I'm not
sure if the Wikipedia cookie is
being treated as authentication for the purposes of this definition, but if it is,
caching
the site-wide CSS or JS seems unlikely to hurt (since it really is "public") -
but
obviously caching the user-specific CSS or JS would be bad.
Why? User-specific CSS and JS is still public.
That's true - I had assumed it was private (not that I've ever put anything there
that I
particularly cared about being private) - but you're correct, it's not ... which
in turn
raises another question:
-------------------------------------------------------------------
root@bling:/var/www/hosts/mediawiki/wiki/skins# curl --silent --include --head
"http://en.wikipedia.org/w/index.php?title=User:Nickj/monobook.js&action=raw&ctype=text/javascript"
HTTP/1.0 200 OK
Date: Wed, 07 Feb 2007 06:17:28 GMT
Server: Apache
X-Powered-By: PHP/5.1.2
Cache-Control: private, s-maxage=0, max-age=2678400
Last-Modified: Wed, 31 Jan 2007 05:56:29 GMT
Content-Type: text/javascript; charset=utf-8
X-Cache: MISS from
sq16.wikimedia.org
X-Cache-Lookup: MISS from sq16.wikimedia.org:80
Via: 1.0 sq16.wikimedia.org:80 (squid/2.6.STABLE9)
Connection: close
root@bling:/var/www/hosts/mediawiki/wiki/skins# curl --silent --include --head
"http://en.wikipedia.org/w/index.php?title=User:Nickj/monobook.js&action=raw&ctype=text/javascript"
[ ... snip 3 more tests and responses from servers that's aren't
sq16.wikimedia.org ... ]
root@bling:/var/www/hosts/mediawiki/wiki/skins# curl --silent --include --head
"http://en.wikipedia.org/w/index.php?title=User:Nickj/monobook.js&action=raw&ctype=text/javascript"
HTTP/1.0 200 OK
Date: Wed, 07 Feb 2007 06:17:41 GMT
Server: Apache
X-Powered-By: PHP/5.1.2
Cache-Control: private, s-maxage=0, max-age=2678400
Last-Modified: Wed, 31 Jan 2007 05:56:29 GMT
Content-Type: text/javascript; charset=utf-8
X-Cache: MISS from
sq16.wikimedia.org
X-Cache-Lookup: MISS from sq16.wikimedia.org:80
Via: 1.0 sq16.wikimedia.org:80 (squid/2.6.STABLE9)
Connection: close
-------------------------------------------------------------------
So, the question is:
Why is the cache-control line for raw custom JS and CSS marked as "private" ?
"private" directive as:
-------------------------------
private
Indicates that all or part of the response message is intended for a single user and
MUST NOT
be cached by a shared cache. This allows an origin server to state that the specified
parts
of the response are intended for only one user and are not a valid response for
requests by
other users. A private (non-shared) cache MAY cache the response.
-------------------------------
So, if the web page is public anyway, and people *do* use other people's custom CSS
& JS (as I'm
doing), why mark it as private when action=raw, and thus defeat shared caching?
All the best,
Nick.