MC-31987: Varnish graphql cache has to skip authenticated requests

Prabhu Ram · Prabhu Ram · commit dee14ee7278a · 2020-03-10T14:31:38.000-05:00
- review fix
diff --git a/app/code/Magento/PageCache/etc/varnish4.vcl b/app/code/Magento/PageCache/etc/varnish4.vcl
@@ -108,9 +108,11 @@ sub vcl_recv {
         #unset req.http.Cookie;
     }
 
-    if (req.method == "GET" && req.url ~ "/graphql" && req.url ~ "query=" && req.http.Authorization ~ "^Bearer") {
-          # Authentificated customers should not be cached by default
-          return (pass);
+    if (req.method == "GET" && req.url ~ "/graphql" && req.url ~ "query=") {
+        # Authentificated customers should not be cached by default
+        if (req.http.Authorization ~ "^Bearer") {
+            return (pass);
+        }
     }
 
     return (hash);
diff --git a/app/code/Magento/PageCache/etc/varnish5.vcl b/app/code/Magento/PageCache/etc/varnish5.vcl
@@ -109,9 +109,11 @@ sub vcl_recv {
         #unset req.http.Cookie;
     }
 
-    if (req.method == "GET" && req.url ~ "/graphql" && req.url ~ "query=" && req.http.Authorization ~ "^Bearer") {
-      # Authentificated customers should not be cached by default
-      return (pass);
+    if (req.method == "GET" && req.url ~ "/graphql" && req.url ~ "query=") {
+        # Authentificated customers should not be cached by default
+        if (req.http.Authorization ~ "^Bearer") {
+            return (pass);
+        }
     }
 
     return (hash);
diff --git a/app/code/Magento/PageCache/etc/varnish6.vcl b/app/code/Magento/PageCache/etc/varnish6.vcl
@@ -109,9 +109,11 @@ sub vcl_recv {
         #unset req.http.Cookie;
     }
 
-    if (req.method == "GET" && req.url ~ "/graphql" && req.url ~ "query=" && req.http.Authorization ~ "^Bearer") {
+    if (req.method == "GET" && req.url ~ "/graphql" && req.url ~ "query=") {
         # Authentificated customers should not be cached by default
-        return (pass);
+        if (req.http.Authorization ~ "^Bearer") {
+            return (pass);
+        }
     }
 
     return (hash);

Original file line number	Diff line number	Diff line change
`@@ -108,9 +108,11 @@ sub vcl_recv {`
`108`	`108`	`#unset req.http.Cookie;`
`109`	`109`	`}`
`110`	`110`
`111`		`- if (req.method == "GET" && req.url ~ "/graphql" && req.url ~ "query=" && req.http.Authorization ~ "^Bearer") {`
`112`		`- # Authentificated customers should not be cached by default`
`113`		`- return (pass);`
	`111`	`+ if (req.method == "GET" && req.url ~ "/graphql" && req.url ~ "query=") {`
	`112`	`+ # Authentificated customers should not be cached by default`
	`113`	`+ if (req.http.Authorization ~ "^Bearer") {`
	`114`	`+ return (pass);`
	`115`	`+ }`
`114`	`116`	`}`
`115`	`117`
`116`	`118`	`return (hash);`
Original file line number	Diff line number	Diff line change
`@@ -109,9 +109,11 @@ sub vcl_recv {`
`109`	`109`	`#unset req.http.Cookie;`
`110`	`110`	`}`
`111`	`111`
`112`		`- if (req.method == "GET" && req.url ~ "/graphql" && req.url ~ "query=" && req.http.Authorization ~ "^Bearer") {`
`113`		`- # Authentificated customers should not be cached by default`
`114`		`- return (pass);`
	`112`	`+ if (req.method == "GET" && req.url ~ "/graphql" && req.url ~ "query=") {`
	`113`	`+ # Authentificated customers should not be cached by default`
	`114`	`+ if (req.http.Authorization ~ "^Bearer") {`
	`115`	`+ return (pass);`
	`116`	`+ }`
`115`	`117`	`}`
`116`	`118`
`117`	`119`	`return (hash);`