oxyc · May 11, 2012 05:19
diff --git a/cache_control.vcl b/cache_control.vcl

 # Only allow PURGE requests from the system itself.
 acl purge {
  "127.0.0.1";
 }

 sub custom__recv {
  # See "acl purge" above
  if (req.request == "PURGE") {
    if (!client.ip ~ purge) {
      error 405 "Not allowed.";
    }

    # Changed to allow wildcard purging for CC's session hashed URLs
    ban("req.http.host == " + req.http.host + " && req.url ~ " + req.url + "$");
    #purge("req.url == " req.url " && req.http.host == " req.http.host);
    return (lookup);

    error 200 "Purged.";
  }

  # Do not cache these paths.
  if (req.url ~ "^/status\.php$" ||
      req.url ~ "^/update\.php$" ||
      req.url ~ "^/ooyala/ping$" ||
      req.url ~ "^/admin/build/features" ||
      req.url ~ "^/info/.*$" ||
      req.url ~ "^/flag/.*$" ||
      req.url ~ "^.*/ajax/.*$" ||
      req.url ~ "^.*/ahah/.*$") {
       return (pass);
  }

  # Handle compression correctly. Different browsers send different
  # "Accept-Encoding" headers, even though they mostly all support the same
  # compression mechanisms. By consolidating these compression headers into
  # a consistent format, we can reduce the size of the cache and get more hits.=
  # @see: http:// varnish.projects.linpro.no/wiki/FAQ/Compression
  if (req.http.Accept-Encoding) {
    if (req.http.Accept-Encoding ~ "gzip") {
      # If the browser supports it, we'll use gzip.
      set req.http.Accept-Encoding = "gzip";
    }
    else if (req.http.Accept-Encoding ~ "deflate") {
      # Next, try deflate if it is supported.
      set req.http.Accept-Encoding = "deflate";
    }
    else {
      # Unknown algorithm. Remove it and send unencoded.
      unset req.http.Accept-Encoding;
    }
  }

  # Just in case something accessed via IP-addresses gets cached incorrectly
  if ((!req.http.host) || (req.http.host == "")) {
    return (pass);
  }

  # See cache_control.module:_cache_control_set_cookie();
  if (req.http.Cookie ~ "cacheControlDisabled=1") {
    return (pass);
  }

  if (req.request == "OPTIONS" || req.request == "POST" || req.request == "PUT") {
    return (pass);
  }

  if (req.request == "GET" || req.request == "HEAD") {
    return (lookup);
  }

  error 405;
 }

 sub custom__hash {

 }

 sub custom__fetch {

  # Prevent the client from caching the content; Everything is always served
  # "Varnish-fresh". This way PURGE requests immediately make the new content
  # available to everyone.
  #
  # Add debug cache headers so we know what Varnish is doing. This list of
  # headers corresponds to the headers sent by
  # cache_control.module:cache_control_send_cache_headers() and
  # cache_control.module:cache_control_send_no_cache_headers() .

  # Always cache the following file types for all users.
  if (req.url ~ "(?i)\.(png|gif|jpeg|jpg|ico|swf|css|js|html|htm)(\?[a-z0-9]+)?$") {
    unset beresp.http.set-cookie;
    return (deliver);
  }

  set beresp.http.X-DRCC-Pragma = beresp.http.Pragma;
  set beresp.http.X-DRCC-Last-Modified = beresp.http.Last-Modified;
  set beresp.http.X-DRCC-Cache-Control = beresp.http.Cache-Control;
  set beresp.http.X-DRCC-Expires = beresp.http.Expires;

  # Remove caching headers
  unset beresp.http.Last-Modified;
  unset beresp.http.Expires;
  unset beresp.http.Cache-Control;

  # Add no-cache headers instead
  set beresp.http.Pragma = "no-cache";
  set beresp.http.Cache-Control = "no-store, no-cache, must-revalidate, pre-check=0, post-check=0, max-age=0";
  set beresp.http.Expires = "Sun, 03 Jan 1971 00:00:00 GMT";

  # if (req.url ~ "^.*?new.*$") {
  #   return (hit_for_pass);
  # }


  # Just in case something accessed via IP-addresses gets cached incorrectly
  if ((!bereq.http.host) || (bereq.http.host == "")) {
      return (hit_for_pass);
  }

  # Make sure content behind passwords doesn't get cached
  if (beresp.http.Authenticate || bereq.http.Authorization) {
    return (hit_for_pass);
  }

  # See cache_control.module:_cache_control_set_cookie();
  if (bereq.http.Cookie ~ "cacheControlDisabled=1") {
    return (hit_for_pass);
  }

  if (bereq.request == "OPTIONS" || bereq.request == "POST" || bereq.request == "PUT") {
     return (hit_for_pass);
  }

  if (bereq.request == "GET" || bereq.request == "HEAD") {
    # If user just logged out, pass the unauthenticated cookie to a client
    # without caching the content.
    if ((bereq.http.Cookie ~ "cacheControlAuthenticated=1") && (beresp.http.Set-Cookie ~ "cacheControlAuthenticated=0")) {
      return (hit_for_pass);
    }

    # If the user just logged in, pass, since the user needs his cc auth cookie.
    if (beresp.http.Set-Cookie ~ "cacheControlAuthenticated=1") {
      return (hit_for_pass);
    }

