default.vcl

1. C{
2. #include <stdlib.h>
3. #include <stdio.h>
4. #include <time.h>
5. #include <pthread.h>
6. static pthread_mutex_t lrand_mutex = PTHREAD_MUTEX_INITIALIZER;
7. void generate_uuid(char* buf) {
8. pthread_mutex_lock(&lrand_mutex);
9. long a = lrand48();
10. long b = lrand48();
11. long c = lrand48();
12. long d = lrand48();
13. pthread_mutex_unlock(&lrand_mutex);
14. // SID must match this regex for Kount compat /^\w{1,32}$/
15. sprintf(buf, "frontend=%08lx%04lx%04lx%04lx%04lx%08lx",
16. a,
17. b & 0xffff,
18. (b & ((long)0x0fff0000) >> 16) | 0x4000,
19. (c & 0x0fff) | 0x8000,
20. (c & (long)0xffff0000) >> 16,
21. d
22. );
23. return;
24. }
25. }C
26. import std;
27. backend default {
28. .host = "127.0.0.1";
29. .port = "8080";
30. .first_byte_timeout = 300s;
31. .between_bytes_timeout = 300s;
32. }
33. backend admin {
34. .host = "127.0.0.1";
35. .port = "8080";
36. .first_byte_timeout = 21600s;
37. .between_bytes_timeout = 21600s;
38. }
39. acl crawler_acl {
40. "127.0.0.1";
41. }
42. acl debug_acl {
43. }
44. sub generate_session {
45. if (req.url ~ ".*[&?]SID=([^&]+).*") {
46. set req.http.X-Varnish-Faked-Session = regsub(
47. req.url, ".*[&?]SID=([^&]+).*", "frontend=\1");
48. } else {
49. C{
50. char uuid_buf [50];
51. generate_uuid(uuid_buf);
52. VRT_SetHdr(sp, HDR_REQ,
53. "\030X-Varnish-Faked-Session:",
54. uuid_buf,
55. vrt_magic_string_end
56. );
57. }C
58. }
59.  
60. if (req.http.Cookie) {
61. std.collect(req.http.Cookie);
62. set req.http.Cookie = req.http.X-Varnish-Faked-Session +
63. "; " + req.http.Cookie;
64. } else {
65. set req.http.Cookie = req.http.X-Varnish-Faked-Session;
66. }
67. }
68.  
69. sub generate_session_expires {
70. C{
71. time_t now = time(NULL);
72. struct tm now_tm = *gmtime(&now);
73. now_tm.tm_sec += 84000;
74. mktime(&now_tm);
75. char date_buf [50];
76. strftime(date_buf, sizeof(date_buf)-1, "%a, %d-%b-%Y %H:%M:%S %Z", &now_tm);
77. VRT_SetHdr(sp, HDR_RESP,
78. "\031X-Varnish-Cookie-Expires:",
79. date_buf,
80. vrt_magic_string_end
81. );
82. }C
83. }
84.  
85. sub vcl_recv {
86. if (req.restarts == 0) {
87. if (req.http.X-Forwarded-For) {
88. set req.http.X-Forwarded-For =
89. req.http.X-Forwarded-For + ", " + client.ip;
90. } else {
91. set req.http.X-Forwarded-For = client.ip;
92. }
93. }
94. if (!true || req.http.Authorization ||
95. req.request !~ "^(GET|HEAD)$" ||
96. req.http.Cookie ~ "varnish_bypass=1") {
97. return (pipe);
98. }
99. set req.url = regsuball(req.url, "(.*)//+(.*)", "\1/\2");
100. if (req.http.Accept-Encoding) {
101. if (req.http.Accept-Encoding ~ "gzip") {
102. set req.http.Accept-Encoding = "gzip";
103. } else if (req.http.Accept-Encoding ~ "deflate") {
104. set req.http.Accept-Encoding = "deflate";
105. } else {
106. unset req.http.Accept-Encoding;
107. }
108. }
109. if (req.url ~ "^(/media/|/skin/|/th/|/js/|/en/|/m/)(?:(?:index|litespeed)\.php/)?") {
110. set req.http.X-Turpentine-Secret-Handshake = "1";
