From 365137e704a155846b964bab08b356db466ba72c Mon Sep 17 00:00:00 2001
From: csteipp <csteipp@wikimedia.org>
Date: Wed, 25 Sep 2013 15:42:02 -0700
Subject: [PATCH] Vary on forceHTTPS cookie

Varnish seems to be returning the cached version of pages for users
after they have logged in over https, but access an http page. This
seems to occure because only the forceHTTPS cookie is sent on the
request, but varnish doesn't vary the cache based on that cookie.

Bug: 54513
Change-Id: Ia97ed80622191669ee5ca37af809d307bbdb61ae
---
 includes/OutputPage.php | 1 +
 1 file changed, 1 insertion(+)

diff --git a/includes/OutputPage.php b/includes/OutputPage.php
index 1d0c9309a1..e628834981 100644
--- a/includes/OutputPage.php
+++ b/includes/OutputPage.php
@@ -1721,6 +1721,7 @@ class OutputPage extends ContextSource {
 				array(
 					"{$wgCookiePrefix}Token",
 					"{$wgCookiePrefix}LoggedOut",
+					"forceHTTPS",
 					session_name()
 				),
 				$wgCacheVaryCookies
-- 
2.20.1