question on the cookies and varnish
James Light
j.gareth.light at gmail.com
Wed Mar 28 20:25:34 CEST 2012
2012/3/28 Alexandre Priou <apriou at gmail.com>:
> thank at all
>
> i try that
>
> best regard
>
> 2012/3/28 Roberto O. Fernández Crisial <roberto.fernandezcrisial at gmail.com>
>
>> Hi Alexandre,
>>
>> You could use something on vcl_recv() like:
>>
>> if (req.http.Cookie ~ "PHPSESSID")
>> {
>> remove req.http.Cookie;
>> }
>>
>> Regards,
>> Roberto (a.k.a. @rofc)
>>
>> On Wed, Mar 28, 2012 at 3:08 PM, Alexandre Priou <apriou at gmail.com> wrote:
>>>
>>> hi at all
>>>
>>> I need to erase all cookies in varnish conf except the cookie with name :
>>> PHPSESSID
>>>
>>> how i can to do that ?
>>>
>>> thank for your answer
>>>
>>> --
>>> Alexandre Priou
>>> Analyste Concepteur Web
Um, no. That's not going to work as most user agents will pass ALL of
the cookies in one single "Cookie:" header.
That VCL above says "If there's the string "PHPSESSID" in the HTTP
headers of the client request, remove that entire header.
What you asked was how to remove every *other* cookie *except* PHPSESSID.
There is an example of how to do that on the varnish site here:
https://www.varnish-cache.org/docs/3.0/tutorial/cookies.html
Personally, I prefer a different way, which amounts to:
* extract the PHPSESSID into a different header
* unset the entire Cookie Header
* add back only the PHPSESSID as the Cookie header
A reminder that VCL has PCRE (perl compat regexes), so you can look up
those as needed and go at it.
Hope that helps.
-jlight
More information about the varnish-misc
mailing list