Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision | Next revision Both sides next revision | ||
litespeed_wiki:cache:common:logged-in-cookie-conflicts [2017/06/01 18:23] Lisa Clarke [The Solution] |
litespeed_wiki:cache:common:logged-in-cookie-conflicts [2017/10/18 19:57] Lisa Clarke [The Problem] |
||
---|---|---|---|
Line 9: | Line 9: | ||
As far as the browser is concerned, both the blog and the forum are //the same website// because the forum is actually a subdirectory of the blog. When the browser visits either one of those addresses, it will use the cookies for ''<nowiki>www.example.com/</nowiki>''. Even though the forum is an entirely separate application, to the browser it looks simply like a part of the blog. | As far as the browser is concerned, both the blog and the forum are //the same website// because the forum is actually a subdirectory of the blog. When the browser visits either one of those addresses, it will use the cookies for ''<nowiki>www.example.com/</nowiki>''. Even though the forum is an entirely separate application, to the browser it looks simply like a part of the blog. | ||
- | Here's how this situation presents itself: A user logs into WordPress, and the ''_lscache_vary'' cookie is set to indicate that they are logged in. This same user then visits XenForo as a non-logged-in user and hits the backend. Since the user is not logged in, LSCache caches the request, but the logged-in ''_lscache_vary'' cookie is still set. This causes future users logged-in to XenForo to get a "cache hit" on this page and be served the non-logged-in version of the page. | + | Here's how this situation presents itself: A user logs into WordPress, and the ''_lscache_vary'' cookie is set to indicate that they are logged in. This same user then visits XenForo as a non-logged-in user and hits the backend. LSCache caches the non-logged-in request, but the logged-in ''_lscache_vary'' cookie is still set. This causes future users logged-in to XenForo to get a "cache hit" on this page and be served the non-logged-in version of the page. |
===== The Solution ===== | ===== The Solution ===== |