Cache backend responses
By default, Magnolia sets the Set-Cookie header when the
country filter and CSRF are enabled. Because of this, responses from backend servers aren’t able to be cached. However, there are some things you can do to make these backend respones cacheable.
Go to your
This is typically found at
$RequestScopedTraitStorage. Alternatively, you could completely disable the country filter.
Next, you’ll need to bypass the CSRF filter with paths/content-types (and whatever else you need) in the filter configuration. This is done with a voter.Example voter
BypassWhenNotAuthenticated: class: info.magnolia.voting.voters.AuthenticatedVoter not: true
If the filter is bypassed, CSRF protection for unauthenticated browser sessions are disabled meaning there is no longer protection against CSRF login attacks or any other
POSTrequests like forms.