Mailing List Archive: Varnish: Misc

Cookie set on beresp not present on next request

Index | Next | Previous | View Threaded

torbped at gmail

May 8, 2012, 4:00 AM

Post #1 of 4 (292 views)
Permalink

Cookie set on beresp not present on next request

Hi,

I'm trying to use Varnish + a cookie to control access from mobile devices. I've seen other people doing similar, but I can't get it to work.

I'm accessing my solution by

https://<server>?mobile_redirect=0

rutine to check user agent

sub detect_device {
if ((req.http.User-Agent ~ "iP(hone|od|ad)" || req.http.User-Agent ~ "Android" || req.http.User-Agent ~ "SymbianOS" || req.http.User-Agent ~ "HTC" ||
req.http.User-Agent ~ "BlackBerry" || req.http.User-Agent ~ "SonyEricsson" || req.http.User-Agent ~ "Nokia" || req.http.User-Agent ~ "NOKIA" || req.http.User-Agent ~"IEMobile" ||
req.http.User-Agent ~ "SAMSUNG" || req.http.User-Agent ~ "LG")) {
set req.http.X-Device = "smart";
}
}

in vcl_recv I have

if (req.http.X-Device == "smart") {
if ((req.url ~ "^/client/$") || (req.url ~ "^/client/index.html") || (req.url ~ "^/$") || (req.url ~ "^/")) {
if ((req.url !~ "(.*)(mobile_redirect=0)") && (req.http.Cookie !~ "nomobile=1")) {
error 707 "Redirected to mobile site";
}
}
}

in vcl_fetch I have

if (req.http.X-Device == "smart") {
if (req.url ~ "(.*)(mobile_redirect=0)") {
set beresp.http.Set-Cookie = "nomobile=1; expires: Session; path=/; domain=.";
}
}

in vcl_error I have

#Mobile User-Agents are send to Mobilesolution
if (obj.status == 707) {
set obj.status = 302;
set obj.http.Location = "https://<mobile-server>
return(deliver);
}

So on first request to https://<server>?mobile_redirect=0 , I can se in Chrome (Response headers) - I've set Chrome to act as an Android (Mozilla/5.0 (Linux; U; Android 2.3.6; en-us; Nexus S Build/GRK39F) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1)

Set-Cookie:nomobile=1; expires: Session; path=/; domain=.

This seems to be correct. So now I call

https://<server>

And I expect not to get redirected since the Set-Cookie is present. But the nomobile=1 is not present in request / Cookie. I don't quite get why ?

Any ideas ?

kind regards

Torben

lasse.karstensen at gmail

May 10, 2012, 12:25 PM

Post #2 of 4 (269 views)
Permalink

Re: Cookie set on beresp not present on next request [In reply to]

Torben Pedersen:
> Hi,
> I'm trying to use Varnish + a cookie to control access from mobile devices. I've seen other people doing similar, but I can't get it to work.
[..]
> Set-Cookie:nomobile=1; expires: Session; path=/; domain=.
> This seems to be correct. So now I call
> https://<server>
> And I expect not to get redirected since the Set-Cookie is present. But the nomobile=1 is not present in request / Cookie. I don't quite get why ?
> Any ideas ?

The "domain=." part stands out a bit. Are you sure this is accepted by the
browser? Is the Cookie included on the next request?

As a reference you can check out the documentation for device detection
in Varnish:
https://www.varnish-cache.org/docs/trunk/tutorial/devicedetection.html
https://github.com/varnish/varnish-devicedetect/

--
Lasse Karstensen

_______________________________________________
varnish-misc mailing list
varnish-misc [at] varnish-cache
https://www.varnish-cache.org/lists/mailman/listinfo/varnish-misc

hugues.alary at gmail

May 10, 2012, 12:31 PM

Post #3 of 4 (267 views)
Permalink

Re: Cookie set on beresp not present on next request [In reply to]

On Tue, May 8, 2012 at 4:00 AM, Torben Pedersen <torbped [at] gmail> wrote:

> Hi,
>

Hi,

>
> I'm trying to use Varnish + a cookie to control access from mobile
> devices. I've seen other people doing similar, but I can't get it to work.
>
> I'm accessing my solution by
>
> https://<server>?mobile_redirect=0
>

You're talking about accessing your server via https. Is it a mistake or
are you really accessing it via HTTPS? If so, that's your problem. Varnish
does not support HTTPS. Your request should not even reach varnish.

-Hugues

torbped at gmail

May 10, 2012, 12:53 PM

Post #4 of 4 (268 views)
Permalink

Re: Cookie set on beresp not present on next request [In reply to]

On 10/05/2012, at 21.25, Lasse Karstensen wrote:

> Torben Pedersen:
>> Hi,
>> I'm trying to use Varnish + a cookie to control access from mobile devices. I've seen other people doing similar, but I can't get it to work.
> [..]
>> Set-Cookie:nomobile=1; expires: Session; path=/; domain=.
>> This seems to be correct. So now I call
>> https://<server>
>> And I expect not to get redirected since the Set-Cookie is present. But the nomobile=1 is not present in request / Cookie. I don't quite get why ?
>> Any ideas ?
>
> The "domain=." part stands out a bit. Are you sure this is accepted by the
> browser? Is the Cookie included on the next request?
>
> As a reference you can check out the documentation for device detection
> in Varnish:
> https://www.varnish-cache.org/docs/trunk/tutorial/devicedetection.html
> https://github.com/varnish/varnish-devicedetect/
>
> --
> Lasse Karstensen
>
> _______________________________________________
> varnish-misc mailing list
> varnish-misc [at] varnish-cache
> https://www.varnish-cache.org/lists/mailman/listinfo/varnish-misc

Hi,

You're most likely correct Lasse. Now I've changed the solution a bit - because it wouldn't work since I was trying to delete the cookie. Now I'm changing the value of the cookie instead - for controlling access (thanks to Daniel S)

(I'm using nginx in front of Varnish in this solution for the https)

Thanks for all the replies.

kind regards

Torben
_______________________________________________
varnish-misc mailing list
varnish-misc [at] varnish-cache
https://www.varnish-cache.org/lists/mailman/listinfo/varnish-misc

Index | Next | Previous | View Threaded

Interested in having your list archived? Contact Gossamer Threads