Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix for custom cookie domain #1415

Open
wants to merge 2 commits into
base: devel
Choose a base branch
from
Open

Fix for custom cookie domain #1415

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
8227795
Fix for custom cookie domain
May 24, 2017
6e9bec3
Applied cookie-domain fix to V2 and V3 VCL
May 31, 2017
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
38 changes: 37 additions & 1 deletion app/code/community/Nexcessnet/Turpentine/Model/Varnish/Configurator/Abstract.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1006,7 +1006,42 @@ protected function _vcl_sub_synth_https_fix()
return $tpl;
}


/**
* Get VCL for fixing cookie domain
*
* @return string
*/
protected function _vcl_sub_set_cookie_domain()
{
$tpl = '';
/** @var Mage_Core_Model_Store $store */
$domain2cookie = array();
foreach (Mage::app()->getStores() as $store) {
$cookieDomain = $store->getConfig(Mage_Core_Model_Cookie::XML_PATH_COOKIE_DOMAIN);
if (!$cookieDomain) {
continue;
}
$urlDomainUnsecure = parse_url($store->getBaseUrl(Mage_Core_Model_Store::URL_TYPE_LINK, false), PHP_URL_HOST);
$urlDomainSecure = parse_url($store->getBaseUrl(Mage_Core_Model_Store::URL_TYPE_LINK, true), PHP_URL_HOST);
if ($urlDomainUnsecure && $urlDomainUnsecure != $cookieDomain) {
$domain2cookie[$urlDomainUnsecure] = $cookieDomain;
}
if ($urlDomainSecure && $urlDomainSecure != $cookieDomain) {
$domain2cookie[$urlDomainSecure] = $cookieDomain;
}
}
$count = 0;
foreach ($domain2cookie as $domain => $cookieDomain) {
$if = ($count == 0) ? ' if' : ' elsif';
$tpl .= <<<EOS
$if (resp.http.X-Varnish-CookieDomain == "$domain") {
set resp.http.X-Varnish-CookieDomain = "$cookieDomain";
}
EOS;
$count++;
}
return $tpl;
}

/**
* Build the list of template variables to apply to the VCL template
Expand Down Expand Up @@ -1057,6 +1092,7 @@ protected function _getTemplateVars() {
$this->_getVclTemplateFilename(self::VCL_CUSTOM_C_CODE_FILE) ),
'esi_private_ttl' => Mage::helper('turpentine/esi')
->getDefaultEsiTtl(),
'set_cookie_domain' => $this->_vcl_sub_set_cookie_domain(),
);

if ((bool) Mage::getStoreConfig('turpentine_vcl/urls/bypass_cache_store_url')) {
Expand Down
5 changes: 4 additions & 1 deletion app/code/community/Nexcessnet/Turpentine/misc/version-2.vcl
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -389,8 +389,10 @@ sub vcl_deliver {
set resp.http.Set-Cookie = req.http.X-Varnish-Faked-Session "; expires="
resp.http.X-Varnish-Cookie-Expires "; path=/";
if (req.http.Host) {
set resp.http.X-Varnish-CookieDomain = regsub(req.http.Host, ":\d+$", "");
{{set_cookie_domain}}
set resp.http.Set-Cookie = resp.http.Set-Cookie
"; domain=" regsub(req.http.Host, ":\d+$", "");
"; domain=" resp.http.X-Varnish-CookieDomain;
}
set resp.http.Set-Cookie = resp.http.Set-Cookie "; HttpOnly";
remove resp.http.X-Varnish-Cookie-Expires;
Expand Down Expand Up @@ -419,6 +421,7 @@ sub vcl_deliver {
remove resp.http.X-Varnish-Session;
remove resp.http.X-Varnish-Host;
remove resp.http.X-Varnish-URL;
remove resp.http.X-Varnish-CookieDomain;
# this header indicates the session that originally generated a cached
# page. it *must* not be sent to a client in production with lax
# session validation or that session can be hijacked
Expand Down
5 changes: 4 additions & 1 deletion app/code/community/Nexcessnet/Turpentine/misc/version-3.vcl
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -407,8 +407,10 @@ sub vcl_deliver {
set resp.http.Set-Cookie = resp.http.Set-Cookie +
"; domain={{normalize_cookie_target}}";
} else {
set resp.http.X-Varnish-CookieDomain = regsub(req.http.Host, ":\d+$", "");
{{set_cookie_domain}}
set resp.http.Set-Cookie = resp.http.Set-Cookie +
"; domain=" + regsub(req.http.Host, ":\d+$", "");
"; domain=" + resp.http.X-Varnish-CookieDomain;
}
}
}
Expand Down Expand Up @@ -438,6 +440,7 @@ sub vcl_deliver {
unset resp.http.X-Varnish-Session;
unset resp.http.X-Varnish-Host;
unset resp.http.X-Varnish-URL;
unset resp.http.X-Varnish-CookieDomain;
# this header indicates the session that originally generated a cached
# page. it *must* not be sent to a client in production with lax
# session validation or that session can be hijacked
Expand Down
5 changes: 4 additions & 1 deletion app/code/community/Nexcessnet/Turpentine/misc/version-4.vcl
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -429,8 +429,10 @@ sub vcl_deliver {
set resp.http.Set-Cookie = resp.http.Set-Cookie +
"; domain={{normalize_cookie_target}}";
} else {
set resp.http.X-Varnish-CookieDomain = regsub(req.http.Host, ":\d+$", "");
{{set_cookie_domain}}
set resp.http.Set-Cookie = resp.http.Set-Cookie +
"; domain=" + regsub(req.http.Host, ":\d+$", "");
"; domain=" + resp.http.X-Varnish-CookieDomain;
}
}
}
Expand Down Expand Up @@ -460,6 +462,7 @@ sub vcl_deliver {
unset resp.http.X-Varnish-Session;
unset resp.http.X-Varnish-Host;
unset resp.http.X-Varnish-URL;
unset resp.http.X-Varnish-CookieDomain;
# this header indicates the session that originally generated a cached
# page. it *must* not be sent to a client in production with lax
# session validation or that session can be hijacked
Expand Down