Stuck with cookies and phpsessid
Andrei
lagged at gmail.com
Wed Sep 20 13:58:54 UTC 2017
Please provide the varnishlog output for a request seen leading to the
described issue. There are multiple sections in which cookies are unset,
where you could be triggering this behavior.
On Wed, Sep 20, 2017 at 4:47 AM, Christopher Edwards <
Christopher at hippomotorgroup.co.uk> wrote:
> When a user tries to upload content via our CMS, we're getting a incorrect
> permissions due to PHPSESSID not being sent.
>
> Here is my current vcl file, what would I have to change to resolve the
> PHPSESSID error?
>
> As an alternative to resolving this issue (not ideal) set a section of the
> site to not be cached by varnish but I'm also not sure of how to do that.
>
> vcl 4.0;
>
> import directors;
>
> import std;
>
>
>
> backend site1 {
>
> .host = "127.0.0.1";
>
> .port = "8080";
>
> }
>
>
>
> backend site2 {
>
> .host = "127.0.0.1";
>
> .port = "8081";
>
> }
>
>
>
> backend site3 {
>
> .host = "127.0.0.1";
>
> .port = "8082";
>
> }
>
>
>
> acl purge {
>
> "localhost";
>
> "127.0.0.1";
>
> }
>
>
>
>
>
> sub vcl_recv {
>
> # SINGLE BACKEND
>
> # set req.backend_hint= default;
>
> if (req.http.host == "www.site2.co.uk") {
>
> set req.backend_hint = site2;
>
> }
>
> else if (req.http.host == "www.site3.co.uk") {
>
> set req.backend_hint = site3;
>
> }
>
> else if (req.http.host == "site1.site2.co.uk") {
>
> set req.backend_hint = site1;
>
> }
>
> else {
>
> return (synth(404, "Host not found"));
>
> }
>
>
>
> # SET HTTP HEADERS
>
> set req.http.X-Forwarded-For = client.ip;
>
> set req.http.X-Forwarded-Proto = "https";
>
>
>
> # REMOVE HEADERS THAT MIGHT DUPLICATE CACHE
>
> unset req.http.Accept-Language;
>
> unset req.http.User-Agent;
>
>
>
> # PURGE
>
> if (req.method == "PURGE") {
>
> if (!client.ip ~ purge) {
>
> return(synth(405,"Not allowed."));
>
> }
>
> return (purge);
>
> }
>
> if ( std.port(server.ip) == 6080) {
>
>
>
> set req.http.x-redir = "https://" + req.http.host + req.url;
>
> return (synth(750, "Moved permanently"));
>
> }
>
>
>
> # DROP COOKIES AND PARAMS FROM STATIC ASSET
>
> if (req.url ~ "\.(gif|jpg|jpeg|swf|ttf|css|
> js|flv|mp3|mp4|pdf|ico|png)(\?.*|)$") {
>
> unset req.http.cookie;
>
> set req.url = regsub(req.url, "\?.*$", "");
>
> }
>
>
>
> # PASS COOKIES
>
> if (req.http.cookie) {
>
> if (req.http.cookie ~ "(exclude_)") {
>
> return(pass);
>
> } else {
>
> unset req.http.cookie;
>
> }
>
> }
>
> }
>
>
>
>
>
>
>
> sub vcl_backend_response {
>
> # RETRY BACKEND 3 TIMES IF DOWN
>
> if (beresp.status == 503 && bereq.retries < 3 ) {
>
> return(retry);
>
> }
>
>
>
> if (bereq.http.Cookie ~ "(UserID|_session)") {
>
> set beresp.http.X-Cacheable = "NO:Got Session";
>
> set beresp.uncacheable = true;
>
> return (deliver);
>
>
>
> } elsif (beresp.ttl <= 0s) {
