Selectively implement something like proxy_ignore_headers Set-Cookie?
Peter_Booth at s5a.com
Fri Mar 8 17:00:16 UTC 2013
I'm wondering if anyone has any thoughts about how I might address the
I am using nginx as a caching reverse proxy in front of a complex
Apache/Weblogic Java application.
I have a half-dozen Location blocks that have different caching policies
with custom keys and
different cache lifetimes. I'm using openresty to implement different
cache key logic with lua scripts
and until now everything has gone smoothly.
Some of the locations use the combination of
proxy_ignore_headers Set-Cookie and proxy_hide_header Set-Cookie to
strip cookies from cached responses.
Another location needs to allow for session cookies to be created and so
it has the default nginx behavior of not caching
responses that contain cookies.
Now I need a different hybrid behavior-
if a response contains "Set-Cookie: TLTHID", then strip it from the
response, but still cache the response.
If the response contains any other Set-Cookie header then don't cache
I have tried to use more_clear_headers 'Set-Cookie: TLTHID*" to strip
the cookie and I see
that it does indeed remove the cookie from the response, however the
debug log shows me that the object is still
seen as being not cacheable, presumably because nginx knows that the
stripped Set-Cookie was there.
Is there an easy way to work around this? I'd considered running a
second nginx process to simply act as a
proxy that strips the 'Set-Cookie: TLTHID*" header - it sounds clunky
but I expect it would work.
Is there a way to achieve this within a single nginx instance?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the nginx