Johannes Ernst wrote:
I'm trying to understand the purpose of the LoggedOut cookie. I have two problems:
- The comments state that it is in order to assist with caching /
refreshing the right information. However, the cookie is only set (well, can only be set) if the user logs out very explicitly by clicking the log out button. I suspect, many users will not do that, e.g. by quitting the browser or abandoning the current session, leaving that cookie absent or holding the wrong value. How useful can this mechanism be -- but see next question -- if many/most people do not / will not activate it?
It's useful because it cuts down on complaints of the form: "I logged out, but I went to a page and it logged me right back in! But then I tried to edit and it logged me out again!"
- Based on looking at the code, I'm not certain that the caching
behavior implemented with the LoggedOut cookie really works. Also, I don't recall having ever seen a similar mechanism with any other website. Is there any Wikipedia-specific functionality that can only be accomplished with this cookie that somehow I don't see?
MediaWiki tries to let the client cache wiki pages in order to speed things up when clicking around to pages you've already been at; from what I've seen most dynamic sites don't bother with this, so they may not require particular handling of the logut case.
When you revisit a page, the client sends an If-Modified-Since header with the value of the Last-Modified header sent from the server on the previous visit.
The wiki compares this time against: * a global cache invalidation timestamp ($wgCacheEpoch) * the page_touched field for the page; updated on edit and on modification of linked resources that would change rendering * the user_touched field for the user; updated on login, logout, change of preferences, addition to the talk page, clearing of the new talk flag, changes to the watchlist
If the given time postdates all those, then a '304 Not Modified' response is sent; the page doesn't have to be rendered or transferred over the network and it's displayed more quickly to the user.
If the given time is older than any of those, then it means something may have changed that alters how the output should appear; it's re-rendered and HTML gets sent down the wire.
Now, if you log out then the user_touched timestamp isn't exactly applicable; there's no account connected to the session. Setting a cookie is a way to force that, and let the wiki know that a cached page from before the logout should be rerendered.
It doesn't handle the timeout / quit browser case, no, but that doesn't matter too much. It's there to handle the "OMFG I'm still logged in even though I logged out!!!!!!1111eleven" case.
-- brion vibber (brion @ pobox.com)