Hi all.
I'm using custom session-based Authentication Policy, and sessions are using default UnencryptedCookieSessionFactory in my Pyramid 1.2 app.
For certain views I'd like to block (re)sending of Set-Cookie header because the results are cached by the web server (nginx) in which I _have_ configured to ignore Set-Cookie headers via uwsgi_hide_header and uwsgi_ignore_header (obviously, I'm using uwsgi).
Testing is showing that indeed, accessing URLs configured to be cached by the webserver results with responses without Set-Cookie headers, on first access or subsequent cached ones.
But nginx stores the cache file with upstream response intact, meaning that Set-Cookie is present in the cache file. I suppose nginx then processes (removes) those headers on each request.
While all this works so far as expected, the presence of Set-Cookie in the cache file is making me very nervous, so I'd like to completely remove that header for those views that should be cached within my Pyramid app so it never reaches downstream webserver, but I am not sure where or how to do that. I don't want to SET an empty cookie with the same name, just omit setting any cookie by the UnencryptedCookieSession handlers, for some views.
Thanks. -- .oO V Oo. -- You received this message because you are subscribed to the Google Groups "pylons-discuss" group. To post to this group, send email to pylons-discuss@googlegroups.com. To unsubscribe from this group, send email to pylons-discuss+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/pylons-discuss?hl=en.
