I would like to use page caching on my homepage, but also want to
enable people to sign in via a modal dialog sign in form. I could
have a setup in which when a user lands on the cached homepage, an
Ajax GET request pulls in the whole login form so that there is a
fresh authenticity token.
That said, besides the additional hit to the server, the CSRF token in
the head area of the page could be different (left over in the page
cache from another user).
I'm guessing that loading a form like this through ajax is not
advisable, but since it works and most people hit the site without
signing in, I'm wondring why not just load the form via an ajax get