Hi, I realised that in google's interface, this post is buried several pages down, so I'm reposting it as a new thread.
Luke -----------Begin forwarded message:--------- Date: Fri, 4 Nov 2005 01:07:45 +0000 From: Luke Plant <[EMAIL PROTECTED]> To: django-developers@googlegroups.com Subject: Re: reworked cache management Hi Hugo, everyone, Sorry for the reply to such an old e-mail - I dug it out after coming across problems while developing my own middleware. > They can have allmost any order you like, but you have to make sure > that the cache middleware is after all middlwares that might change > content depending on headers - for example the SessionMiddleware needs > to come first. I would put them in in the following order: > > CommonMiddleware (handles the / and stuff and so does redirects) > SessionMiddleware > CacheMiddleware > ConditionalGetMiddleware > GZipMiddleware > > That way the / handling (redirecting to the / URL if the / is missing) > is done first - it's redirecting and so doesn't need any of the other > middlewares. Session are handled early on, because some other > middleware or the view might depend on it - I think that one should go > in as early as possible (for example the i18n middleware will make use > of sessions if the middleware is loaded after the SessionMiddleware). > > Then the caching takes place. I moved the ConditionalGetMiddleware > after it, because it depends on headers set in the CacheMiddleware - > and using it before the CacheMiddleware will lead to problems, as > those headers might not be set. The first thing is that response middleware is done in the inverse order to request and view middleware (though this is not documented). The SessionMiddleware patches the 'Vary' header as part of process_response(), so with the order given above, the CacheMiddleware process_response() never sees the fact that it should vary on cookie, and gets the caching wrong (I think I've seen this behaviour experimentally, but checking these things can be a bit tricky!). The documentation here: http://www.djangoproject.com/documentation/cache/#the-per-site-cache says this: > Put the CacheMiddleware after any middlewares that might add something > to the Vary header. The following middlewares do so: > SessionMiddleware adds Cookie > GZipMiddleware adds Accept-Encoding which means the order ought to be something like: "django.middleware.common.CommonMiddleware", "django.middleware.cache.CacheMiddleware", "django.middleware.gzip.GZipMiddleware", "django.middleware.sessions.SessionMiddleware", Am I missing something? This makes quite a big difference, since you could end up serving private data to the wrong person if you get it wrong. Cheers, Luke -- "In my opinion, we don't devote nearly enough scientific research to finding a cure for jerks." (Calvin and Hobbes) Luke Plant || L.Plant.98 (at) cantab.net || http://lukeplant.me.uk/
