page cache theory - will this work?

Question

I'd like to setup browser caching on my site. The problem is that the caching will only be for guests, not logged in users. I know I can throw different headers based on a user's logged in status, but how will the cache treat that? Do I run the risk of guests seeing user's content?

update

What I'm talking about is if i throw a last-modified header for all guests and force a fresh page for all logged in users. I suppose this would only help so much... I'd like it if all guests could share a proxy cache and all members could stick with fresh pages, but I don't think that would work.

How do both @Victor and @klausbyskov have a +1 on their response, they appear to be saying the opposite things.

Answer 1

The cache is in the browser. Therefore it is not possible for a guest to see a user's content.

Answer 2

The cache works solely based on the URL, so if your users and your guests use the same URL, the cache will affect both in the same way (meaning that users may not see up-to-date data). Any caching system which prevents the browser from querying your server will therefore cause you problems.

On the other hand, you can have the server detect if cache-related headers were provided, determine if the visitor is a guest or a logged in user, and respond to guests with a 304 Not Modified. This still requires the browser to send you a request, but at least you won't have any server-side work to do beyong sending back a 304 header.