Open nickbreen opened 8 years ago
More useful would be to detect the login and set the request's Cache-Control
header to max-age=30
. To reduce cachiness for logged in users.
On login, wordpress uses the wordpress_[hash] cookie to store your authentication details. Its use is limited to the admin console area, /wp-admin/ After login, wordpress sets the wordpress_loggedin[hash] cookie, which indicates when you're logged in, and who you are, for most interface use.
— https://codex.wordpress.org/WordPress_Cookies
So, perhaps we need two headers:
X-WordPress: [hash]:[value]
X-WordPress-Logged-In: [hash]:[value]
That way they can be Vary
'd on and also reconstituted as cookie values if required (assuming :
is an acceptable delimeter)..
Maybe, don't know