The problem now is that the browsers (IE and Mozilla at least) don't seem to differentiate requests based on cookies. I have tested requesting a page with a certain cookie (where the page has a sufficient expiration to warrant being cached for the duration of the test), and then changing the cookie, and re-requesting the same page as before. The cookie is different, but the browsers still seem to use their local cached copy of the page. So, I am currently thinking that the solution to this is to use a combination of cookies and URL parameters to make the requests look different.
Rather just use URL parameters. As I recall RFC2616 does not consider a request with a different cookie a different variant, so even if you patch your server to allow it to differentiate between cookies, neither the browsers nor the transparent proxies in the path of the request will do what you want them to do :(
Regards, Graham --