0

I have this code in varnish config and not sure what it do! This config will cache or not my client requests? what is wrong with it?

sub vcl_backend_response {
    if (beresp.status != 200) {
        return (pass);
    }
    set beresp.http.X-Backend = beresp.backend.name;


    unset beresp.http.cookie;
    unset beresp.http.Set-Cookie;

    if (bereq.http.x-render-type == "test" && beresp.http.Content-Type ~ "text/html") {
        set beresp.http.Cache-Control = "no-store";
    }

    set beresp.http.Cache-Control = "no-store";
    if (bereq.http.x-render-type == "test" && beresp.http.Content-Type ~ "text/html") {
        return (pass);
    }

    return (deliver);
}
Morteza
  • 3
  • 2

1 Answers1

0

This block of VCL code seems to specify some rules on when to bypass the cache. However, the way it is written doesn't make a lot of sense.

Bypassing the cache

return(pass) is not the proper way of bypassing the caching in the vcl_backend_response context. return(pass) is used in vcl_recv when an incoming request bypasses the cache.

In vcl_backend_response bypassing the cache means preventing from storing the incoming object in the cache. The best practices dictate that you do set beresp.uncacheable = true, assign a TTL and then return(deliver). This ensures that this object bypasses the cache for a certain amount of time until the next backend response meets the required criteria.

My enabling beresp.uncacheable, you're ensuring that the object ends up on the waiting list and becomes a candidate for request coalescing.

Removing cookies

Removing cookies often makes sense to improve your hit rate. In the backend context you will remove the Set-Cookie header. This is correctly done in vcl_backend_response through unset beresp.http.Set-Cookie, however this is done unconditionally.

This means that any Set-Cookie action will not take place, which could result in inconsistent behavior. Not sure if pre-conditions are required for the removal of these cookies.

You can also remove incoming cookies through unset req.http.Cookie. But there seems to be a similar call in vcl_backend_response that runs unset beresp.http.Cookie.

This would indicate that a Cookie response header would be received. That seems unlikely.

Rewriting the VCL

This is how I would rewrite this VCL code without any other context:

vcl 4.1;

backend default {
    .host = "127.0.0.1";
    .port = "80";
}

sub vcl_recv {
    unset req.http.Cookie;
}

sub vcl_backend_response {
    if(beresp.status != 200) {
        set beresp.ttl = 120s;
        set beresp.uncacheable = true;
        return(deliver);
    }

    set beresp.http.X-Backend = beresp.backend.name;
    unset beresp.http.Set-Cookie;
    set beresp.http.Cache-Control = "no-store";

    if (bereq.http.x-render-type == "test" && beresp.http.Content-Type ~ "text/html") {
        set beresp.ttl = 120s;
        set beresp.uncacheable = true;
        return(deliver);
    }

    return (deliver);
}

Warning: I would not recommend copy/pasting this could into your production environment. I have a feeling that some corners were cut when writing this VCL. Since I don't have any additional context, I don't want to advise using this.

Thijs Feryn
  • 1,166
  • 4
  • 5