111. if (req.url ~ "^(/media/|/skin/|/th/|/js/|/en/|/m/)(?:(?:index|litespeed)\.php/)?admintools") {
112. set req.backend = admin;
113. return (pipe);
114. }
115. if (req.http.Cookie ~ "\bcurrency=") {
116. set req.http.X-Varnish-Currency = regsub(
117. req.http.Cookie, ".*\bcurrency=([^;]*).*", "\1");
118. }
119. if (req.http.Cookie ~ "\bstore=") {
120. set req.http.X-Varnish-Store = regsub(
121. req.http.Cookie, ".*\bstore=([^;]*).*", "\1");
122. }
123. if (req.url ~ "/turpentine/esi/get(?:Block|FormKey)/") {
124. set req.http.X-Varnish-Esi-Method = regsub(
125. req.url, ".*/method/(\w+)/.*", "\1");
126. set req.http.X-Varnish-Esi-Access = regsub(
127. req.url, ".*/access/(\w+)/.*", "\1");
128. if (req.http.X-Varnish-Esi-Method == "esi" && req.esi_level == 0 &&
129. !(true || client.ip ~ debug_acl)) {
130. error 403 "External ESI requests are not allowed";
131. }
132. }
133. if (req.http.Cookie !~ "frontend=") {
134. if (client.ip ~ crawler_acl ||
135. req.http.User-Agent ~ "^(?:ApacheBench/.*|.*Googlebot.*|JoeDog/.*Siege.*|magespeedtest\.com|Nexcessnet_Turpentine/.*)$") {
136. set req.http.Cookie = "frontend=crawler-session";
137. } else {
138. call generate_session;
139. }
140. }
141. if (true &&
142. req.url ~ ".*\.(?:css|js|jpe?g|png|gif|ico|swf)(?=\?|&|$)") {
143. unset req.http.Cookie;
144. unset req.http.X-Varnish-Faked-Session;
145. return (lookup);
146. }
147. if (req.url ~ "^(/media/|/skin/|/th/|/js/|/en/|/m/)(?:(?:index|litespeed)\.php/)?(?:admintools|api|cron\.php|ajaxcart|customer|checkout|wishlist|onestepcheckout)" ||
148. req.url ~ "\?.*__from_store=") {
149. return (pipe);
150. }
151. if (true &&
152. req.url ~ "(?:[?&](?:__SID|XDEBUG_PROFILE)(?=[&=]|$))") {
153. return (pass);
154. }
155. if (req.url ~ "[?&](utm_source|utm_medium|utm_campaign|gclid|cx|ie|cof|siteurl)=") {
156. set req.url = regsuball(req.url, "(?:(\?)?|&)(?:utm_source|utm_medium|utm_campaign|gclid|cx|ie|cof|siteurl)=[^&]+", "\1");
157. set req.url = regsuball(req.url, "(?:(\?)&|\?$)", "\1");
158. }
159. return (lookup);
160. }
161. }
162.  
163. sub vcl_pipe {
164. unset bereq.http.X-Turpentine-Secret-Handshake;
165. set bereq.http.Connection = "close";
166. }
167.  
168. sub vcl_hash {
169. hash_data(req.url);
170. if (req.http.Host) {
171. hash_data(req.http.Host);
172. } else {
173. hash_data(server.ip);
174. }
175. hash_data(req.http.Ssl-Offloaded);
176. if (req.http.X-Normalized-User-Agent) {
177. hash_data(req.http.X-Normalized-User-Agent);
178. }
179. if (req.http.Accept-Encoding) {
180. hash_data(req.http.Accept-Encoding);
181. }
182. if (req.http.X-Varnish-Store || req.http.X-Varnish-Currency) {
183. hash_data("s=" + req.http.X-Varnish-Store + "&c=" + req.http.X-Varnish-Currency);
184. }
185. if (req.http.X-Varnish-Esi-Access == "private" &&
186. req.http.Cookie ~ "frontend=") {
187. hash_data(regsub(req.http.Cookie, "^.*?frontend=([^;]*);*.*$", "\1"));
188. }
189. return (hash);
190. }
191.  
192. sub vcl_hit {
193. }
194.  
