0

I have a live website and staging version set up on the same virtual server. The live site uses Varnish and no authentication, the staging site bypasses Varnish but uses digest authentication. In my VCL file I have this:

sub vcl_recv {
    if (req.http.Authorization || req.http.Authenticate) {
        return(pass);
    }

    if (req.http.host != "live.site.com") {
        return(pass);
    }

I'm seeing a problem on the staging site, whereby resources with any querystring are not being served - in Firebug I see '400 Bad request' and in the Apache logs this:

[Fri Sep 19 11:13:03 2014] [error] [client 127.0.0.1] Digest: uri mismatch - 
    </wp-content/plugins/jetpack/modules/wpgroho.js?ver=3.9.2> does not match 
    request-uri </wp-content/plugins/jetpack/modules/wpgroho.js>, referer: 
    http://stage.site.com/

What have I done wrong, does anyone know how to fix this?

Thanks,

Toby

toby1kenobi
  • 1,609
  • 1
  • 14
  • 24

1 Answers1

0

Ok, found it, here's what I found (in case it helps anyone else):

I do, of course, have a section in my Varnish VCL that removes querystrings from static files, to aid caching:

if (req.request ~ "^(GET|HEAD)$" && req.url ~ "\.(jpg|jpeg|gif|png|ico|css|zip|tgz|gz|rar|bz2|pdf|txt|tar|wav|bmp|rtf|js|flv|swf|html|htm)(\?.*)?$") {
    if (req.url ~ "nocache") {
        return(pass);
    }
    set req.url = regsub(req.url, "\?.*$", "");
    unset req.http.Cookie;
    set req.grace = 2m;
    return(lookup);
}

This clearly conflicts with digest authentication, so I will have to revisit that part of the VCL.

UPDATE I just changed the second conditional to:

    if (req.http.Authorization || req.http.Authenticate || 
        req.url ~ "nocache") {
        return(pass);
    }
toby1kenobi
  • 1,609
  • 1
  • 14
  • 24