How to config varnish to NOT cache content within cookies

Bob Camp lists at rtty.us
Tue Nov 23 03:09:37 CET 2010


Hi

I believe that by terminating your VCL sections with "fetch",  "deliver" and "lookup" you have cut out the default VCL logic. By so doing you "hop around" much of the built in stuff.

Bob


On Nov 22, 2010, at 8:48 PM, Chaos Lee wrote:

> In varnish document, it said varnish dosen't cache content within cookies.  But I find varnish cached the content in my environment, so the login user chaos at all. This is my config vcl:
> 
> backend www {
>     .host = "www.sample.com";
>     .port = "80";
> }
> 
> backend v {
>     .host = "v.sample.com";
>     .port = "80";
> }
> 
> backend u {
>     .host = "u.sample.com";
>     .port = "80";
> }
> 
> 
> backend so {
>     .host = "so.sample.com";
>     .port = "80";
> }
> 
> acl purge {
>     "localhost";
>     "10.0.0.0"/8;
> }
> 
> sub vcl_recv {
>     set req.grace = 30m;
> 
>     if (req.http.x-forwarded-for) {
>         set req.http.X-Forwarded-For = req.http.X-Forwarded-For ", " client.ip;
>     } else {
>         set req.http.X-Forwarded-For = client.ip;
>     }
> 
>     if (req.http.range && !req.url ~ "^/player/get\w*M3U8/.*") {
>         error 403 "Forbidden";
>     }
> 
>     if (req.http.host ~ "^(www.)?sample.com$") {
>         set req.backend = www;
>     } elsif (req.http.host ~ "^v.sample.com$") {
>         set req.backend = v;
>     } elsif (req.http.host ~ "^u.sample.com$") {
>         set req.backend = u;
>     } elsif (req.http.host ~ "^so.sample.com$") {
>         set req.backend = so;
>     } else {
>         error 404 "Unknown virtual host";
>     }
> 
>     # Allow ip from PURGE acl
>     if (req.request == "PURGE") {
>         if (!client.ip ~ purge) {
>             error 405 "Not allowed.";
>         }
>             return (lookup);
>     }
> 
>     if (req.request != "GET" && req.request != "HEAD") {
>         return (pass);
>     }
>     
>     if (req.http.authenticate || req.http.authorization) {
>         return (pass);
>     }
> 
>     if (req.http.cookie && req.http.cookie ~ "authtoken=") {
>         return (pass);
>     }
> 
>     return (lookup);
> }
> 
> sub vcl_hit {
>     if (req.request == "PURGE") {
>         set obj.ttl = 0s;
>         error 200 "Purged";
>     }
> 
>     if (!obj.cacheable) {
>         return (pass);
>     }
> 
>     return (deliver);
> }
> 
> sub vcl_miss {
>     if (req.request == "PURGE") {
>         error 405 "Not in cache";
>     }
>     
>     return (fetch);
> }
> 
> sub vcl_deliver {
>     if (obj.hits > 0) {
>         set resp.http.X-Cache = "HIT on a29.squid";
>     } else {
>         set resp.http.X-Cache = "MISS from a29.squid";
>     }
> 
>     # Remove unused varnish header
>     remove resp.http.X-Varnish;
>     return (deliver);
> }
> 
> sub vcl_fetch {
>     set beresp.grace = 30m;
> 
>     return (deliver);
> }
> 
> sub vcl_pass {
>     remove bereq.http.X-Varnish;
>     
>     return (pass);
> }
> 
> sub vcl_error {
>     set obj.http.Cache-Control = "no-store, no-cache, must-revalidate";
>     set obj.http.Content-Type = "text/html; charset=utf-8";
>     synthetic {""};
>     return (deliver);
> }
> _______________________________________________
> varnish-misc mailing list
> varnish-misc at varnish-cache.org
> http://lists.varnish-cache.org/mailman/listinfo/varnish-misc

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.varnish-cache.org/lists/pipermail/varnish-misc/attachments/20101122/9ecc3ae9/attachment-0003.html>


More information about the varnish-misc mailing list