CACHE_MIDDLEWARE_ANONYMOUS_ONLY kills anonymous caching efficiency
|Reported by:||Carl Meyer||Owned by:||nobody|
|Component:||Core (Cache system)||Version:||master|
|Severity:||Keywords:||session accessed vary cookie|
|Has patch:||yes||Needs documentation:||no|
|Needs tests:||no||Patch needs improvement:||yes|
The Django documention recommends CACHE_MIDDLEWARE_ANONYMOUS_ONLY as "a simple and effective way of disabling caching for any user-specific pages (include Django's admin interface)." While this is strictly true, it glosses over a significant problem with using CACHE_MIDDLEWARE_ANONYMOUS_ONLY: it causes FetchFromCacheMiddleware to check request.user, which accesses the session, which causes SessionMiddleware to set Vary: Cookie, which means that anonymous pages are cached with a session-specific key, which pretty much destroys the efficiency of caching those pages. (Bugs causing similar behavior have been fixed previously: #3586 and #6552).