tractorcow
commented
10 years ago Hey @jyrkij , if this is failing it could be due to the question being presented not being 'un-cached' for each user.
In the case of the SecurityID used for preventing XSS we inject this value manually into the form for that user; See the commit at https://github.com/tractorcow/silverstripe-dynamiccache/commit/2c6749757c2abf6d6a5ca42189ffce8c11f74a7e for this.
For something like spam protection modules, I really don't see a way that these can be robustly cached, unless you want to attempt to inject the custom data into the form. (maybe you could use MathSpamProtectorField::get_math_question()?). This approach really doesn't work well except for very consistent and trivial cases (such as security ID).
I could add an extension point for you in the cache presentation method if you want to attempt this, but my recommendation is to just not cache any dynamic content at all.
We have mathspamprotection enabled on (UserDefined) forms and this of course fails the first time user tries to go through spam check. Is there any other way to support this than ignoring UserDefinedForms from cache?