MyBB Community Forums

Attachments should have expire header, so they are not redownloaded every time for users who visit you forum often.

Attachments are .php, so servers headers for static files are not applied for them, so we should do it ourself with PHP.

Solution:

header('Expires: '.gmdate('D, d M Y H:i:s \G\M\T', $_SERVER['REQUEST_TIME'] + 2592000)); // one month: 60*60*24*30=2592000

in /attachment.php

---

I was wrong about servers, we can set it "by-type". But we still need to set in manually in case servers are not set properly.
Expires and/or Cache-Control headers

Here (community.mybb.com) attachments are not cached:

HTTP/2.0 200 OK
date: Wed, 10 Oct 2018 06:49:22 GMT
content-type: image/jpeg
content-length: 16088
content-disposition: inline; filename="1.jpg"
content-range: bytes=0-16087/16088
content-security-policy: upgrade-insecure-requests; default-src https: data: 'unsafe-inline' 'unsafe-eval'
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 467725893de075d6-ARN
X-Firefox-Spdy: h2

You should set it in mod_expires (.htaccess) or in attachment.php

Attachments can be updated or replaced. When you cache them users might still see the old version.

(2018-10-10, 10:48 AM)StefanT Wrote: [ -> ]Attachments can be updated or replaced. When you cache them users might still see the old version.

How can they be updated? Everything you download get new id

Static content without cache is not good.

There are options to update attachments.

"Static content without cache is not good." - correct, but i don't think there should be rules in the core for this. Your requirement as an admin will differ from the next, your solution may be someone else' problem.

Attachments aren't exactly static content; access is controlled by user groups. Many forums hide attachments to guests.

Hiding attachments has nothing to do with browser caching.

It is crazy for me that attachments aren't cached. Active users open same page many times, it slow for them and for server. May be neglectable depending on your visitors count, geography and attachments activity, but it just one line that will make your forum better for everyone.

Anyway, I did it for my forum. You also can (should) add by-type (not extension) caching for apache/nginx if you don't want to mess with code (it can be simple plugin though, "attachment_end" hook).

It should be options, updating attachments is also easy, the same way as avatars (&dateline=123). But it needs core changes, so yeah...
For now just one line will fix everything.

(2018-10-11, 08:06 AM)Qiao Wrote: [ -> ]It should be [optional]

I agree, one should be able to set an option for caching. It should not be mandatory. This could be tied into a 'one upload' type feature. You shouldn't be able to modify uploads, just delete them.

I checked, you cache avatars here, so attachments caching is missing.
But I agree, that is more like a server problem, because avatars (css etc) can't send headers as attachments. The problem is that attachments have .php extension, that is not obvious for caching like .jpg etc.

Actually I don't like that attachments are php files. I understand that it has some functions (stats), but it needs to run php for static files that don't need it. I just want plain files.
But it can't be changed now without a lot of rewriting (saving as .attach files).

---

(2018-10-11, 08:15 AM)Ben Cousins Wrote: [ -> ]This could be tied into a 'one upload' type feature. You shouldn't be able to modify uploads, just delete them.

That is another problem:
https://community.mybb.com/thread-193609.html

I removed updating attachments long ago. Nobody understand how it works. It should be removed or remade.