https://bugzilla.wikimedia.org/show_bug.cgi?id=31639
Web browser: ---
Bug #: 31639
Summary: MediaWiki should use ETags instead of Last-Modified
and the Logged out cookie hack
Product: MediaWiki
Version: unspecified
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: Unprioritized
Component: General/Unknown
AssignedTo: [email protected]
ReportedBy: [email protected]
Classification: Unclassified
Right now MediaWiki supports browser caching of pages for both logged in and
anonymous users through the Last-Modified header. MediaWiki uses a Loggedout
cookie hack to prevent anons from being served a bad cache from when they were
logged in. However there are a number of problems:
- As a result of the logged out cookie, after you log out, for quite some time
you are served 200 responses instead of proper 304's. In other words, even if
you're capable of viewing a cache and your browser doesn't have a stale user
cache in it you still won't get a cached page back. This means that logging in
and then logging back out will make your wiki viewing potentially slower than
being logged in.
- As another result of the logged out cookie, even though you're an anon, you
continue to bypass squid caches in most configurations and don't get the
advantage of seeing the same efficiently cached pages as all the other anons.
- And to top it off, the logged out cookie hack doesn't solve the issue in the
other direction. You can view a page, get a Last-Modified header back, log in,
go back to the page, and get a 304 that tells your browser to load it's cached
page of you logged out instead of the proper one with your logged in interface.
The only way to fix all these troubles is to drop the Logged out cookie hack
and instead use ETags which include info about the user so that when a user
logs out, logs in, has their talkpage edited (because we want notifications to
be sent), changes ip (if they're an anon and their ip address is being shown in
the header), etc... the ETag's contents will change.
There's an interesting note about ETags. Browsers can send multiple ETags in
their If-None-Match header. As a result a browser can actually have a logged
out version and one (or maybe more) logged in versions of a page in their
cache. If you view a page, log in, view it again, and log back out, when you go
back to the page even though you viewed it with a different ETag and a
different cached page, you could potentially end up getting a 304 because you
still had a cached version for logged out users ;).
--
Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
You are on the CC list for the bug.
_______________________________________________
Wikibugs-l mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
