如何在Varnish VCL中重建请求cookie？

Question

我不确定我是否在问正确的问题。我有一个可以访问众多饼干的网站的清漆。最重要的是Creds Cookie。我正在做的是剥夺我不需要的所有饼干，然后检查是否剩下任何cookie。如果是这样，这意味着我们绕过清漆，否则返回缓存对象。

  # Remove all cookies that Drupal doesn't need to know about. We explicitly 
  # list the ones that Drupal does need, the SESS , NO_CACHE and credential cookie namely  auth 
  #. If, after running this code we find that either of these two cookies remains, we 
  # will pass as the page cannot be cached.
  if (req.http.Cookie) {
    # 1. Append a semi-colon to the front of the cookie string.
    # 2. Remove all spaces that appear after semi-colons.
    # 3. Match the cookies we want to keep, adding the space we removed 
    #    previously back. (\1) is first matching group in the regsuball.
    # 4. Remove all other cookies, identifying them by the fact that they have
    #    no space after the preceding semi-colon.
    # 5. Remove all spaces and semi-colons from the beginning and end of the 
    #    cookie string. 
    set req.http.Cookie = ";" + req.http.Cookie;
    set req.http.Cookie = regsuball(req.http.Cookie, "; +", ";");    
    set req.http.Cookie = regsuball(req.http.Cookie, ";(SESS[a-z0-9]+|SSESS[a-z0-9]+|NO_CACHE+|auth)=", "; \1=");
    set req.http.Cookie = regsuball(req.http.Cookie, ";[^ ][^;]*", "");
    set req.http.Cookie = regsuball(req.http.Cookie, "^[; ]+|[; ]+$", "");

    if (req.http.Cookie == "") {
      # If there are no remaining cookies, remove the cookie header. If there
      # aren't any cookie headers, Varnish's default behavior will be to cache
      # the page.
      unset req.http.Cookie;
    }
    else {
      # If there is any cookies left (a session or NO_CACHE cookie), do not
      # cache the page. Pass it on to Apache directly.
      return (pass);
    }
  }
}

这很好。我会想念一个缓存 auth cookie在那里，否则就会受到打击。但是，即使是一个错过的，似乎清漆在没有请求中的其余cookie的情况下传递了请求。有没有办法将清漆通过原始的库克？

也许是类似的

else {
  # If there is any cookies left (a session or NO_CACHE cookie), do not
  # cache the page. Pass it on to Apache directly.
  # And set the cookie to its original form ??
  return (pass);
}

Answer 1

您可以在解析原始cookie并将其还原之前复制原始cookie else 声明，如下：

  # ....
  # Store original cookie in other headder
  set req.http.X-Cookie = req.http.Cookie;
  if (req.http.Cookie) {
    # ... 
    set req.http.Cookie = ";" + req.http.Cookie;
    set req.http.Cookie = regsuball(req.http.Cookie, "; +", ";");    
    set req.http.Cookie = regsuball(req.http.Cookie, ";(SESS[a-z0-9]+|SSESS[a-z0-9]+|NO_CACHE+|auth)=", "; \1=");
    set req.http.Cookie = regsuball(req.http.Cookie, ";[^ ][^;]*", "");
    set req.http.Cookie = regsuball(req.http.Cookie, "^[; ]+|[; ]+$", "");

    if (req.http.Cookie == "") {
      # ....
      # Delete cookie copy
      unset req.http.X-Cookie;
      unset req.http.Cookie;
    }
    else {
      # ...
      # Restore original cookie and delete the copy
      set req.http.Cookie = req.http.X-Cookie;
      unset req.http.X-Cookie;
      return (pass);
    }
  }
}