On 1 Jul 2009, at 22:39, Owen Winkler wrote:
> Geoffrey Sneddon wrote: >> >> Now, the problem is how we avoid these cache control headers being >> sent. We don't actually send these ourselves, but they are actually >> sent by PHP's session extension upon calling session_start() (there >> are config options, session.cache_limiter and session.cache_expire, >> that alter what is sent). What we want to do is allow pages to be >> cached for a certain time (maybe 30 minutes, maybe less?) for non- >> authenticated users, and forbid caching for logged in users. As what >> gets returned for certain URLs varies upon the Cookie sent, we need >> to >> vary on the Cookie header. (We actually need this already, but >> because >> caching is not allowed, this isn't ever a problem.) If we vary on the >> Cookie header, we need all anon users to send the same Cookie header, >> to which the obvious solution, I think, is to not send cookies to >> anon >> users. > > This will preclude the ability for anonymous users to be associated to > session data. Posted form results may eventually become (if they're > not > already) inseparable from the necessity of a user to maintain a > session. For some forms, this is already the case. > Should a user not have a session (erg cookie) assigned until it must > be? IMHO yes (for reasons of cachability — this is what I meant to say in my original post, and was the main part of what I tried to implement). > Is this possible? Theoretically this should be, but from my brief time trying to implement this, it is not going to be easy to implement. > Is it helpful for caching? Yes, we just need to maximise cache validity (i.e., making a cache file valid for as many users as possible, and not having submitted forms will be the majority). -- Geoffrey Sneddon <http://gsnedders.com/> --~--~---------~--~----~------------~-------~--~----~ To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/habari-dev -~----------~----~----~----~------~----~------~--~---
