Passing Cookies to Drupal Backend

Guillaume Quintard guillaume at
Wed Jul 27 17:02:39 CEST 2016


By default, Varnish will not cache if the request contains a cookie
headers, or if the response contains a set-cookie header, this is totally
configurable in vcl. Have a look at the builtin.vcl (mine can be found, in
commented form at /usr/share/doc/varnish/builtin.vcl) :
vcl_recv contains:
     if (req.http.Authorization || req.http.Cookie) {
         /* Not cacheable by default */
         return (pass);

and vcl_backend_response:
     if (beresp.ttl <= 0s ||
       beresp.http.Set-Cookie ||
       beresp.http.Surrogate-control ~ "no-store" ||
       (!beresp.http.Surrogate-Control &&
         beresp.http.Cache-Control ~ "no-cache|no-store|private") ||
       beresp.http.Vary == "*") {
         * Mark as "Hit-For-Pass" for the next 2 minutes
         set beresp.ttl = 120s;
         set beresp.uncacheable = true;

If you don't wish to go through this, you'll have to do a return in your
own vcl, otherwise the builtin.vcl portion of the code gets executed.

To cache part of cookies, check out the vmod-cookies, and in vcl_hash(),
choose the interesting parts for caching.

Does that help?

P.S. : you want to reconsider adding a confidentiality warning that's
longer than your actual message when you post to a public mailing list :-)

Guillaume Quintard
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the varnish-misc mailing list