195. sub vcl_fetch {
196. set req.grace = 15s;
197. set beresp.http.X-Varnish-Host = req.http.host;
198. set beresp.http.X-Varnish-URL = req.url;
199. if (beresp.ttl < 120s) {
200. set beresp.ttl = 120s;
201. }
202. unset beresp.http.Vary;
203. set beresp.do_gzip = true;
204. if (beresp.status != 200 && beresp.status != 404) {
205. set beresp.ttl = 15s;
206. return (hit_for_pass);
207. } else {
208. if (beresp.http.Set-Cookie) {
209. set beresp.http.X-Varnish-Set-Cookie = beresp.http.Set-Cookie;
210. unset beresp.http.Set-Cookie;
211. }
212. unset beresp.http.Cache-Control;
213. unset beresp.http.Expires;
214. unset beresp.http.Pragma;
215. unset beresp.http.Cache;
216. unset beresp.http.Age;
217. if (beresp.http.X-Turpentine-Esi == "1") {
218. set beresp.do_esi = true;
219. }
220. if (beresp.http.X-Turpentine-Cache == "0") {
221. set beresp.ttl = 15s;
222. return (hit_for_pass);
223. } else {
224. if (true &&
225. bereq.url ~ ".*\.(?:css|js|jpe?g|png|gif|ico|swf)(?:-/?|&|$)") {
226. set beresp.ttl = 28800s;
227. set beresp.http.Cache-Control = "max-age=28800";
228. } elseif (req.http.X-Varnish-Esi-Method) {
229. if (req.http.X-Varnish-Esi-Access == "private" &&
230. req.http.Cookie ~ "frontend=") {
231. set beresp.http.X-Varnish-Session = regsub(req.http.Cookie,
232. "^.*?frontend=([^;]*);-*.*$", "\1");
233. }
234. if (req.http.X-Varnish-Esi-Method == "ajax" &&
235. req.http.X-Varnish-Esi-Access == "public") {
236. set beresp.http.Cache-Control = "max-age=" + regsub(
237. req.url, ".*/ttl/(\d+)/.*", "\1");
238. }
239. set beresp.ttl = std.duration(
240. regsub(
241. req.url, ".*/ttl/(\d+)/.*", "\1s"),
242. 300s);
243. if (beresp.ttl == 0s) {
244. set beresp.ttl = 15s;
245. return (hit_for_pass);
246. }
247. } else {
248. set beresp.ttl = 3600s;
249. }
250. }
251. }
252. return (deliver);
253.  
254. }
255.  
256. sub vcl_deliver {
257. if (obj.hits > 0) {
258. set resp.http.X-Caches = "HIT";
259. } else {
260. set resp.http.X-Caches = "MISS";
261. }
262.  
263. if (req.http.X-Varnish-Faked-Session) {
264. call generate_session_expires;
265. set resp.http.Set-Cookie = req.http.X-Varnish-Faked-Session +
266. "; expires=" + resp.http.X-Varnish-Cookie-Expires + "; path=/";
267. if (req.http.Host) {
268. set resp.http.Set-Cookie = resp.http.Set-Cookie +
269. "; domain=" + regsub(req.http.Host, ":\d+$", "");
270. }
271. set resp.http.Set-Cookie = resp.http.Set-Cookie + "; httponly";
272. unset resp.http.X-Varnish-Cookie-Expires;
273. }
274. if (req.http.X-Varnish-Esi-Method == "ajax" && req.http.X-Varnish-Esi-Access == "private") {
275. set resp.http.Cache-Control = "no-cache";
276. }
277. if (true || client.ip ~ debug_acl) {
278. set resp.http.X-Varnish-Hit = obj.hits;
279. set resp.http.X-Varnish-Esi-Method = req.http.X-Varnish-Esi-Method;
280. set resp.http.X-Varnish-Esi-Access = req.http.X-Varnish-Esi-Access;
281. set resp.http.X-Varnish-Currency = req.http.X-Varnish-Currency;
282. set resp.http.X-Varnish-Store = req.http.X-Varnish-Store;
283. } else {
284. unset resp.http.X-Varnish;
285. unset resp.http.Via;
286. unset resp.http.X-Powered-By;
287. unset resp.http.Server;
288. unset resp.http.X-Turpentine-Cache;
289. unset resp.http.X-Turpentine-Esi;
290. unset resp.http.X-Turpentine-Flush-Events;
291. unset resp.http.X-Turpentine-Block;
292. unset resp.http.X-Varnish-Session;
293. unset resp.http.X-Varnish-Host;
294. unset resp.http.X-Varnish-URL;
295. unset resp.http.X-Varnish-Set-Cookie;
296. }
297. }