Internet Explorer Cookie Internals (FAQ). Grr... IE 6, 7 and 8 don’t support the max-age cookie argument, forcing you to use an explicit expiry date instead. This appears to affect the cache busting cookie pattern, where you set a cookie to expire in 30 seconds for any user who posts content and use the presence of that cookie to skip caches and/or send their queries to a master instead of slave database. If you have to use expires, users with incorrect system clocks may get inconsistent results. Anyone know of a workaround?
Sign in with 
OpenID
Set the cookie in JS using the system clock as the base time?
Slightly ugly, but it does avoid the incorrect system time issue.
Jonty Wareing - 26th February 2010 12:33 - #
Can't you just store the cookie expire time based on the users time? Get javascript to request a URL with the time as a GET parameter, and set the cookie there.
Sym - 26th February 2010 12:36 - #
Hack it with ETags. Store your own timestamp in structured ETag returned with the HTML. Propagate this across all other requests / update the timestamp. Check timestamp extracted from ETag in If-None-Match header when requests come in. Not sure about ETag support in older IE versions though.
Marc Palmer - 26th February 2010 12:38 - #
Store the date+time / unix timestamp of the post in the cookie and don't show cached content until the difference to now is more than 30 seconds and then explicitly clear the cookie.
It's worth noting that almost all sites which do the cookie-after-edit thing aren't nearly this clever.
MediaWiki bypasses the caching permanently once you edit (or log in). Editors represent such a tiny proportion of their page views that it doesn't matter.
You still can use cookie. Put server timestamp with signed signature into it.
When web server received the cookie and then you can verify it with HMAC function.
gslin - 27th February 2010 02:21 - #
I like Tom's suggestion. People with the cookie get routed to non-cached servers (where you can run live code to analyse the contents of the cookies). When it is old, send it to 1970 and the next request will be from the cached servers.