I'm doing some testing with Authcache for the first time on a Commerce Kickstart based site.

I've followed a similar path to that described by the tutorial at https://www.drupal.org/node/2037015 and generally things look to be working and the speed increase is substantial as you'd expect.

Some products have got different variations and I've got product displays setup with product variations based upon the product title meaning that a single drop down appears by the quantity and add to cart button.

When viewing a product display page the authcache debug window shows it hits the cache when viewing the page as anonymous but misses when the user is logged in and gives the message.

Cache Status: "Caching CANCELED"
Message 1: "Canceled: Cached form on the page (likely Ajax enabled). Download and configure the Cache Object API module."
Page Render Time: "1465.18 ms"

For pages where there are no variations and the drop down doesn't appear then it hits the cache for both anonymous and logged in users.

Is this the expected behaviour?

If I remove the form token then the caching works perfectly for products with variations regardless of being logged in or out but based on the CSRF guidelines given this doesn't look like a good idea for the add to cart button.

If I download and install Cache Object API module then again this looks to work for products with variations regardless of being logged in or out however this module looks to have few users so I wondered if it's ok to use and is this the best method.

Otherwise from my limited use of Authcache the results are looking good so far.

Comments

znerol’s picture

Is this the expected behaviour?

yes.

If I remove the form token then the caching works perfectly for products with variations regardless of being logged in or out but based on the CSRF guidelines given this doesn't look like a good idea for the add to cart button.

This is debatable, see #2314357-1: insecure forms - implications?? over at the Cache Object API project.

If I download and install Cache Object API module then again this looks to work [...] so I wondered if it's ok to use and is this the best method.

It is the only method to make Ajax forms work for anonymous and authenticated users on a cached page. The Cache Object API module was designed exactly for that purpose.

Ollie222’s picture

znerol,

Thanks for the reply and comments, they're much appreciated.

It looks like I'm along the right tracks so I'll carry on as I am.

znerol’s picture

Status: Active » Fixed

Status: Fixed » Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.