On Wed, 20 Oct 2004, Primoz wrote:
Having cca 70% requests served to anonymous users (which all return same for same URL) and 30% requests served to a class of users identified by a presence of one or two cookies
Generally it is not adviseable to provide public and restricted information on the same URL, but if you absolutely must do this see RFC 2616 14.44 Vary. While you study this I would also recommend to include a Cache-Control: no-store on the personal pages..
Remember that Vary needs to be returned even when there is no cookie.
Regards Henrik
