Commit e21900ff authored by Łukasz Nowak's avatar Łukasz Nowak Committed by Łukasz Nowak

caddy-frontend: Implemented disabled_cookie_list

parent 5eb76fa1
......@@ -13,11 +13,6 @@ Generally things to be done with ``caddy-frontend``:
* **Jérome Perrin**: *For event source, if I understand https://github.com/mholt/caddy/issues/1355 correctly, we could use caddy as a proxy in front of nginx-push-stream . If we have a "central shared" caddy instance, can it handle keeping connections opens for many clients ?*
* ``ssl_ca_crt``
* ``disabled-cookie-list`` (requires writing middleware plugin for Caddy)::
RequestHeader edit Cookie "(^%(disabled_cookie)s=[^;]*; |; %(disabled_cookie)s=[^;]*|^%(disabled_cookie)s=[^;]*$)" ""' % dict(disabled_cookie=disabled_cookie) }}
* there is already `MR <https://github.com/mholt/caddy/pull/2144>`_ which will allow regexp modification of headers, thus cookies
* ``ssl_proxy_ca_crt`` for ``ssl_proxy_verify``, this is related to bug `#1550 <https://github.com/mholt/caddy/issues/1550>`_, proposed solution `just adding your CA to the system's trust store`
* ``check-error-on-caddy-log`` like ``check-error-on-apache-log``
* cover test suite like resilient tests for KVM and prove it works the same way as Caddy
......
......@@ -58,7 +58,7 @@ md5sum = f20d6c3d2d94fb685f8d26dfca1e822b
[template-default-slave-virtualhost]
filename = templates/default-virtualhost.conf.in
md5sum = 8ed87061b9e20e2ad74aae9f80d1b53d
md5sum = d9269cc085752e09f4acce37a18e160c
[template-cached-slave-virtualhost]
filename = templates/cached-virtualhost.conf.in
......
......@@ -49,8 +49,8 @@
},
"disabled-cookie-list": {
"default": "",
"description": "[NOT Implemented] List of Cookies separated by space that will not be sent to cache and backend servers. This is especially useful to discard analytics tracking cookies when using Vary: Cookie cache headers",
"title": "[NOT Implemented] Disabled Cookies",
"description": "List of Cookies separated by space that will not be sent to cache and backend servers. This is especially useful to discard analytics tracking cookies when using Vary: Cookie cache headers",
"title": "Disabled Cookies",
"type": "string"
},
"enable-http2": {
......
......@@ -45,9 +45,6 @@
log / {{ slave_parameter.get('access_log') }} "{remote} {>REMOTE_USER} [{when}] \"{method} {uri} {proto}\" {status} {size} \"{>Referer}\" \"{>User-Agent}\" {latency_ms}"
errors {{ slave_parameter.get('error_log') }}
{%- for disabled_cookie in disabled_cookie_list %}
{%- endfor %} {#- for disabled_cookie in disabled_cookie_list #}
{%- if prefer_gzip %}
rewrite {
if {>Accept-Encoding} match "(^gzip,.*|.*, gzip,.*|.*, gzip$|^gzip$)"
......@@ -66,6 +63,10 @@
{%- endif %} {#- if proxy_name == 'prefer-gzip' #}
# As backend is trusting REMOTE_USER header unset it always
header_upstream -REMOTE_USER
{%- for disabled_cookie in disabled_cookie_list %}
# Remove cookie {{ disabled_cookie }} from client Cookies
header_upstream Cookie "(.*)(^{{ disabled_cookie }}=[^;]*; |; {{ disabled_cookie }}=[^;]*|^{{ disabled_cookie }}=[^;]*$)(.*)" "$1 $3"
{%- endfor %} {#- for disabled_cookie in disabled_cookie_list #}
{%- if disable_via_header %}
header_downstream -Via
......@@ -119,6 +120,10 @@
{%- endif %} {#- if proxy_name == 'prefer-gzip' #}
# As backend is trusting REMOTE_USER header unset it always
header_upstream -REMOTE_USER
{%- for disabled_cookie in disabled_cookie_list %}
# Remove cookie {{ disabled_cookie }} from client Cookies
header_upstream Cookie "(.*)(^{{ disabled_cookie }}=[^;]*; |; {{ disabled_cookie }}=[^;]*|^{{ disabled_cookie }}=[^;]*$)(.*)" "$1 $3"
{%- endfor %} {#- for disabled_cookie in disabled_cookie_list #}
{%- if disable_via_header %}
header_downstream -Via
......@@ -154,9 +159,6 @@
log / {{ slave_parameter.get('access_log') }} "{remote} {>REMOTE_USER} [{when}] \"{method} {uri} {proto}\" {status} {size} \"{>Referer}\" \"{>User-Agent}\" {latency_ms}"
errors {{ slave_parameter.get('error_log') }}
{%- for disabled_cookie in disabled_cookie_list %}
{%- endfor %} {#- for disabled_cookie in disabled_cookie_list #}
{%- if prefer_gzip %}
rewrite {
if {>Accept-Encoding} match "(^gzip,.*|.*, gzip,.*|.*, gzip$|^gzip$)"
......@@ -183,6 +185,10 @@
{%- endif %} {#- if proxy_name == 'prefer-gzip' #}
# As backend is trusting REMOTE_USER header unset it always
header_upstream -REMOTE_USER
{%- for disabled_cookie in disabled_cookie_list %}
# Remove cookie {{ disabled_cookie }} from client Cookies
header_upstream Cookie "(.*)(^{{ disabled_cookie }}=[^;]*; |; {{ disabled_cookie }}=[^;]*|^{{ disabled_cookie }}=[^;]*$)(.*)" "$1 $3"
{%- endfor %} {#- for disabled_cookie in disabled_cookie_list #}
{%- if disable_via_header %}
header_downstream -Via
......@@ -230,6 +236,10 @@
{%- endif %} {#- if proxy_name == 'prefer-gzip' #}
# As backend is trusting REMOTE_USER header unset it always
header_upstream -REMOTE_USER
{%- for disabled_cookie in disabled_cookie_list %}
# Remove cookie {{ disabled_cookie }} from client Cookies
header_upstream Cookie "(.*)(^{{ disabled_cookie }}=[^;]*; |; {{ disabled_cookie }}=[^;]*|^{{ disabled_cookie }}=[^;]*$)(.*)" "$1 $3"
{%- endfor %} {#- for disabled_cookie in disabled_cookie_list #}
{%- if disable_via_header %}
header_downstream -Via
......
......@@ -2191,7 +2191,6 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
self.assertEqual(
result.json()['Incoming Headers']['accept-encoding'], 'deflate')
@skipIf(IS_CADDY, 'Feature postponed')
def test_disabled_cookie_list(self):
parameter_dict = self.slave_connection_parameter_dict_dict[
'disabled-cookie-list']
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment