Session issues when using Varnish
Bjørn Ruberg
bjorn at ruberg.no
Wed Mar 16 19:03:52 CET 2011
On 03/16/2011 04:55 PM, Chris Bloom wrote:
> Thank you, Bjorn, for your response.
>
> Our hosting provider tells me that the following routines have been
> added to the default config.
>
> sub vcl_recv {
> # Cache things with these extensions
> if (req.url ~
> "\.(js|css|JPG|jpg|jpeg|png|gif|gz|tgz|bz2|tbz|mp3|ogg|swf)$") {
> unset req.http.cookie;
> return (lookup);
> }
> }
> sub vcl_fetch {
> # Cache things with these extensions
> if (req.url ~
> "\.(js|css|JPG|jpg|jpeg|png|gif|gz|tgz|bz2|tbz|mp3|ogg|swf)$") {
> unset req.http.set-cookie;
> set obj.ttl = 1h;
> }
> }
This is a rather standard config, not designed for corner cases like yours.
> Clearly the req.url variable contains the entire request URL, including
> the querystring. Is there another variable that I should be using
> instead that would only include the script name? If this is the default
> behavior, I'm inclined to cry "bug".
You can start crying bug after you've convinced the rest of the Internet
world, including all browsers, that the query string should not be
considered part of the URL. In the meantime, I suggest you let your
provider know that your application has special requirements that they
will need to accommodate.
Your provider can't offer proper service when they don't know your
requirements. To provide you with a useful Varnish configuration, your
provider needs to know quite a few things about how your application
works. This includes any knowledge of cookies and when Varnish should
and should not allow them. Since you ask the Varnish community instead
of discussing this with your provider, I guess these requirements were
never communicated.
A few tips you and your provider can consider:
a) Perhaps a second cookie could be set by the backend application for
logged-in users. A configuration could be made so that Varnish would
choose to not remove cookies from the file suffixes listed if this
cookie was present.
b) If the path(s)/filename(s) where the query string may include the
mentioned file suffixes are identifiable, your provider could create an
exception for those. E.g. if ?foo=bar.jpg only occurs with
/some/test/file.php, then the if clause in vcl_recv could take that into
consideration.
c) Regular expressions in 2.0.6 are case insensitive, so listing both
"jpg" and "JPG" in the same expression is unnecessary.
-
Bjørn
More information about the varnish-misc
mailing list