The vcl you are showing may be standard, but as you have noticed it will
not work properly when
query strings end in a file extension. I encountered this same problem
after blindly copying from
example varnish configurations.
Before the check is done, the query parameter needs to be stripped from
the url.
Example of an alternate way to check the extensions:
sub vcl_recv {
...
set req.http.ext = regsub( req.url, "\?.+$", "" );
set req.http.ext = regsub( req.http.ext, ".+\.([a-zA-Z]+)$", "\1" );
if( req.http.ext ~
"^(js|gif|jpg|jpeg|png|ico|css|html|ehtml|shtml|swf)$" ) {
return(lookup);
}
...
}
Doubtless others will say this approach is wrong for some reason or
another. I use it in a production
environment and it works fine though. Pass it along to your hosting
provider and request that they
consider changing their config.
Note that the above code will cause the end user to receive a 'ext'
header with the file extension.
You can add a 'remove req.http.ext' after the code if you don't want
that to happen...
Another thing to consider is that whether it this is a bug or not; it is
a common problem with varnish
configurations, and as such can be used on most varnish servers to force
them to return things
differently then they normally would. IE: if some backend script is a
huge request and eats up resources, sending
it a '?.jpg' could be used to hit it repeatedly and bring about a denial
of service.
On 3/16/2011 11:55 AM, Chris Bloom wrote:
Thank you, Bjorn, for your response.
Our hosting provider tells me that the following routines have been
added to the default config.
sub vcl_recv {
# Cache things with these extensions
if (req.url ~
"\.(js|css|JPG|jpg|jpeg|png|gif|gz|tgz|bz2|tbz|mp3|ogg|swf)$") {
unset req.http.cookie;
return (lookup);
}
}
sub vcl_fetch {
# Cache things with these extensions
if (req.url ~
"\.(js|css|JPG|jpg|jpeg|png|gif|gz|tgz|bz2|tbz|mp3|ogg|swf)$") {
unset req.http.set-cookie;
set obj.ttl = 1h;
}
}
Clearly the req.url variable contains the entire request URL,
including the querystring. Is there another variable that I should be
using instead that would only include the script name? If this is the
default behavior, I'm inclined to cry "bug".
You can test that other script for yourself by substituting
maxisavergroup.com <http://maxisavergroup.com> for the domain in the
example URLs I provided.
PS: We are using Varnish 2.0.6
_______________________________________________
varnish-misc mailing list
[email protected]
http://www.varnish-cache.org/lists/mailman/listinfo/varnish-misc
_______________________________________________
varnish-misc mailing list
[email protected]
http://www.varnish-cache.org/lists/mailman/listinfo/varnish-misc
