|Subject:||Re: Cookie problem with proxy cache|
|From:||Gabriel Ramuglia (ga...@vtunnel.com)|
|Date:||Nov 17, 2009 10:56:55 am|
This would be true except that a lot of times cookies are set automatically even for guest users, as a session cookie. Oftentimes, this session cookie will not change what you're seeing at the site.
And then, of course, cookies will be sent even when trying to access things like images, css, js files, which will not be changing regardless of the cookie sent. So vary-cookie makes sense to me. I guess if I were caching software, I would just decide not to cache anything when it said vary-cookie, and would then ignore the cookies otherwise, and cache anyway, even if there were cookies. That seems to make the most sense to me.
2009/11/17 Jérôme Loyet <jer...@loyet.net>:
2009/11/17 Emanuele Pucciarelli <lis...@ruby-forum.com>:
Ole Laursen wrote:
I've fixed the problem by adding a proxy_pass_header Set-Cookie. But I guess the root of the problem is that nginx thinks it can cache the page in spite of the "Vary: cookie" header. Isn't this a bug?
I'm wondering too how to use proxy_cache correctly. I've added "proxy_set_header Cookie $http_cookie;" and I have also made sure that $http_cookie is part of the proxy_cache_key, or nginx would return cached pages (meant for a specific user who had previously logged in) for any request.
I guess that I'd like NOT to cache any responses whose request included a Cookie: header, but proxy_cache cannot work in a conditional section, and I guess that there's a good reason for that.
I'd truly appreciate guidance on this subject.
Cookies are a way to generate dynamic pages in function of user action. Cache does take into account users, it does not know them. Both are incompatible (in most cases).
The first time you're visiting a website, you arrive without any cookies (you're anonymous). It says it has never seen you before. In addition to the response, the webserver send you back a cookie saying ("today at 7:04").
The second time you're visiting this website, you're sending the cookie and it says it saw you "today at 7:04". In addition to the response, the webserver send you an update of the cookie saying ("today at 7:05") ...
But if in front of the webserver you're using cache, the first time it'll fetch the page saying you're anonymous. The second time, it will send you the page from cache saying you're anonymous even if it's false.
You can imagine how it can be with multiple users at the same time.
Cache mechanisms ignore cookies (an incoming cookie is not sent to the backend server and a cookie from a backend user is not sent back to the final user) because it doesn't know how to deal with them.
Even if it can deal with them (page A with cookie A is cached as file C1 and page A with cookie B is cached as file C2). In this case cache is totally useless because each couple PAGE/COOKIE is unique and there is almost nothing to gain here.
Hope this helps.
-- Posted via http://www.ruby-forum.com/.