diff --git a/CHANGELOG.md b/CHANGELOG.md index 2ad484a92..4a15f900b 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -475,3 +475,9 @@ Magento CE 1.8+ or EE 1.13+, see [these instructions](https://github.com/nexcess * [#1335] Revert "use pass instead of pipe on non GET requests to improve performance" @miguelbalparda * [#1336] Scrutinizer Auto-Fixes @miguelbalparda * [#1313] Keep params from original url @hmphu + +### RELEASE-0.7.3 +* [#1400] Use vcl_ prefix in vcl name to avoid invalid character in name error @josh-palan +* [#1405] When using hitch, we need to set http.X-Forwarded-Proto to HTTPS @craigcarnell +* [#1410] Fix issue #1409: Solved by keeping Cache-Control header @jeroenvermeulen +* [#1423] Fixes for #1404 #1361 #1423 \ No newline at end of file diff --git a/app/code/community/Nexcessnet/Turpentine/Model/Varnish/Admin.php b/app/code/community/Nexcessnet/Turpentine/Model/Varnish/Admin.php index 764f5dac5..18f8f9b85 100644 --- a/app/code/community/Nexcessnet/Turpentine/Model/Varnish/Admin.php +++ b/app/code/community/Nexcessnet/Turpentine/Model/Varnish/Admin.php @@ -104,7 +104,7 @@ public function applyConfig() { $result[$socketName] = 'Failed to load configurator'; } else { $vcl = $cfgr->generate($helper->shouldStripVclWhitespace('apply')); - $vclName = Mage::helper('turpentine/data') + $vclName = 'vcl_' . Mage::helper('turpentine/data') ->secureHash(microtime()); try { $this->_testEsiSyntaxParam($socket); diff --git a/app/code/community/Nexcessnet/Turpentine/Model/Varnish/Configurator/Abstract.php b/app/code/community/Nexcessnet/Turpentine/Model/Varnish/Configurator/Abstract.php index d40efe3ea..6059fe236 100644 --- a/app/code/community/Nexcessnet/Turpentine/Model/Varnish/Configurator/Abstract.php +++ b/app/code/community/Nexcessnet/Turpentine/Model/Varnish/Configurator/Abstract.php @@ -684,7 +684,7 @@ protected function _vcl_director($name, $backendOptions) { $parts = explode(':', $backendNode, 2); $host = (empty($parts[0])) ? '127.0.0.1' : $parts[0]; $port = (empty($parts[1])) ? '80' : $parts[1]; - $backends .= $this->_vcl_director_backend($host, $port, $probeUrl, $backendOptions); + $backends .= $this->_vcl_director_backend($host, $port, $prefix.$number, $probeUrl, $backendOptions); } $vars = array( 'name' => $name, @@ -698,14 +698,15 @@ protected function _vcl_director($name, $backendOptions) { * * @param string $host backend host * @param string $port backend port + * @param string $descriptor backend descriptor * @param string $probeUrl URL to check if backend is up * @param array $options extra options for backend * @return string */ - protected function _vcl_director_backend($host, $port, $probeUrl = '', $options = array()) { + protected function _vcl_director_backend($host, $port, $descriptor = '', $probeUrl = '', $options = array()) { $tpl = << Mage::getStoreConfig('dev/restrict/allow_ips') )); } + /** + * When using Varnish on port 80 and Hitch listen on port 443 for HTTPS, the fix will set X-Forwarded-Proto to HTTPS to prevent redirect loop. + * + * @return string + */ + protected function _vcl_sub_https_proto_fix() { + $tpl = <<_vcl_sub_synth(); } + + if (Mage::getStoreConfig('turpentine_varnish/general/https_proto_fix')) { + $vars['https_proto_fix'] = $this->_vcl_sub_https_proto_fix(); + } if (Mage::getStoreConfig('turpentine_varnish/general/https_redirect_fix')) { $vars['https_redirect'] = $this->_vcl_sub_https_redirect_fix(); diff --git a/app/code/community/Nexcessnet/Turpentine/etc/config.xml b/app/code/community/Nexcessnet/Turpentine/etc/config.xml index 894453a34..4a18b6436 100644 --- a/app/code/community/Nexcessnet/Turpentine/etc/config.xml +++ b/app/code/community/Nexcessnet/Turpentine/etc/config.xml @@ -20,7 +20,7 @@ - 0.7.2 + 0.7.3 diff --git a/app/code/community/Nexcessnet/Turpentine/etc/system.xml b/app/code/community/Nexcessnet/Turpentine/etc/system.xml index 575a425fd..3c206869f 100644 --- a/app/code/community/Nexcessnet/Turpentine/etc/system.xml +++ b/app/code/community/Nexcessnet/Turpentine/etc/system.xml @@ -72,6 +72,16 @@ 1 1 + + + When using Varnish on port 80 and hitch on port 443 for HTTPS, the fix will set X-Forwarded-Proto header to HTTPS to prevent a re-direct loop. + select + 27 + adminhtml/system_config_source_enabledisable + 1 + 1 + 1 + When using Varnish as front door listen on port 80 and Nginx/Apache listen on port 443 for HTTPS, the fix will keep the url parameters when redirect from HTTP to HTTPS. diff --git a/app/code/community/Nexcessnet/Turpentine/misc/version-2.vcl b/app/code/community/Nexcessnet/Turpentine/misc/version-2.vcl index 2223bedbc..4673e7b8e 100644 --- a/app/code/community/Nexcessnet/Turpentine/misc/version-2.vcl +++ b/app/code/community/Nexcessnet/Turpentine/misc/version-2.vcl @@ -329,7 +329,7 @@ sub vcl_fetch { remove beresp.http.Set-Cookie; } # we'll set our own cache headers if we need them - remove beresp.http.Cache-Control; + # we'll override the "Cache-Control" header if needed. remove beresp.http.Expires; remove beresp.http.Pragma; remove beresp.http.Cache; @@ -341,6 +341,7 @@ sub vcl_fetch { if (beresp.http.X-Turpentine-Cache == "0") { set beresp.cacheable = false; set beresp.ttl = {{grace_period}}s; + set beresp.http.Cache-Control = "no-store, no-cache, must-revalidate"; return (pass); } else { set beresp.cacheable = true; @@ -360,6 +361,7 @@ sub vcl_fetch { } if (req.http.X-Varnish-Esi-Method == "ajax") { set beresp.ttl = {{grace_period}}s; + set beresp.http.Cache-Control = "no-store, no-cache, must-revalidate"; return (pass); } else { set beresp.ttl = {{esi_private_ttl}}s; diff --git a/app/code/community/Nexcessnet/Turpentine/misc/version-3.vcl b/app/code/community/Nexcessnet/Turpentine/misc/version-3.vcl index a391f2d8d..fdb8ce69d 100644 --- a/app/code/community/Nexcessnet/Turpentine/misc/version-3.vcl +++ b/app/code/community/Nexcessnet/Turpentine/misc/version-3.vcl @@ -335,7 +335,7 @@ sub vcl_fetch { unset beresp.http.Set-Cookie; } # we'll set our own cache headers if we need them - unset beresp.http.Cache-Control; + # we'll override the "Cache-Control" header if needed unset beresp.http.Expires; unset beresp.http.Pragma; unset beresp.http.Cache; @@ -346,6 +346,7 @@ sub vcl_fetch { } if (beresp.http.X-Turpentine-Cache == "0") { set beresp.ttl = {{grace_period}}s; + set beresp.http.Cache-Control = "no-store, no-cache, must-revalidate"; return (hit_for_pass); } else { if ({{force_cache_static}} && @@ -374,6 +375,7 @@ sub vcl_fetch { # this is probably faster than bothering with 0 ttl # cache objects set beresp.ttl = {{grace_period}}s; + set beresp.http.Cache-Control = "no-store, no-cache, must-revalidate"; return (hit_for_pass); } } else { diff --git a/app/code/community/Nexcessnet/Turpentine/misc/version-4.vcl b/app/code/community/Nexcessnet/Turpentine/misc/version-4.vcl index 470183f62..15ff7ca06 100644 --- a/app/code/community/Nexcessnet/Turpentine/misc/version-4.vcl +++ b/app/code/community/Nexcessnet/Turpentine/misc/version-4.vcl @@ -109,6 +109,7 @@ sub vcl_init { sub vcl_recv { {{maintenance_allowed_ips}} + {{https_proto_fix}} {{https_redirect}} # this always needs to be done so it's up at the top @@ -355,8 +356,9 @@ sub vcl_backend_response { set beresp.http.X-Varnish-Set-Cookie = beresp.http.Set-Cookie; unset beresp.http.Set-Cookie; } + # we'll set our own cache headers if we need them - unset beresp.http.Cache-Control; + # we'll override the "Cache-Control" header if needed unset beresp.http.Expires; unset beresp.http.Pragma; unset beresp.http.Cache; @@ -368,6 +370,7 @@ sub vcl_backend_response { if (beresp.http.X-Turpentine-Cache == "0") { set beresp.ttl = {{grace_period}}s; set beresp.uncacheable = true; + set beresp.http.Cache-Control = "no-store, no-cache, must-revalidate"; return (deliver); } else { if ({{force_cache_static}} && @@ -397,6 +400,7 @@ sub vcl_backend_response { # cache objects set beresp.ttl = {{grace_period}}s; set beresp.uncacheable = true; + set beresp.http.Cache-Control = "no-store, no-cache, must-revalidate"; return (deliver); } } else {