On Jan 7, 2017 11:41 PM, "Jeff Willette" wrote:
the specific case I am talking about deals with google analytics cookies,
which are different for every user and sent with the request. When
accessing request.user, I really only care about sessionid and csrftoken,
if present. So sending a vary by c
the specific case I am talking about deals with google analytics cookies,
which are different for every user and sent with the request. When
accessing request.user, I really only care about sessionid and csrftoken,
if present. So sending a vary by cookie header back will cause all the
unauthed/
On 01/07/2017 03:25 AM, Florian Apolloner wrote:
> On Saturday, January 7, 2017 at 3:50:56 AM UTC+1, Jeff Willette wrote:
>
> What if there was an optional middleware early in the request
> processing that matched cookies based on a regex in settings and
> then modified the header to o
On 01/06/2017 11:26 PM, Jeff Willette wrote:
> Wy would this not help the efficiency of the downstream caches? Is it
> because the request has already passed through them with the cookies
> intact? and when it comes back through the response they have no way to
> know they have been stripped?
That
Hi Jeff,
On Saturday, January 7, 2017 at 3:50:56 AM UTC+1, Jeff Willette wrote:
>
> What if there was an optional middleware early in the request processing
> that matched cookies based on a regex in settings and then modified the
> header to only include the matched cookies?
>
I do not see ho
Carl, thanks for the reply.
Wy would this not help the efficiency of the downstream caches? Is it
because the request has already passed through them with the cookies
intact? and when it comes back through the response they have no way to
know they have been stripped?
On Saturday, January 7,
Hi Jeff,
On 01/06/2017 06:21 PM, Jeff Willette wrote:
> I understand that calling is_authenticated on a user will require the
> session to be accessed and the vary by cookie header to be in the
> response, but if I understand how caching systems work then this will
> cause all cookies in the reque
I recently proposed a bad fix (https://code.djangoproject.com/ticket/27686) but
I think the problem still remains and I might have a way arpund it.
I understand that calling is_authenticated on a user will require the session
to be accessed and the vary by cookie header to be in the response, bu
