From: csteipp <csteipp@wikimedia.org>
Date: Wed, 25 Sep 2013 22:42:02 +0000 (-0700)
Subject: Vary on forceHTTPS cookie
X-Git-Tag: 1.31.0-rc.0~18684^2
X-Git-Url: http://git.cyclocoop.org/%7B%24admin_url%7Dmes_infos.php?a=commitdiff_plain;h=365137e704a155846b964bab08b356db466ba72c;p=lhc%2Fweb%2Fwiklou.git

Vary on forceHTTPS cookie

Varnish seems to be returning the cached version of pages for users
after they have logged in over https, but access an http page. This
seems to occure because only the forceHTTPS cookie is sent on the
request, but varnish doesn't vary the cache based on that cookie.

Bug: 54513
Change-Id: Ia97ed80622191669ee5ca37af809d307bbdb61ae
---

diff --git a/includes/OutputPage.php b/includes/OutputPage.php
index 1d0c9309a1..e628834981 100644
--- a/includes/OutputPage.php
+++ b/includes/OutputPage.php
@@ -1721,6 +1721,7 @@ class OutputPage extends ContextSource {
 				array(
 					"{$wgCookiePrefix}Token",
 					"{$wgCookiePrefix}LoggedOut",
+					"forceHTTPS",
 					session_name()
 				),
 				$wgCacheVaryCookies