[Zope] RE: zope/style sheets

Sam Gendler sgendler@impossible.com
Wed, 02 Feb 2000 15:00:30 -0800 

J C Lawrence wrote:

> On Wed, 02 Feb 2000 11:33:36 -0800
> Sam Gendler <sgendler@impossible.com> wrote:
>
> > I would like to warn the community about serving multiple pages up
> > based on the exact same request url (which is what the code below
> > can contribute to).
>
> This doesn't make sense to me on account of cookies.  Many sites out
> there have the content of their pages dynamic on the presence of a
> specific cookie, without varying the base URL at all.
>

If you read the spec for state management in HTTP using cookies, it specifically
states that it is the responsibility of the content author to ensure that
content that is served based on the value of a cookie is marked with
cacheability headers correctly.

Responses that include a Set-Cookie header are inherently uncacheable, but all
objects that have a cookie in the request are to be considered cacheable unless
told otherwise.  Obviously, you can set a Varies: Cookie response header, but
that becomes something of a pain in the ass, especially since most caches ignore
it.

This is very important, since all graphics and other static content will also
have a cookie sent in the request, even though they are totally static.  There
were enough sites that abused this concept, that most caches have developed the
same startegy for dealing with cookies.  Most caches will cache all binary
objects that are received for requests with a cookie (all content-types that
don't start with 'text/').  All objects that are text are automatically not
cached if there is a cookie in the request.  Most of the cache vendors did this
in response to my.yahoo, which had a tendency to serve the same my.yahoo page to
all users once a singl person had logged in that day (it got cached).  To the
best of my knowledge, they still do this, despite numerous complaints.  They are
explicitly ignoring the cookie spec, and costing the rest of the world a lot of
bandwidth in objects that could have beenm cached, but which are not.

By the way, I have only ever seen one site that served different _binary_
objects based on a cookie (the graphics were different on a page).  It was a
Phish fan club site.  I know others exist, but they are dooing a bad thing and
should shape up their act!

</rant>

--sam


>
> --
> J C Lawrence                                 Home: claw@kanga.nu
> ----------(*)                              Other: coder@kanga.nu
> --=| A man is as sane as he is dangerous to his environment |=--

--
Sam Gendler
Chief Technology Officer - Impossible, Inc.
1222 State St. Suite 250
Santa Barbara CA. 93101
w: 805-560-0508
f: 805-560-0608
c: 805-689-1191
e: sgendler@impossible.com