If it is the same URL being visited by the anonymous users and the
authenticated users, then how is the upstream cache to determine which
version to send?
Or put it like this, you want to have anonymous users viewing the page
to not generate a 'Vary: cookie' header. This leads to the following
situation:
Anonymous user visits /contact-us/
Django generates the anonymous version of the page and delivers it,
with appropriate caching headers.
Upstream cache stores anonymous version in cache
Logged in user visits /contact-us/
Upstream cache intercepts the request, looks in its cache for an
appropriate hit, and delivers the anonymous page.
The basic thing here is that you cannot have your cake and eat it as
well. Either the page contains dynamic, user-specific content, in
which case vary on cookie, or it does not, in which case cache it.
If you want to deliver truly cache-able anonymous content, deliver it
on a different URL to your dynamic content.
Cheers
Tom