Is This Solution for Caches vs Cookies Going to Get Me in Trouble?

ck_macleod_ignoredThis post consists of a a question I posed at StackExchange/”WordPress Development,” relating to the Commenter Ignore and Commenter Highlight Buttons plug-ins that I’ve been working on (debuting at this site in unfinished form, as of this writing). Won’t likely be of any interest to non-developers!

I’ve come up with a provisional solution for a not exactly common, but far from unprecedented problem with the interaction of popular WP caching solutions with cookies, in this case the standard WP comment cookies. My solution also bears on the rarely well-defined “known users” exception to serving cached files. Whether what I stumbled upon is usable or not, I figure that explaining it and possibly learning why it’s a bad idea might be generally instructive.

I’ve tested my method with WP Super Cache, W3 Total Cache, and Comet Cache. The one that I broke down for myself in detail while studying this problem was WP Super Cache (“WPSC” hereafter), so I’ll use it as my main example.


When a WP standard comment thread is set to allow visitors to comment, comments cookies are set for any commenter who is not a registered user and logged in, with actual commenting privileges subjected to further checks. In what I believe is the most common configuration, a commenter needs to supply only a name and an email address. These are stored within two browser cookies, usually comment_author_ . COOKIEHASH, and comment_author_email_ . COOKIEHASH. COOKIEHASH is defined according to user options.

If set to deliver freshly generated files to “known users,” WPSC determines whether or not to serve a cached file on the basis of several checks: Logged-in users get fresh files, and so do visitors “who can comment.” The latter are chiefly identified by the presence in their browsers of comment_author_ cookies which are not specifically or uniquely identified for the particular user by the COOKIEHASH (usually but not always an MD5-encoded version of the “siteurl” recorded in site options).

What appears to be the key part of the WPSC code, from wp-cache-phase1.php LL371-383, uses a RegEx pattern to get a string, cycling through the cookies:

Now, if I were working strictly in PHP, I could re-produce or hook into WP core functions, and get the normal comment_author_ . COOKIEHASH set by the comment template, but I am working in jQuery using the jQuery Cookie plug-in. However, as you can see if you look at the RegEx, the WPSC function doesn’t care about the COOKIEHASH: It’s satisfied if it encounters comment_author_.


$.cookie( 'comment_author_proxyhash', 'proxy_author', { path: '/' } );

For those unfamiliar with jQuery Cookie: The above sets a simple session cookie with key = comment_author_proxyhash and value = proxy_author, good for the entire site. (Also, for those who use jQuery Cookie and WP, in addition to pre-substituting the familiar jQuery $ for the WP jQuery, I’ve also already set $.cookie.raw = true;.)

I added the line to my jQuery script, and, *voila!*, WPSC, W3 Total Cache, and Comet Cache are all acting like I want them to. After I use the script, and reload, I get fresh pages. If I happen to place a real comment, the normal comment_author_ and comment_author_email_ cookies are set, and there doesn’t seem to be any problem with co-existence.

Perhaps one defect would be that the “proxyhash” cookie will travel with the user as long as he or she keeps the session open, but that doesn’t strike me as likely a major problem – or even worth a warning. I’ve certainly never heard of someone complaining about such a thing happening with one of the regular cookies.

But maybe there’s something I’m missing, and about to discover much to my woe, if potentially to my edification as well. Or maybe there’s a relatively simple best-practicey way for me to replicate the COOKIEHASH in jQuery, also covering alternative use cases… or to achieve the same end effect by other means – other ways of tricking the caching plug-ins into treating the visitor as a commenter…

If not, is there any good reason NOT to push this or something close to it out to the universe in a plug-in?

Home Page  Public Email  Twitter  Facebook  YouTube  Github   

Writing since ancient times, blogging, e-commercing, and site installing-designing-maintaining since 2001; WordPress theme and plugin configuring and developing since 2004 or so; a lifelong freelancer, not associated nor to be associated with any company, publication, party, university, church, or other institution. 

