Hi,
We are using varnish in our production. I have a doubt regarding ESI:
In web page, there is esi as follows:
/main.html
<HTML code>
...................
<esi:include src="/esi-url">
..............
<HTML code>
In the above code, the varnish VCL is as follows:
sub vcl_recv {
if (req.method == "GET") {
if ((req.url !~ "^/esi-url") &&
unset req.http.cookie; # strip the cookies - we don't
need them
}
}
}
sub vcl_backend_response {
if (bereq.method == "GET") {
set beresp.do_esi = true;
if ((bereq.url !~ "^/esi-url") && {
unset beresp.http.Set-Cookie;
}
}
}
When browser sends a HTTP request for main.html to varnish, varnish
delivers the non-ESI portion from cache and fetches the esi-url from
backend. Now for esi-url, backend sets csrf-token in Set-Cookie.
My query is : Will varnish pass on the Set-Cookie in HTTP response?
I couldn't see it in my setup. Varnish is not passing the Set-Cookie in
HTTP response to the Browser. Is there a way for Varnish to pass the
Set-Cookie in ESI response?
The esi portion could be a form containing a csrf token.
Would appreciate clarifications on the above...
Thanks,
Pinakee
_______________________________________________
varnish-misc mailing list
[email protected]
https://www.varnish-cache.org/lists/mailman/listinfo/varnish-misc
