基于 Cookie 的清漆响应
[英]Varnish response based on Cookie
问题描述
I have the following Varnish configuration:
我有以下清漆配置:
# Default backend definition. Set this to point to your content server.
backend default {
.host = "127.0.0.1";
.port = "8080";
}
sub vcl_hash {
if (req.http.cookie ~ "wordpress_logged_in_[a-z0-9]+") {
set req.http.X-TMP = regsuball(req.http.cookie, "wordpress_logged_in_[a-z0-9]+=[^;]+(; )?", "; \1=");
hash_data(req.http.X-TMP);
unset req.http.X-TMP;
}
}
sub vcl_recv {
#Admin Area
if (req.url ~ "wp-admin|wp-login") {
return (pass);
}
#woocommerce specifics
if (req.url ~ "^/(cart|my-account|checkout|addons)") {
return (pass);
}
if ( req.url ~ "\?add-to-cart=" ) {
return (pass);
}
set req.http.cookie = regsuball(req.http.cookie, "wp-settings-\d+=[^;]+(; )?", "");
set req.http.cookie = regsuball(req.http.cookie, "wp-settings-time-\d+=[^;]+(; )?", "");
set req.http.cookie = regsuball(req.http.cookie, "wordpress_test_cookie=[^;]+(; )?", "");
#set req.http.cookie = regsuball(req.http.cookie, "wordpress_logged_in_[a-z0-9]+=[^;]+(; )?", "; \1=");
#more woocommerce specifics
# Unset Cookies except for WordPress admin and WooCommerce pages
if (!(req.url ~ "(wp-login|wp-admin|cart|my-account/*|wc-api*|checkout|addons|logout|lost-password|product/*)")) {
unset req.http.cookie;
}
# Pass through the WooCommerce dynamic pages
if (req.url ~ "^/(cart|my-account/*|checkout|wc-api/*|addons|logout|lost-password|product/*)") {
return (pass);
}
# Pass through the WooCommerce add to cart
if (req.url ~ "\?add-to-cart=" ) {
return (pass);
}
# Pass through the WooCommerce API
if (req.url ~ "\?wc-api=" ) {
return (pass);
}
if (req.http.cookie == "") {
unset req.http.cookie;
}
return(hash);
}
sub vcl_backend_response {
# Happens after we have read the response headers from the backend.
#
# Here you clean the response headers, removing silly Set-Cookie headers
# and other mistakes your backend does.
if (beresp.ttl == 120s) {
set beresp.ttl = 1h;
}
#set beresp.http.host = bereq.http.host;
}
sub vcl_deliver {
# Happens when we have all the pieces we need, and are about to send the
# response to the client.
#
# You can do accounting or modifying the final object here.
}
My goal is to ensure that I have two different cached versions on URL's based on wether or not the user is logged in. I can determine that by a cookie that is named like wordpress_logged_in_[some id] .我的目标是确保根据用户是否登录,在 URL 上有两个不同的缓存版本。我可以通过名为wordpress_logged_in_[some id]的 cookie 来确定。
I've attempted to find inspiration for this in this article , but I am unable to get two different results based on whether or not the client has the cookie mentioned before.我试图在本文中为此寻找灵感,但我无法根据客户端是否具有前面提到的 cookie 来获得两种不同的结果。 To me, it appears like it's the same cached content presented regardless of the cookie's presence.对我来说,无论 cookie 是否存在,它似乎都呈现相同的缓存内容。
I'd appreciate some help on understanding my issue.我很感激在理解我的问题方面的一些帮助。
2 个解决方案
解决方案1
0 2020-09-23 10:58:13
It looks like you're doing all the right things, but I would advise you to do some debugging.看起来您正在做所有正确的事情,但我建议您进行一些调试。
If you run the following command, the Hash tag will appear in varnishlog :如果运行以下命令, Hash标签将出现在varnishlog :
varnishadm param.set vsl_mask +hash
You can then run the following command to check whether or not the hashes differ, based on the cookie然后,您可以根据 cookie 运行以下命令来检查哈希值是否不同
varnishlog -g request -i requrl -i hash -I reqHeader:Cookie
This logging command lists the following items:此日志记录命令列出以下项目:
- The request URL请求网址
- The cookie header饼干头
- The hash that is created创建的哈希
This should help you figure out what's going on.这应该可以帮助您弄清楚发生了什么。
解决方案2
0 已采纳 2020-09-23 11:06:51
Applying the solution that was suggested in the article will yield as many cache entries as there are logged in users (per-user cache).应用本文中建议的解决方案将产生与登录用户(每用户缓存)一样多的缓存条目。
If you want one cache object for guest and the other for all logged in users, then hash on a "boolean" which is set based of presence of the cookie:如果您想要一个缓存对象用于来宾,另一个用于所有登录用户,则对基于 cookie 的存在设置的“布尔值”进行散列:
sub vcl_hash {
if (req.http.cookie ~ "wordpress_logged_in_") {
hash_data("wordpress_logged_in");
}
# the builtin.vcl will take care of also varying cache on Host/IP and URL
}
This will be only safe if in presence of the cookie the generated page doesn't bare user-specific content.只有在存在 cookie 的情况下,生成的页面不包含特定于用户的内容时,这才是安全的。 For example, if "logged in page" is different from "logged out page" only by the presence of "Log out" text in the header section of the site.例如,如果“登录页面”与“注销页面”的区别仅在于站点标题部分中是否存在“注销”文本。
Anywhere the content is absolutely user-specific, you don't want to apply such logic.在内容绝对特定于用户的任何地方,您都不想应用此类逻辑。 For example, "Hi, John" in the header text.例如,标题文本中的“嗨,约翰”。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.