Specification out of date?
Ricardo Newbery
ric at digitalmarbles.com
Thu Mar 20 15:01:26 CET 2008
On Mar 20, 2008, at 6:07 AM, Dag-Erling Smørgrav wrote:
> Ricardo Newbery <ric at digitalmarbles.com> writes:
>> If an authenticated request comes in and I have a valid cached copy,
>> Varnish should not return the cached copy *unless* the copy
>> contains a
>> public' token. It's not enough that Varnish previously tested for
>> the public token before insertion as the previous request may have
>> been a regular non-authenticated request which should be cached
>> regardless. So I need to test for the public token before both
>> insertion and delivery from cache.
>
> I still don't understand why you want to go from hit to fetch. Just
> pass it.
Because a pass will not store the response in cache when it otherwise
should if it contains a public token.
Hmm, perhaps I'm making some error in logic.
If an item is in the cache and it doesn't have a 'public' token, then
can I safely assume that authenticated version of the same item will
also not contain a 'public' token? My first thought was that I can't
make this assumption. But it's late now and my thinking is getting
fuzzy. I'll have to pick this up again later.
But if I tentatively accept this assumption for now, then do you see
any problem with the same solution but with a 'pass' instead of
'fetch'? Like so...
1) Remove from vcl_recv the following...
if (req.http.Authenticate || req.http.Cookie) {
pass;
}
2) Add to vcl_hit the following (after the !obj.cacheable test)...
if (obj.http.Cache-Control ~ "public" ) {
deliver;
}
if (req.http.Authenticate) {
pass;
}
3) Add to vcl_fetch the following (after the other tests)...
if (obj.http.Cache-Control ~ "public" ) {
insert;
}
if (req.http.Authenticate) {
pass;
}
More information about the varnish-misc
mailing list