Mailing List Archive: #1741: All request methods are changed to GET on cache miss

#1741: All request methods are changed to GET on cache miss

May 26, 2015, 12:56 PM

Post #1 of 3 (842 views)

#1741: All request methods are changed to GET on cache miss
----------------------+--------------------
Reporter: askalski | Type: defect
Status: new | Priority: normal
Milestone: | Component: build
Version: 4.0.3 | Severity: normal
Keywords: |
----------------------+--------------------
In commit 2581a69bcdec44e00a6fafb93ca21b6f31d20aef the HEAD->GET logic was
moved from vcl_recv{} to vcl_miss{}.

As of that commit, all request methods (previously only HEAD) get
converted to GET in the backend request. Although the builtin vcl_recv
returns "pass" for non-GET/HEAD, a user might trip over this behavior if
he tries to return "hash" instead.

For example, a user might want varnish to cache the preflight OPTIONS
request when implementing CORS. This is currently not possible because it
is changed to GET on the backend request.

Another problem is the behavior is confusing to troubleshoot. A user
might wonder why his PUT/POST/DELETE requests are being changed to GET,
and not realize it was because of a "return(hash)" in his VCL. For an
example, see this thread: https://www.varnish-cache.org/forum/topic/235

--
Ticket URL: <https://www.varnish-cache.org/trac/ticket/1741>
Varnish <https://varnish-cache.org/>
The Varnish HTTP Accelerator

_______________________________________________
varnish-bugs mailing list
varnish-bugs@varnish-cache.org
https://www.varnish-cache.org/lists/mailman/listinfo/varnish-bugs

Re: #1741: All request methods are changed to GET on cache miss [ In reply to ]

varnish-bugs at varnish-cache

May 27, 2015, 2:39 AM

Post #2 of 3 (826 views)

Permalink

#1741: All request methods are changed to GET on cache miss
----------------------+--------------------
Reporter: askalski | Owner:
Type: defect | Status: new
Priority: normal | Milestone:
Component: build | Version: 4.0.3
Severity: normal | Resolution:
Keywords: |
----------------------+--------------------

Comment (by aondio):

This is the way it is supposed to work.
Both the request methods converted to GET on backend side and returning
"pass" for non-GET/HEAD requests are decisions taken for security reasons.

For example a POST request can't be cached and can lead to security
violations on backend side if not convert to GET.

If you want to cache OPTIONS request, you can either implement some logic
using the req.method you can do it in your vcl(safe thing to do):

{{{
sub vcl_recv {
if (req.method == "OPTIONS")
return(hash);
}
}}}

or you can move this logic to vcl_backend_fetch :
{{{
sub vcl_backend_fetch {
set bereq.method = "GET";
}
}}}
Note that the second solutions is not completely safe because doing so we
force the bereq method and this can lead to undefined territories (as
written above), some padding logic is required in this situation.

--
Ticket URL: <https://www.varnish-cache.org/trac/ticket/1741#comment:1>
Varnish <https://varnish-cache.org/>
The Varnish HTTP Accelerator

_______________________________________________
varnish-bugs mailing list
varnish-bugs@varnish-cache.org
https://www.varnish-cache.org/lists/mailman/listinfo/varnish-bugs

Re: #1741: All request methods are changed to GET on cache miss [ In reply to ]

varnish-bugs at varnish-cache

May 27, 2015, 5:10 AM

Post #3 of 3 (826 views)

Permalink

#1741: All request methods are changed to GET on cache miss
----------------------+----------------------
Reporter: askalski | Owner:
Type: defect | Status: closed
Priority: normal | Milestone:
Component: build | Version: 4.0.3
Severity: normal | Resolution: wontfix
Keywords: |
----------------------+----------------------
Changes (by aondio):

* status: new => closed
* resolution: => wontfix

--
Ticket URL: <https://www.varnish-cache.org/trac/ticket/1741#comment:2>
Varnish <https://varnish-cache.org/>
The Varnish HTTP Accelerator

_______________________________________________
varnish-bugs mailing list
varnish-bugs@varnish-cache.org
https://www.varnish-cache.org/lists/mailman/listinfo/varnish-bugs