    # Otherwise strip all cookies and cache the response. We don't want to
    # leave any cookies in the cached content.
    unset beresp.http.Set-Cookie;
    return (deliver);
  }

  error 405;
 }

	# Only allow PURGE requests from the system itself.
	acl purge {
	"127.0.0.1";
	}

	sub custom__recv {
	# See "acl purge" above
	if (req.request == "PURGE") {
	if (!client.ip ~ purge) {
	error 405 "Not allowed.";
	}

	# Changed to allow wildcard purging for CC's session hashed URLs
	ban("req.http.host == " + req.http.host + " && req.url ~ " + req.url + "$");
	#purge("req.url == " req.url " && req.http.host == " req.http.host);
	return (lookup);

	error 200 "Purged.";
	}

	# Do not cache these paths.
	if (req.url ~ "^/status\.php$" \|\|
	req.url ~ "^/update\.php$" \|\|
	req.url ~ "^/ooyala/ping$" \|\|
	req.url ~ "^/admin/build/features" \|\|
	req.url ~ "^/info/.*$" \|\|
	req.url ~ "^/flag/.*$" \|\|
	req.url ~ "^./ajax/.$" \|\|
	req.url ~ "^./ahah/.$") {
	return (pass);
	}

	# Handle compression correctly. Different browsers send different
	# "Accept-Encoding" headers, even though they mostly all support the same
	# compression mechanisms. By consolidating these compression headers into
	# a consistent format, we can reduce the size of the cache and get more hits.=
	# @see: http:// varnish.projects.linpro.no/wiki/FAQ/Compression
	if (req.http.Accept-Encoding) {
	if (req.http.Accept-Encoding ~ "gzip") {
	# If the browser supports it, we'll use gzip.
	set req.http.Accept-Encoding = "gzip";
	}
	else if (req.http.Accept-Encoding ~ "deflate") {
	# Next, try deflate if it is supported.
	set req.http.Accept-Encoding = "deflate";
	}
	else {
	# Unknown algorithm. Remove it and send unencoded.
	unset req.http.Accept-Encoding;
	}
	}

	# Just in case something accessed via IP-addresses gets cached incorrectly
	if ((!req.http.host) \|\| (req.http.host == "")) {
	return (pass);
	}

	# See cache_control.module:_cache_control_set_cookie();
	if (req.http.Cookie ~ "cacheControlDisabled=1") {
	return (pass);
	}

	if (req.request == "OPTIONS" \|\| req.request == "POST" \|\| req.request == "PUT") {
	return (pass);
	}

	if (req.request == "GET" \|\| req.request == "HEAD") {
	return (lookup);
	}

	error 405;
	}

	sub custom__hash {

	}

	sub custom__fetch {

	# Prevent the client from caching the content; Everything is always served
	# "Varnish-fresh". This way PURGE requests immediately make the new content
	# available to everyone.
	#
	# Add debug cache headers so we know what Varnish is doing. This list of
	# headers corresponds to the headers sent by
	# cache_control.module:cache_control_send_cache_headers() and
	# cache_control.module:cache_control_send_no_cache_headers() .

	# Always cache the following file types for all users.
	if (req.url ~ "(?i)\.(png\|gif\|jpeg\|jpg\|ico\|swf\|css\|js\|html\|htm)(\?[a-z0-9]+)?$") {
	unset beresp.http.set-cookie;
	return (deliver);
	}

	set beresp.http.X-DRCC-Pragma = beresp.http.Pragma;
	set beresp.http.X-DRCC-Last-Modified = beresp.http.Last-Modified;
	set beresp.http.X-DRCC-Cache-Control = beresp.http.Cache-Control;
	set beresp.http.X-DRCC-Expires = beresp.http.Expires;

	# Remove caching headers
	unset beresp.http.Last-Modified;
	unset beresp.http.Expires;
	unset beresp.http.Cache-Control;

	# Add no-cache headers instead
	set beresp.http.Pragma = "no-cache";
	set beresp.http.Cache-Control = "no-store, no-cache, must-revalidate, pre-check=0, post-check=0, max-age=0";
	set beresp.http.Expires = "Sun, 03 Jan 1971 00:00:00 GMT";

	# if (req.url ~ "^.?new.$") {
	# return (hit_for_pass);
	# }


	# Just in case something accessed via IP-addresses gets cached incorrectly
	if ((!bereq.http.host) \|\| (bereq.http.host == "")) {
	return (hit_for_pass);
	}

	# Make sure content behind passwords doesn't get cached
	if (beresp.http.Authenticate \|\| bereq.http.Authorization) {
	return (hit_for_pass);
	}

	# See cache_control.module:_cache_control_set_cookie();
	if (bereq.http.Cookie ~ "cacheControlDisabled=1") {
	return (hit_for_pass);
	}

	if (bereq.request == "OPTIONS" \|\| bereq.request == "POST" \|\| bereq.request == "PUT") {
	return (hit_for_pass);
	}

	if (bereq.request == "GET" \|\| bereq.request == "HEAD") {
	# If user just logged out, pass the unauthenticated cookie to a client
	# without caching the content.
	if ((bereq.http.Cookie ~ "cacheControlAuthenticated=1") && (beresp.http.Set-Cookie ~ "cacheControlAuthenticated=0")) {
	return (hit_for_pass);
	}

	# If the user just logged in, pass, since the user needs his cc auth cookie.
	if (beresp.http.Set-Cookie ~ "cacheControlAuthenticated=1") {
	return (hit_for_pass);
	}

	# Otherwise strip all cookies and cache the response. We don't want to
	# leave any cookies in the cached content.
	unset beresp.http.Set-Cookie;
	return (deliver);
	}

	error 405;
	}
No results found