id	summary	reporter	owner	description	type	status	component	version	severity	resolution	keywords	cc	stage	has_patch	needs_docs	needs_tests	needs_better_patch	easy	ui_ux
6552	"django.core.context_processors.auth causes ""Vary: Cookie"" header no matter what"	olau@…	Luke Plant	"The session framework is pretty cool in that it will automatically add a ""Vary: Cookie"" header to responses but only if it is accessed.

Unfortunately this is completely defeated when you add ""django.core.context_processors.auth"" as a context processor because it will always access the session object to get the user object out. Which wouldn't be a huge problem if it weren't for the fact that you need this context processor for admin to work. So I can either have wicked cool caching or I can have the admin.

I think that either the context processor should be rewritten to retrieve the attributes lazily, or admin should be rewritten to rely on the request context processor (using ""request.user"" instead of ""user"", etc.). Or something like that. If admin has it own view functions, I don't see why it would even need to rely on a context processor. What do you think?"	Bug	closed	contrib.auth	dev	Normal	fixed		suor@… django@… lpiatek	Accepted	1	1	0	0	0	0