>
> set beresp.http.X-Cacheable = "YES";
>
>
>
> } elsif (beresp.http.set-cookie) {
>
> set beresp.http.X-Cacheable = "YES";
>
> set beresp.uncacheable = false;
>
> return (deliver);
>
>
>
> } elsif (beresp.http.Cache-Control ~ "private") {
>
> set beresp.http.X-Cacheable = "NO:Cache-Control=private";
>
> set beresp.uncacheable = true;
>
> return (deliver);
>
>
>
> } else {
>
> set beresp.http.X-Cacheable = "YES";
>
>
>
> unset beresp.http.expires;
>
>
>
> set beresp.http.cache-control = "max-age=900";
>
>
>
> set beresp.ttl = 1w;
>
>
>
> set beresp.http.magicmarker = "1";
>
> }
>
>
>
> # UNSET COOKIES
>
> if (!(bereq.url ~ "(exclude)")) {
>
> set beresp.http.X-UnsetCookies = "TRUE";
>
> unset beresp.http.set-cookie;
>
> set beresp.ttl = 1h;
>
> }
>
>
>
> # YEAR LONG CACHE FILE TYPES
>
> if (bereq.url ~ "\.(gif|jpg|jpeg|png)(\?.*|)$") {
>
> set beresp.ttl = 365d;
>
>
>
> # MONTH LONG CACHE FILE TYPES
>
> if (bereq.url ~ "\.(css|js|flv|mp3|mp4|pdf|)(\?.*|)$") {
>
> set beresp.ttl = 30d;
>
>
>
> }
>
>
>
> }
>
> set beresp.grace = 1w;
>
>
>
> }
>
>
>
> sub vcl_hash {
>
> if ( req.http.X-Forwarded-Proto ) {
>
> hash_data( req.http.X-Forwarded-Proto );
>
> }
>
> }
>
>
>
> sub vcl_backend_error {
>
> # DISPAY CUSTOM ERROR IF FAILS
>
> if (beresp.status == 503 && bereq.retries == 3) {
>
> synthetic(std.fileread("/etc/varnish/error503.html"));
>
> return(deliver);
>
> }
>
> }
>
>
>
> sub vcl_synth {
>
> # REDIRECT FOR HTTP
>
> if (resp.status == 750) {
>
> set resp.status = 301;
>
> set resp.http.Location = req.http.x-redir;
>
> return(deliver);
>
> }
>
> # DISPLAY CUSTOM PAGE IF BACKEND DOWN
>
> if (resp.status == 503) {
>
> synthetic(std.fileread("/etc/varnish/error503.html"));
>
> return(deliver);
>
> }
>
> }
>
>
>
>
>
> sub vcl_deliver {
>
>
>
>
>
> # RESTART IF BACKEND DOWN
>
> if (resp.status == 503) {
>
> return(restart);
>
> }
>
> if (resp.http.magicmarker) {
>
> # REMOVE MAGIC MARK
>
> unset resp.http.magicmarker;
>
>
>
> # FRESH OBJECT
>
> set resp.http.age = "0";
>
> }
>
> if (obj.hits > 0) {
>
> set resp.http.X-Cache = "HIT";
>
> } else {
>
> set resp.http.X-Cache = "MISS";
>
> }
>
> set resp.http.Access-Control-Allow-Origin = "*";
>
> }
>
> sub vcl_hit {
>
> if (req.method == "PURGE") {
>
> return(synth(200,"OK"));
>
> }
>
> }
>
>
>
>
>
> sub vcl_miss {
>
> if (req.method == "PURGE") {
>
> return(synth(404,"Not cached"));
>
> }
>
> }
>
>
>
> _______________________________________________
> varnish-misc mailing list
> varnish-misc at varnish-cache.org
> https://www.varnish-cache.org/lists/mailman/listinfo/varnish-misc
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.varnish-cache.org/lists/pipermail/varnish-misc/attachments/20170920/3652bb7f/attachment-0001.html>
More information about the varnish-misc
mailing list