Johannes Ernst wrote:
I'm trying to understand the purpose of the
LoggedOut cookie. I have
two problems:
1) The comments state that it is in order to assist with caching /
refreshing the right information. However, the cookie is only set
(well, can only be set) if the user logs out very explicitly by
clicking the log out button. I suspect, many users will not do that,
e.g. by quitting the browser or abandoning the current session, leaving
that cookie absent or holding the wrong value. How useful can this
mechanism be -- but see next question -- if many/most people do not /
will not activate it?
It's useful because it cuts down on complaints of the form:
"I logged out, but I went to a page and it logged me right back in! But
then I tried to edit and it logged me out again!"
2) Based on looking at the code, I'm not certain
that the caching
behavior implemented with the LoggedOut cookie really works. Also, I
don't recall having ever seen a similar mechanism with any other
website. Is there any Wikipedia-specific functionality that can only be
accomplished with this cookie that somehow I don't see?
MediaWiki tries to let the client cache wiki pages in order to speed
things up when clicking around to pages you've already been at; from
what I've seen most dynamic sites don't bother with this, so they may
not require particular handling of the logut case.
When you revisit a page, the client sends an If-Modified-Since header
with the value of the Last-Modified header sent from the server on the
previous visit.
The wiki compares this time against:
* a global cache invalidation timestamp ($wgCacheEpoch)
* the page_touched field for the page; updated on edit and on
modification of linked resources that would change rendering
* the user_touched field for the user; updated on login, logout, change
of preferences, addition to the talk page, clearing of the new talk
flag, changes to the watchlist
If the given time postdates all those, then a '304 Not Modified'
response is sent; the page doesn't have to be rendered or transferred
over the network and it's displayed more quickly to the user.
If the given time is older than any of those, then it means something
may have changed that alters how the output should appear; it's
re-rendered and HTML gets sent down the wire.
Now, if you log out then the user_touched timestamp isn't exactly
applicable; there's no account connected to the session. Setting a
cookie is a way to force that, and let the wiki know that a cached page
from before the logout should be rerendered.
It doesn't handle the timeout / quit browser case, no, but that doesn't
matter too much. It's there to handle the "OMFG I'm still logged in even
though I logged out!!!!!!1111eleven" case.
-- brion vibber (brion @
pobox.com)