Re: [Django] #17313: Cache FetchMiddleware checks cache for auth despite UNAUTH_ONLY=True

2011-12-01 Thread Django 
#17313: Cache FetchMiddleware checks cache for auth despite UNAUTH_ONLY=True
-+-
 Reporter:  subsume  |Owner:  nobody
 Type:  Bug  |   Status:  closed
Component:  Core (Cache system)  |  Version:
 Severity:  Normal   |   Resolution:  invalid
 Keywords:   | Triage Stage:
Has patch:  0|  Unreviewed
  Needs tests:  0|  Needs documentation:  0
Easy pickings:  0|  Patch needs improvement:  0
 |UI/UX:  0
-+-

Comment (by subsume):

 The problem I illustrate above is entirely on the Fetch side.

-- 
Ticket URL: 
Django 
The Web framework for perfectionists with deadlines.

-- 
You received this message because you are subscribed to the Google Groups 
"Django updates" group.
To post to this group, send email to django-updates@googlegroups.com.
To unsubscribe from this group, send email to 
django-updates+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-updates?hl=en.

Re: [Django] #17313: Cache FetchMiddleware checks cache for auth despite UNAUTH_ONLY=True

2011-11-30 Thread Django 
#17313: Cache FetchMiddleware checks cache for auth despite UNAUTH_ONLY=True
-+-
 Reporter:  subsume  |Owner:  nobody
 Type:  Bug  |   Status:  closed
Component:  Core (Cache system)  |  Version:
 Severity:  Normal   |   Resolution:  invalid
 Keywords:   | Triage Stage:
Has patch:  0|  Unreviewed
  Needs tests:  0|  Needs documentation:  0
Easy pickings:  0|  Patch needs improvement:  0
 |UI/UX:  0
-+-
Changes (by ptone):

 * status:  new => closed
 * resolution:   => invalid


Comment:

 I believe the setting you are referring to is:
 CACHE_MIDDLEWARE_ANONYMOUS_ONLY

 If a the content and associated key does not involve any user specific
 data, then it can be cached as if that user were an anonymous user. The
 logic for this is actually in
 {{{UpdateCacheMiddleware._should_update_cache}}}

 see discussion and fix associated with: #13283

 also note: #15201

-- 
Ticket URL: 
Django 
The Web framework for perfectionists with deadlines.

-- 
You received this message because you are subscribed to the Google Groups 
"Django updates" group.
To post to this group, send email to django-updates@googlegroups.com.
To unsubscribe from this group, send email to 
django-updates+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-updates?hl=en.

Re: [Django] #17313: Cache FetchMiddleware checks cache for auth despite UNAUTH_ONLY=True

2011-11-30 Thread Django 
#17313: Cache FetchMiddleware checks cache for auth despite UNAUTH_ONLY=True
-+-
 Reporter:  subsume  |Owner:  nobody
 Type:  Bug  |   Status:  new
Component:  Core (Cache system)  |  Version:
 Severity:  Normal   |   Resolution:
 Keywords:   | Triage Stage:
Has patch:  0|  Unreviewed
  Needs tests:  0|  Needs documentation:  0
Easy pickings:  0|  Patch needs improvement:  0
 |UI/UX:  0
-+-
Changes (by subsume):

 * cc: subsume@… (added)
 * needs_better_patch:   => 0
 * needs_tests:   => 0
 * needs_docs:   => 0


-- 
Ticket URL: 
Django 
The Web framework for perfectionists with deadlines.

-- 
You received this message because you are subscribed to the Google Groups 
"Django updates" group.
To post to this group, send email to django-updates@googlegroups.com.
To unsubscribe from this group, send email to 
django-updates+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-updates?hl=en.

[Django] #17313: Cache FetchMiddleware checks cache for auth despite UNAUTH_ONLY=True

2011-11-29 Thread Django 
#17313: Cache FetchMiddleware checks cache for auth despite UNAUTH_ONLY=True
-+
 Reporter:  subsume  |  Owner:  nobody
 Type:  Bug  | Status:  new
Component:  Core (Cache system)  |Version:
 Severity:  Normal   |   Keywords:
 Triage Stage:  Unreviewed   |  Has patch:  0
Easy pickings:  0|  UI/UX:  0
-+
 
https://code.djangoproject.com/browser/django/trunk/django/middleware/cache.py#L133

 The Fetch middleware makes no explicit check of its own to
 settings.CACHE_MIDDLEWARE_UNAUTHENTICATED_ONLY. This results in a check to
 the cache for the key. Currently, the only way it happens to work is
 because the key created by django.utils.cache.get_cache_key happens to
 cause a miss. If you use a simpler key which doesn't take into account the
 users session, the key will not miss and authenticated users will get a
 cached version despite the rather unambiguous setting.

 Related to #17305 in the sense that this is another stumbling block for
 people wanting to customize the Cache Middlewares.

-- 
Ticket URL: 
Django 
The Web framework for perfectionists with deadlines.

-- 
You received this message because you are subscribed to the Google Groups 
"Django updates" group.
To post to this group, send email to django-updates@googlegroups.com.
To unsubscribe from this group, send email to 
django-updates+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-updates?hl=en.