I'm wondering if anyone has any thoughts about how I might address the following? I am using nginx as a caching reverse proxy in front of a complex Apache/Weblogic Java application. I have a half-dozen Location blocks that have different caching policies with custom keys and different cache lifetimes. I'm using openresty to implement different cache key logic with lua scripts and until now everything has gone smoothly. Some of the locations use the combination of proxy_ignore_headers Set-Cookie and proxy_hide_header Set-Cookie to strip cookies from cached responses. Another location needs to allow for session cookies to be created and so it has the default nginx behavior of not caching responses that contain cookies. Now I need a different hybrid behavior- if a response contains "Set-Cookie: TLTHID", then strip it from the response, but still cache the response. If the response contains any other Set-Cookie header then don't cache the response. I have tried to use more_clear_headers 'Set-Cookie: TLTHID*" to strip the cookie and I see that it does indeed remove the cookie from the response, however the debug log shows me that the object is still seen as being not cacheable, presumably because nginx knows that the stripped Set-Cookie was there. Is there an easy way to work around this? I'd considered running a second nginx process to simply act as a proxy that strips the 'Set-Cookie: TLTHID*" header - it sounds clunky but I expect it would work. Is there a way to achieve this within a single nginx instance?
on 2013-03-08 18:04
on 2013-03-08 19:45
On 8 March 2013 17:00, Peter Booth <Peter_Booth@s5a.com> wrote: > Now I need a different hybrid behavior- > > if a response contains “Set-Cookie: TLTHID”, then strip it from the > response, but still cache the response. > > If the response contains any other Set-Cookie header then don’t cache the > response. > > Is there a way to achieve this within a single nginx instance? I don't use nginx as a cache, so I can't speak as for how this will work with the caching subsystem, but I wonder if something like this might work: ----------------------------- map $sent_http_set_cookie $header_to_drop { default NA; ~TLTHID Set-Cookie; } server { proxy_pass http://upstream.fqdn; proxy_ignore_headers $header_to_drop; proxy_hide_header $header_to_drop; } ----------------------------- The map might need $upstream_http_set_cookie instead - I don't recall the difference off the top of my head. HTH, Jonathan -- Jonathan Matthews // Oxford, London, UK http://www.jpluscplusm.com/contact.html
Enable email notification
Enable multi-page viewPlease log in before posting. Registration is free and takes only a minute.
Existing account
(Switch to SSL-encrypted connection)
NEW: Do you have a Google/GoogleMail or Yahoo account? No registration required!
Log in with Google account | Log in with Yahoo account
Log in with Google account | Log in with Yahoo account
No account? Register here.