Set X-Gitea-Debug header once (#23361)

Instead of adding it

# Before
On the raw commit page:

![image](https://user-images.githubusercontent.com/20454870/223470744-cdf11898-e023-4198-8c8b-c294e5d78b73.png)

# After

![image](https://user-images.githubusercontent.com/20454870/223470596-af898d66-bd5b-4ddb-b220-ceb1f149bfec.png)

Fixes #23308

---------

Signed-off-by: Yarden Shoham <[email protected]>
Co-authored-by: techknowlogick <[email protected]>
Co-authored-by: John Olheiser <[email protected]>

Author: 3 people

modules/context/api.go

@@ -244,7 +244,7 @@ func APIContexter() func(http.Handler) http.Handler {
 				}
 			}
 
-			httpcache.AddCacheControlToHeader(ctx.Resp.Header(), 0, "no-transform")
+			httpcache.SetCacheControlInHeader(ctx.Resp.Header(), 0, "no-transform")
 			ctx.Resp.Header().Set(`X-Frame-Options`, setting.CORSConfig.XFrameOptions)
 
 			ctx.Data["Context"] = &ctx

modules/context/context.go

@@ -388,7 +388,7 @@ func (ctx *Context) SetServeHeaders(opts *ServeHeaderOptions) {
 	if duration == 0 {
 		duration = 5 * time.Minute
 	}
-	httpcache.AddCacheControlToHeader(header, duration)
+	httpcache.SetCacheControlInHeader(header, duration)
 
 	if !opts.LastModified.IsZero() {
 		header.Set("Last-Modified", opts.LastModified.UTC().Format(http.TimeFormat))
@@ -753,7 +753,7 @@ func Contexter(ctx context.Context) func(next http.Handler) http.Handler {
 				}
 			}
 
-			httpcache.AddCacheControlToHeader(ctx.Resp.Header(), 0, "no-transform")
+			httpcache.SetCacheControlInHeader(ctx.Resp.Header(), 0, "no-transform")
 			ctx.Resp.Header().Set(`X-Frame-Options`, setting.CORSConfig.XFrameOptions)
 
 			ctx.Data["CsrfToken"] = ctx.csrf.GetToken()

modules/httpcache/httpcache.go

@@ -15,8 +15,8 @@ import (
 	"code.gitea.io/gitea/modules/setting"
 )
 
-// AddCacheControlToHeader adds suitable cache-control headers to response
-func AddCacheControlToHeader(h http.Header, maxAge time.Duration, additionalDirectives ...string) {
+// SetCacheControlInHeader sets suitable cache-control headers in the response
+func SetCacheControlInHeader(h http.Header, maxAge time.Duration, additionalDirectives ...string) {
 	directives := make([]string, 0, 2+len(additionalDirectives))
 
 	// "max-age=0 + must-revalidate" (aka "no-cache") is preferred instead of "no-store"
@@ -31,7 +31,7 @@ func AddCacheControlToHeader(h http.Header, maxAge time.Duration, additionalDire
 		directives = append(directives, "max-age=0", "private", "must-revalidate")
 
 		// to remind users they are using non-prod setting.
-		h.Add("X-Gitea-Debug", "RUN_MODE="+setting.RunMode)
+		h.Set("X-Gitea-Debug", "RUN_MODE="+setting.RunMode)
 	}
 
 	h.Set("Cache-Control", strings.Join(append(directives, additionalDirectives...), ", "))
@@ -50,7 +50,7 @@ func HandleTimeCache(req *http.Request, w http.ResponseWriter, fi os.FileInfo) (
 
 // HandleGenericTimeCache handles time-based caching for a HTTP request
 func HandleGenericTimeCache(req *http.Request, w http.ResponseWriter, lastModified time.Time) (handled bool) {
-	AddCacheControlToHeader(w.Header(), setting.StaticCacheTime)
+	SetCacheControlInHeader(w.Header(), setting.StaticCacheTime)
 
 	ifModifiedSince := req.Header.Get("If-Modified-Since")
 	if ifModifiedSince != "" {
@@ -81,7 +81,7 @@ func HandleGenericETagCache(req *http.Request, w http.ResponseWriter, etag strin
 			return true
 		}
 	}
-	AddCacheControlToHeader(w.Header(), setting.StaticCacheTime)
+	SetCacheControlInHeader(w.Header(), setting.StaticCacheTime)
 	return false
 }
 
@@ -125,6 +125,6 @@ func HandleGenericETagTimeCache(req *http.Request, w http.ResponseWriter, etag s
 			}
 		}
 	}
-	AddCacheControlToHeader(w.Header(), setting.StaticCacheTime)
+	SetCacheControlInHeader(w.Header(), setting.StaticCacheTime)
 	return false
 }

routers/install/routes.go

@@ -64,7 +64,7 @@ func installRecovery(ctx goctx.Context) func(next http.Handler) http.Handler {
 						"SignedUserName": "",
 					}
 
-					httpcache.AddCacheControlToHeader(w.Header(), 0, "no-transform")
+					httpcache.SetCacheControlInHeader(w.Header(), 0, "no-transform")
 					w.Header().Set(`X-Frame-Options`, setting.CORSConfig.XFrameOptions)
 
 					if !setting.IsProd {

routers/web/base.go

@@ -159,7 +159,7 @@ func Recovery(ctx goctx.Context) func(next http.Handler) http.Handler {
 						store["SignedUserName"] = ""
 					}
 
-					httpcache.AddCacheControlToHeader(w.Header(), 0, "no-transform")
+					httpcache.SetCacheControlInHeader(w.Header(), 0, "no-transform")
 					w.Header().Set(`X-Frame-Options`, setting.CORSConfig.XFrameOptions)
 
 					if !setting.IsProd {

routers/web/user/avatar.go

@@ -17,7 +17,7 @@ func cacheableRedirect(ctx *context.Context, location string) {
 	// here we should not use `setting.StaticCacheTime`, it is pretty long (default: 6 hours)
 	// we must make sure the redirection cache time is short enough, otherwise a user won't see the updated avatar in 6 hours
 	// it's OK to make the cache time short, it is only a redirection, and doesn't cost much to make a new request
-	httpcache.AddCacheControlToHeader(ctx.Resp.Header(), 5*time.Minute)
+	httpcache.SetCacheControlInHeader(ctx.Resp.Header(), 5*time.Minute)
 	ctx.Redirect(location)
 }