* Fix regression in cachability of generated CSS and JS for MonoBook skin,

  while avoiding clobbering of different users' cached data

Added a "Vary: Accept-Encoding, Cookie" a few weeks ago on generated CSS/JS
files to prevent different users' styles from clobbering each other in
caches. Unfortunately browsers don't seem to handle Vary well, and this
caused a lot of extra hits due to poor caching.

This is now removed, replaced with an explicit "Cache-Control: private"
or "Cache-Control: public" depending on the presence of an open session
cookie or logged-in state. This should restore the friendly caching
behavior while ensuring that no users' generated data will clobber
anyone else's.

To additionally ensure that public cached CSS doesn't clobber the
private bits, smaxage=0 is set on the URL used for logged-in views,
as already done for JS.

diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index e43f293..af5b610 100644 (file)
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -226,6 +226,8 @@ it from source control: http://www.mediawiki.org/wiki/Download_from_SVN
   to display the old format for compatibility.
 * (bug 7357) Make supposedly static methods of Skin actually static
 * Added info text to Special:Deadendpages and Special:Lonelypages
+* Fix regression in cachability of generated CSS and JS for MonoBook skin,
+  while avoiding clobbering of different users' cached data
 
 
 == Languages updated ==

diff --git a/includes/RawPage.php b/includes/RawPage.php
index 1a6d6ef..a0b7688 100644 (file)
--- a/includes/RawPage.php
+++ b/includes/RawPage.php
@@ -22,6 +22,7 @@ class RawPage {
 
        function RawPage( &$article, $request = false ) {
                global $wgRequest, $wgInputEncoding, $wgSquidMaxage, $wgJsMimeType;
+               global $wgUser;
 
                $allowedCTypes = array('text/x-wiki', $wgJsMimeType, 'text/css', 'application/x-zope-edit');
                $this->mArticle =& $article;
@@ -81,6 +82,12 @@ class RawPage {
                $this->mCharset = $wgInputEncoding;
                $this->mSmaxage = intval( $smaxage );
                $this->mMaxage = $maxage;
+               
+               // Output may contain user-specific data; vary for open sessions
+               $this->mPrivateCache = ( $this->mSmaxage == 0 ) ||
+                       ( isset( $_COOKIE[ini_get( 'session.name' )] ) ||
+                       $wgUser->isLoggedIn() );
+               
                if ( $ctype == '' or ! in_array( $ctype, $allowedCTypes ) ) {
                        $this->mContentType = 'text/x-wiki';
                } else {
@@ -128,7 +135,8 @@ class RawPage {
 
                header( "Content-type: ".$this->mContentType.'; charset='.$this->mCharset );
                # allow the client to cache this for 24 hours
-               header( 'Cache-Control: s-maxage='.$this->mSmaxage.', max-age='.$this->mMaxage );
+               $mode = $this->mPrivateCache ? 'private' : 'public';
+               header( 'Cache-Control: '.$mode.', s-maxage='.$this->mSmaxage.', max-age='.$this->mMaxage );
                echo $this->getRawText();
                $wgOut->disable();
        }
@@ -136,8 +144,6 @@ class RawPage {
        function getRawText() {
                global $wgUser, $wgOut, $wgRequest;
                if($this->mGen) {
-                       // May contain user-specific data; vary for open sessions
-                       $wgRequest->response()->header( 'Vary: Accept-Encoding, Cookie' );
                        $sk = $wgUser->getSkin();
                        $sk->initPage($wgOut);
                        if($this->mGen == 'css') {

diff --git a/includes/SkinTemplate.php b/includes/SkinTemplate.php
index eb5d4d7..c796cc7 100644 (file)
--- a/includes/SkinTemplate.php
+++ b/includes/SkinTemplate.php
@@ -909,6 +909,11 @@ class SkinTemplate extends Skin {
                $sitecss = '';
                $usercss = '';
                $siteargs = '&maxage=' . $wgSquidMaxage;
+               if( $this->loggedin ) {
+                       // Ensure that logged-in users' generated CSS isn't clobbered
+                       // by anons' publicly cacheable generated CSS.
+                       $siteargs .= '&smaxage=0';
+               }
 
                # Add user-specific code if this is a user and we allow that kind of thing