Simplified cookie logic in receive/wordpress.vcl

Evan Kaufman · Evan Kaufman · commit 9c2f3585144a · 2013-11-11T13:01:33.000-06:00
* The existing wp cookie check was *starting with* `wp-` or `wprdpress_`, but would not match a 2nd or higher position wp cookie
* The second url check for `wp-(login|admin)` was no longer necessary, so removing all cookies past that point is more efficient
diff --git a/provisioning/roles/varnish/files/etc-varnish/conf.d/receive/wordpress.vcl b/provisioning/roles/varnish/files/etc-varnish/conf.d/receive/wordpress.vcl
@@ -3,19 +3,14 @@ if (req.http.Host ~ "^local\." || (req.url ~ "wp-(login|admin)")) {
     return (pass);
 }
 
-if (req.http.Cookie ~ "^wp-" || req.http.Cookie ~ "^wordpress_") {
+# Pass all requests containing a wp- or wordpress_ cookie
+# (meaning NO caching for logged in users)
+if (req.http.Cookie ~ "^([^;]+;\s*)*?(wp-|wordpress_)") {
   return (pass);
 }
 
-# Drop any cookies sent to Wordpress.
-if (!(req.url ~ "wp-(login|admin)")) {
-    unset req.http.Cookie;
-}
-
-# Anything else left?
-if (!req.http.Cookie) {
-    unset req.http.Cookie;
-}
+# Drop *all* cookies sent to Wordpress, if we've gotten this far
+unset req.http.Cookie;
 
 # Try a cache-lookup
 return (lookup);
