Selectively implement something like proxy_ignore_headers Set-Cookie?

I’m wondering if anyone has any thoughts about how I might address the
following?

I am using nginx as a caching reverse proxy in front of a complex
Apache/Weblogic Java application.

I have a half-dozen Location blocks that have different caching policies
with custom keys and

different cache lifetimes. I’m using openresty to implement different
cache key logic with lua scripts

and until now everything has gone smoothly.

Some of the locations use the combination of

proxy_ignore_headers Set-Cookie and proxy_hide_header Set-Cookie to
strip cookies from cached responses.

Another location needs to allow for session cookies to be created and so
it has the default nginx behavior of not caching

responses that contain cookies.

Now I need a different hybrid behavior-

if a response contains “Set-Cookie: TLTHID”, then strip it from the
response, but still cache the response.

If the response contains any other Set-Cookie header then don’t cache
the response.

I have tried to use more_clear_headers 'Set-Cookie: TLTHID*" to strip
the cookie and I see

that it does indeed remove the cookie from the response, however the
debug log shows me that the object is still

seen as being not cacheable, presumably because nginx knows that the
stripped Set-Cookie was there.

Is there an easy way to work around this? I’d considered running a
second nginx process to simply act as a

proxy that strips the 'Set-Cookie: TLTHID*" header - it sounds clunky
but I expect it would work.

Is there a way to achieve this within a single nginx instance?

On 8 March 2013 17:00, Peter B. [email protected] wrote:

Now I need a different hybrid behavior-

if a response contains “Set-Cookie: TLTHID”, then strip it from the
response, but still cache the response.

If the response contains any other Set-Cookie header then don’t cache the
response.

Is there a way to achieve this within a single nginx instance?

I don’t use nginx as a cache, so I can’t speak as for how this will
work with the caching subsystem, but I wonder if something like this
might work:


map $sent_http_set_cookie $header_to_drop {
default NA;
~TLTHID Set-Cookie;
}

server {
proxy_pass http://upstream.fqdn;
proxy_ignore_headers $header_to_drop;
proxy_hide_header $header_to_drop;
}

The map might need $upstream_http_set_cookie instead - I don’t recall
the difference off the top of my head.

HTH,
Jonathan

Jonathan M. // Oxford, London, UK
http://www.jpluscplusm.com/contact.html