Hoi, Would it be possible to have a cookie with the language of the User Interface .. and leave that one as well ? Thanks, GerardM
On Jan 13, 2008 4:19 PM, Rotem Liss rotemliss_net@fastmail.fm wrote:
tstarling@svn.wikimedia.org wrote:
Revision: 29682 Author: tstarling Date: 2008-01-13 03:47:07 +0000 (Sun, 13 Jan 2008)
Log Message:
Revert r29671, it was based on a misunderstanding of the purpose of the
LoggedOut cookie. The LoggedOut cookie is there to suppress the client-side cache, not the server-side cache. It prevents privately cached logged-in pages from being displayed after the user logs out. Feel free to special-case it in squid if you're worried about the server-side cache hit ratio, but note that IMS requests would need special handling.
- Credential data in the session is destroyed, so the session is
harmless. But it is still useful for abuse tracking (logout/login sequences) and similar analysis.
- Not much point in removing the username persistence feature if you
can't improve the squid cache hit ratio, which was obviously your goal.
Users may want to prevent their user name from appearing in the login box (or in a cookie, anyway), in public places or anywhere. The UserName cookie should be deleted when logging out. I think the LoggedOut cookie and the session are harmless, though.
Wikitech-l mailing list Wikitech-l@lists.wikimedia.org http://lists.wikimedia.org/mailman/listinfo/wikitech-l