Posts in this series

Commenter Ignore Button by CK's Plug-Ins

Leave a Reply

Your email address will not be published. Required fields are marked *


WordPress Plug-In Notes

  1. Realizing the Commentariat (May 8, 2015)
  2. Child of Mog; Extraordinary Comments (May 25, 2015)
  3. Patronize 'Em: WordPress Draft Post Docket with Subscription and Donation Options (June 9, 2015)
  4. Realizing The Commentariat: Phase 2 (June 22, 2015)
  5. Pseudo-Redacting Spoilerer (July 25, 2015)
  6. Spoiling you some more (August 5, 2015)
  7. Testing Ajaxified Comments - Experiment Halted (August 11, 2015)
  8. New New Since Last Visit Comments Comments (August 16, 2015)
  9. WordPress Comment Nesting Unbound (August 22, 2015)
  10. The Snake Is Implemented (August 25, 2015)
  11. Comments Since Last Visit Reloaded, Reloaded, Testing Post (August 31, 2015)
  12. Comments Since Last Visit, Reloaded, Augmented, Installed, In Two Steps (September 13, 2015)
  13. Coming Soon (I Think!): Author Bios (September 25, 2015)
  14. How to Do Backlinking Footnotes (November 30, 2015)
  15. Who or What Is Using "Commenter Archive" and "commenter-thread"? (February 16, 2016)
  16. Enabling WordPress Press This for HostGator Sites (March 9, 2016)
  17. Linkback Your Xpost: A Simple WordPress Filter Function (March 14, 2016)
  18. Add Amazon Affiliate Tags to WordPress Posts <i>and</i> Comments Automatically (March 19, 2016)
  19. Finding Lost WordPress Widgets after Core Upgrade (March 21, 2016)
  20. Plug-In Away... and the Iron Law of Irony (April 16, 2016)
  21. To o-b or not to o-b (output-buffering in WordPress) - UPDATED (April 24, 2016)
  22. Output-Buffering and Extensible WordPress Plug-Ins (May 21, 2016)
  23. Getting Right with Image Rights: WP Replace Unlicensed and Broken Images Plug-In (June 17, 2016)
  24. Getting Right with Image Rights: Workflow and Major Minor Upgrade (June 27, 2016)
  25. Getting to Better WordPress Twitter oEmbed (June 28, 2016)
  26. An Alliance of Digital Artists (Art and Work in the Age of Instant Reproducibility) (July 8, 2016)
  27. Comparative Page Loads with and without Image Errors (July 14, 2016)
  28. jQuery-Filling an Input Box in WordPress Admin (July 15, 2016)
  29. Drilling a Hole in the Universe with WP_Query in a Shortcode (September 1, 2016)
  30. Troll-Stomping and Other Sensible Things: #WordPress Plug-In Beta Test/Preview (November 12, 2016)
  31. Commenter Ignore Button Preview Video (November 30, 2016)
  32. Is This Solution for Caches vs Cookies Going to Get Me in Trouble? (November 30, 2016)
  33. Commenter Ignore Button 0.99 (December 21, 2016)
  34. Adding Multiple Image Selection to WordPress Plug-Ins (January 5, 2017)
  35. Working around an Unexplained Failure of WordPress {$taxonomy} Hooks (January 10, 2017)In Progress: Subscribe!
  36. Better Twitter Embeds 2: Stripping the Convo for the Sake of the Convo (February 19, 2017)

State of the Discussion

+ This is the right site for anyone who hopes to understand this topic. You understand a whole lot its almost hard to argue with you [. . .]
The Ephemeral Sublime vs The Triumph of Death
+ From early on, Trump gave his adversaries abundant excuses to declare him illegitimate, or illegitimate as far as their principles were concerned. To skip ahead [. . .]
Theodicy of Trump – a Tweet-Drizzle (OAG #11)
Wade McKenzie
Comments this threadCommenter Archive
+ Only the retrospective knowledge that Trump, against every establishment anticipation, won the election lends the idea that Hillary Clinton ought to have refused to participate [. . .]
Theodicy of Trump – a Tweet-Drizzle (OAG #11)

From the Featured Archives