Question
following situation: On the server is a apache and Varnish for caching. SSL is handled by an amazon load balancer. If the page is requested using https, the http header "X-Forwarded-Proto" is set to "https". The pages are sometimes different (e.g. links/images have to be fetched using https when using a secure connection)
How can I tell varnish that pages are different if the X-Forwarded-Proto header differs? As it is now, whatever is accessed first is cached and served for http and https!
Solution 3
https://stackoverflow.com/questions/20747153
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russiansub vcl_recv {
if ( req.http.X-Forwarded-Proto !~ "(?i)https") {
set req.http.x-Redir-Url = "http://" + ...req url;
}else{
set req.http.x-Redir-Url = "https://" + ...req url;
}
}
Sorry, I have updated the code now. This is what I meant.
OTHER TIPS
What you want, I presume, is to have different cached versions of the same URI, that's pretty easy using a custom vcl_hash:
sub vcl_hash {
# ...
if (req.http.X-Forwarded-Proto &&
req.url !~ "(?i)\.(png|gif|jpeg|jpg|ico|gz|tgz|bz2|tbz|mp3|ogg|zip|rar|otf|ttf|eot|woff|svg|pdf)$") {
hash_data(req.http.X-Forwarded-Proto);
}
# ...
}
In this example static files are only cached once and the rest (html, js, css..) are cached in 2 different versions (assuming X-Forwarded-Proto only takes two values).
You can see the example in a broader context on https://github.com/NITEMAN/varnish-bites/blob/master/varnish3/drupal-base.vcl
The question and the answers are pretty old.
By now best practice is to utilize the Vary header (ironically, what the guy suggested who got his answer deleted in 2015).
You should avoid the hash_data() as much as possible.
Your backend should instead send Vary: X-Forwarded-Proto,Accept-Encoding. The Varnish server sees the header and does create seperate cache entries according to the protocol in the header set by the terminating instance.
