Skip to content

Restrict Content: Add caching warning notice #465

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
n7studios merged 3 commits into from
May 4, 2023
Merged

Restrict Content: Add caching warning notice #465

n7studios merged 3 commits into from
May 4, 2023

Conversation

@n7studios
Copy link
Contributor

@n7studios n7studios commented May 3, 2023
edited
Loading

Summary

Adds a notice to the Member Content settings screen at Settings > ConvertKit > Member Content (beta), advising that any server side or plugin level caching system must be configured to disable caching when the ck_subscriber_id cookie is present.

Screenshot 2023-05-04 at 12 55 42

Whilst we forcibly exclude caching by appending a query parameter as part of the authentication flow, two scenarios still exist where cached (incorrect) content can be served by the server or a third party caching plugin:

  1. If a subscriber subsequently leaves the WordPress Page, and then accesses it days later (e.g. through a link on the web site, perhaps in the site navigation menu, which will not include a query parameter)
  2. A different visitor accesses the same page; some caching plugins may take the member content output from an authenticated subscriber, cache it, and therefore serve it to all visitors.

Most third party caching plugins provide a setting to disable caching when a cookie is present - for example, but not limited to:

W3 Total Cache

Screenshot 2023-05-03 at 14 52 34

WP Fastest Cache

Screenshot 2023-05-03 at 14 52 57

WP Super Cache

Screenshot 2023-05-03 at 14 53 21

It may be possible to automatically add this exclusion rule to third party caching plugins from the ConvertKit Plugin, but given the range of caching solutions available, we can't cover every single one, and this would involve some technical work - so the notice is a good starting point.

Testing

Existing tests pass.

Checklist

n7studios added 2 commits May 3, 2023 14:45
@n7studios
Add a warning notice on Settings > Member Content
a83a7fd 
Caching must be disabled when the `ck_subscriber_id` cookie is present, to allow a Page’s content to be dynamically changed (either by showing an authentication error, authentication form or the member only content if authorized).
@n7studios
Coding standards
167da8b
@n7studios n7studios self-assigned this May 3, 2023
@n7studios n7studios requested review from a team, jenessawhite and noelherrick and removed request for a team May 3, 2023 15:56
@n7studios n7studios marked this pull request as ready for review May 3, 2023 15:56
noelherrick
noelherrick approved these changes May 3, 2023
View reviewed changes
admin/class-convertkit-admin-settings-restrict-content.php Outdated
<?php
echo sprintf(
'%s %s %s',
esc_html__( 'If you have server side or a caching plugin enabled, you must configure it to disable caching when the', 'convertkit' ),
Copy link
Contributor

@noelherrick noelherrick May 3, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this missing a word? Aren't all plugins server side?

Copy link
Contributor Author

@n7studios n7studios May 4, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Reworded for clarity to If your web host has caching configured (or you are using a caching plugin). Caching might not be performed by a plugin (for example, this ticket, where SiteGround have caching enabled in their hosting configuration).

@n7studios n7studios merged commit 1a32295 into main May 4, 2023
@n7studios n7studios deleted the restrict-content-cache-notice branch May 5, 2023 12:52
@n7studios n7studios mentioned this pull request May 12, 2023
Merged
6 tasks
@n7studios n7studios mentioned this pull request Dec 13, 2024
Merged
6 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@noelherrick noelherrick noelherrick approved these changes

@jenessawhite jenessawhite Awaiting requested review from jenessawhite jenessawhite was automatically assigned from Kit/wordpress

Assignees

@n7studios n7studios

Labels

enhancement

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@n7studios @noelherrick