[Varnish] #782: expose sp->esis to vcl (patch attached)
Varnish
varnish-bugs at varnish-cache.org
Thu Sep 23 17:02:14 CEST 2010
#782: expose sp->esis to vcl (patch attached)
----------------------+-----------------------------------------------------
Reporter: askalski | Type: enhancement
Status: new | Priority: normal
Milestone: | Component: build
Version: trunk | Severity: normal
Keywords: esi |
----------------------+-----------------------------------------------------
(See ticket #705.)
I need to determine in VCL, whether or not a request is an ESI subrequest.
The proposed workaround from ticket #705 (req.restarts) doesn't actually
work (it's always 0, even for ESI subrequests.
The concrete problem I'm trying to solve: Strip cookies only for ESI
subrequests, for two reasons: (a) to make them cacheable; (b) to address
the security issue of cookies leaking between domains. (Example:
<esi:include src="http://some.other.domain.com/uri" />; the Cookie header
from the orginal request gets sent to "some.other.domain.com".)
{{{
sub vcl_recv {
if (req.esis > 0) {
remove req.http.Cookie;
remove req.http.Authorization;
}
}
sub vcl_fetch {
if (req.esis > 0) {
remove beresp.http.Set-Cookie;
}
}
}}}
I attached a diff against 2.1.3 that adds a read-only "req.esis" keyword
that returns the value of sp->esis.
(req.esis is probably not the best name choice, because it will be
confused easily with req.esi; feel free to change it.)
--
Ticket URL: <http://www.varnish-cache.org/trac/ticket/782>
Varnish <http://varnish-cache.org/>
The Varnish HTTP Accelerator
More information about the varnish-bugs
mailing list