Actually i've found that the issue lies with the TEMPLATE_CONTEXT_PROCESSORS
django.core.context_processors.auth which does the get_and_delete messages bit .. so i guess that is the proper behavior. Sad to say that although my app can work around that issue (by using a different messages mechanism thus i do not need django.core.context_processors.auth) but "contrib.admin" screams if it is not included. So either this may be a documentation issue to say that "using django.core.context_processors.auth will always insert a Vary: Cookie header" or fix up admin to use the "request.user" instead of "user" directly in the Context and then require "django.core.context_processors.request" to always be included ... bo --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django developers" group. To post to this group, send email to django-developers@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-developers?hl=en -~----------~----~----~----~------~----~------~--~---
