[Zope-CMF] Re: [Warning] Danger from Zope caching,
especially the CMF Caching Policy Manager
Miles Waller
miles at jamkit.com
Mon Dec 18 07:57:04 EST 2006
Jens Vagelpohl wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
>
> On 17 Dec 2006, at 18:52, Dieter Maurer wrote:
>
>> The description indicates in what direction the CPM should get fixed:
>>
>> * If the response already provides cache control, the CPM should
>> not override it, as it is likely that the specific information
>> available to the response generating process is more trustworthy
>> then the general CPM policies.
>>
>> This is arguable, especially as it changes the current behaviour.
>> Maybe, it should be controlled by an additional configuration
>> option.
>
>
> I don't know if it is possible to have any sane policy about "what to
> do if the response already has caching headers". First of all, when
> should this exception policy trigger? Which headers should tell the CPM
> that someone else already decided on caching? Secondly, what is the
> behavior supposed to be? "Do nothing"? "DWIM"? This obviously needs
> exact specifications and use cases.
At the moment, the CPM fires after rendering, so setting it's own
headers and overwriting any headers set in the template. If it fired
before rendering, then a template would be free to set whatever policy
it wanted.
Is there a special reason why it needs to set the headers after
rendering, rather than before? I can't think of a reason, but then our
policies are about as simple as can be.
Miles
More information about the Zope-CMF
mailing list