handle}:{$ver};"; +} + +/* + * This is not intended to be cryptographically secure, just a fast way to get + * a fixed length string based on the script versions. As this file does not + * load the full WordPress environment, it is not possible to use the salted + * wp_hash() function. + */ +$etag = 'W/"' . md5( $etag ) . '"'; + +if ( isset( $_SERVER['HTTP_IF_NONE_MATCH'] ) && stripslashes( $_SERVER['HTTP_IF_NONE_MATCH'] ) === $etag ) { header( "$protocol 304 Not Modified" ); exit; } @@ -59,7 +78,7 @@ foreach ( $load as $handle ) { $out .= get_file( $path ) . "\n"; } -header( "Etag: $wp_version" ); +header( "Etag: $etag" ); header( 'Content-Type: application/javascript; charset=UTF-8' ); header( 'Expires: ' . gmdate( 'D, d M Y H:i:s', time() + $expires_offset ) . ' GMT' ); header( "Cache-Control: public, max-age=$expires_offset" ); diff --git a/wp-admin/load-styles.php b/wp-admin/load-styles.php index fe4a4ee66e..9fd0fc1f03 100644 --- a/wp-admin/load-styles.php +++ b/wp-admin/load-styles.php @@ -48,7 +48,26 @@ $out = ''; $wp_styles = new WP_Styles(); wp_default_styles( $wp_styles ); -if ( isset( $_SERVER['HTTP_IF_NONE_MATCH'] ) && stripslashes( $_SERVER['HTTP_IF_NONE_MATCH'] ) === $wp_version ) { +$etag = "WP:{$wp_version};"; + +foreach ( $load as $handle ) { + if ( ! array_key_exists( $handle, $wp_styles->registered ) ) { + continue; + } + + $ver = $wp_styles->registered[ $handle ]->ver ? $wp_styles->registered[ $handle ]->ver : $wp_version; + $etag .= "{$handle}:{$ver};"; +} + +/* + * This is not intended to be cryptographically secure, just a fast way to get + * a fixed length string based on the script versions. As this file does not + * load the full WordPress environment, it is not possible to use the salted + * wp_hash() function. + */ +$etag = 'W/"' . md5( $etag ) . '"'; + +if ( isset( $_SERVER['HTTP_IF_NONE_MATCH'] ) && stripslashes( $_SERVER['HTTP_IF_NONE_MATCH'] ) === $etag ) { header( "$protocol 304 Not Modified" ); exit; } @@ -84,7 +103,7 @@ foreach ( $load as $handle ) { } } -header( "Etag: $wp_version" ); +header( "Etag: $etag" ); header( 'Content-Type: text/css; charset=UTF-8' ); header( 'Expires: ' . gmdate( 'D, d M Y H:i:s', time() + $expires_offset ) . ' GMT' ); header( "Cache-Control: public, max-age=$expires_offset" ); diff --git a/wp-includes/version.php b/wp-includes/version.php index 9d251d3321..ea06992e6d 100644 --- a/wp-includes/version.php +++ b/wp-includes/version.php @@ -16,7 +16,7 @@ * * @global string $wp_version */ -$wp_version = '6.6-alpha-57937'; +$wp_version = '6.6-alpha-57943'; /** * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.