Strange Issue with cache and logged in users

Pinakee BIswas pinakee at waltzz.com
Thu May 26 17:29:18 CEST 2016 

Hi Guillaume,

Our application has been live since last few months and has been working 
fine. We have been using nginx caching in our production.

We have been planning to replace nginx caching with Varnish and use 
nginx purely as a proxy. For some requests, we plan to bypass Varnish as 
they need not be cached. Also, we are serving static content using nginx.

Right now the Varnish is on our test environment (will test thoroughly 
before deploying) where we do not use caching as developers want to see 
immediate results of the changes they make.

  To answer your query, it works fine without varnish. I have tested 
removing varnish and then adding it. I also, was surprised that it 
wasn't working properly as the logs say otherwise. Will investigate further.

I hope the VCL logic/code is fine.

One more thing is the cookie in the request log isn't showing all the 
cookies:

-   ReqHeader      Cookie: 
_xsrf=2|f25d8caf|ffacf1c86b71827915f94aed8e9aeace|1462920275; 
jivaana_country=IN; pagemap=0,0,0,0,0,1,0'; 
mp_774636c1ed2371eaf99455f71871069c_mixpanel=%7B%22distinct_id%22%3A%20%221518b8ba6c314b-04bd3d4-6b1b237b-100200-1518b8ba6c428a%22%2C%22%24i

There are couple of more cookies like 'loggedin_user' and 'sessionid' 
which are not shown in the log. Whereas the vcl_recv works fine as per 
the code written. Also, the network flow in inspect element (of the 
browser) shows the cookies present in the Request header.

Thanks,

Pinakee

On 26/05/16 8:23 pm, Guillaume Quintard wrote:
> On Thu, May 26, 2016 at 4:40 PM, Pinakee BIswas <pinakee at waltzz.com 
> <mailto:pinakee at waltzz.com>> wrote:
>
>     Regarding the faulty request, Following are two requests for the
>     same URL - /heels/ - one when the user was logged in and another
>     when the user had logged out. The second one (when the user was
>     logged out) is the faulty one as the user is still seeing the data
>     when he was logged in.
>
>     -   BereqMethod GET
>     -   BereqURL       /heels/
>     -   BereqProtocol  HTTP/1.0
>     -   BereqHeader    X-CLIENT-COUNTRY: IN
>     -   BereqHeader    Host: varnish_staging
>     -   BereqHeader    Accept:
>     text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
>     -   BereqHeader    Upgrade-Insecure-Requests: 1
>     -   BereqHeader    User-Agent: Mozilla/5.0 (Macintosh; Intel Mac
>     OS X 10_9_5) AppleWebKit/537.36 (KHTML, like Gecko)
>     Chrome/50.0.2661.102 Safari/537.36
>     -   BereqHeader    Referer: http://test.jivaana.in/home
>     -   BereqHeader    Accept-Language: en-US,en;q=0.8
>     -   BereqHeader    X-Forwarded-For: 127.0.0.1
>     -   BereqHeader    Accept-Encoding: gzip
>     -   BereqProtocol  HTTP/1.1
>     -   BereqHeader    X-Varnish: 32788
>
>
> Are you sure your backend isn't caching stuff or something like that? 
> Looking at bereq 32788, varnish is fetch a fresh object, and I see no 
> header that would identify the user. Have you tried without varnish?
>
> -- 
> Guillaume Quintard

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.varnish-cache.org/lists/pipermail/varnish-misc/attachments/20160526/6169ff67/attachment.html>

More information about the varnish-misc mailing list