if we thought the request was auth'd based on the cookie, but the ETa…

…g says it wasn't (first field is user), make sure we cache this as the anon variant. fixes caching of requests with malformed or invalid session cookies
Signl · Oct 25, 2014 · b3f21f8 · b3f21f8
1 parent 9746985
commit b3f21f8
Showing 1 changed file with 4 additions and 0 deletions.
diff --git a/plone_buildout/templates/default/default.vcl.erb b/plone_buildout/templates/default/default.vcl.erb
@@ -130,6 +130,10 @@ sub vcl_fetch {
  set beresp.http.X-Varnish-Action = "FETCH (pass - not cacheable)";
  return(hit_for_pass);
  }
+ if (!req.http.X-Anonymous && beresp.http.ETag ~ "^|") {
+ set beresp.http.X-Varnish-Action = "FETCH (override - cache as anon)";
+ set req.http.X-Anonymous = "True";
+ }
  return(deliver);
 }