Private Data Showing on Public Cache Content Due to JS Global Variable Issue

Problem

Private data is showing on public cache content.

Cause

Some global variables in JavaScript are initialized based on user session data but are saved in a public cache.

Solution

As of version 1.0.2, a place-holder block for JavaScript variables has been introduced. This place holder is a private block, so every user will get his/her own correct value.

Check the code: code/community/Litespeed/Litemage/Block/Inject/Jsvar.php

Extend

You can also write your own code to customize this block. Please be sure to keep a copy of your customized code in a local directory to avoid it being overridden during LiteMage updates.

You generally do not need to modify the block code and can instead just modify the template associated with that block: app/design/frontend/base/default/template/litemage/inject/jsvar.phtml

For example: isLoggedIn is used by an SNS ajax cart for wishlists. In LiteMage's config.xml file located under magento_install_directory/app/code/community/Litespeed/Litemage/etc, this block, litemage.jsvar, is listed under welcome and will be purged by logged_in/out events.

If you have any other variables based on events not already represented in LiteMage's config.xml file, you can add them in as new blocks in the esiblock section. (Be sure to add a LiteMage ESI observer for these events as well)