Caching requests with Authorization Header
Hugo Cisneiros (Eitch)
hugo.cisneiros at gmail.com
Mon Apr 6 23:28:44 CEST 2015
On Mon, Apr 6, 2015 at 6:19 PM, Jennings III, Raymond
<raymond.jennings at nytimes.com> wrote:
> What about doing something like renaming that header so that the default vcl
> subroutine won't see it? Or maybe just always return from your sub-routine
> so that the default vcl never runs.
Hi!
I did that and it didn't work :(
What I tried:
sub vcl_recv {
[...]
set req.http.X-Authorization = req.http.Authorization;
unset req.http.Authorization;
[...]
return (hash);
}
sub vcl_hash {
[...]
hash_data(req.http.X-Authorization);
[...]
return (lookup)
}
sub vcl_backend_fetch {
set bereq.http.Authorization = bereq.http.X-Authorization;
}
I think varnish4 do the validation on between backend fetch and
response, and decides that it won't store the reply on the cache since
the backend request contained the Authorization header... Since it
never stores on the cache, I'll always get a miss no matter what I do
with the request o vcl_recv.
> I use a couple of techniques like what you are describing - where I add GET
> params on the URL based on a particular header value as well as the inverse
> (take GET parameters off of the URL so that they are not hashed) and stick
> those values into a "X-" type header.
>
> Maybe you can describe your technique in V3 so that we can see how we might
> do the same in V4. I'm not an expert on V4 but I have reworked some of the
> techniques that I have been using in V3 to V4 successfully.
In V3 I really didn't need to do anything unusual. Just a simple
caching VCL and it's working:
sub vcl_recv {
[...]
unset req.http.cookie;
return (lookup);
}
sub vcl_fetch {
[...]
set beresp.ttl = 1m;
return (deliver);
}
Thanks,
--
[]'s
Hugo
www.devin.com.br
More information about the varnish-misc
mailing list