Hi, >From documentation: https://www.varnish-cache.org/docs/trunk/users-guide/increasing-your-hitrate.html#authorization
"Authorization If Varnish sees an 'Authorization' header it will pass the request. If this is not what you want you can unset the header." I have a scenario that works on varnish3 but won't work on varnish4. As the subject says, I want to cache requests that were made with the Authorization header. Before you start thinking "what a crazy and insecure thing to do", let me explain: I have an internal varnish cache that receives requests from applications and serve content from an external CDN that is authenticated (thus the Authorization header). Only internal servers use it and I do this to save bandwidth. Every possible client knows and uses the same Authorization header, so caching the requests are not an issue. I'm also trying to use the Authorization header in the hash_data too, since it's always the same and if someone requests without knowing the proper pass, varnish won't serve the right cache entry. When I use the Authorization header, varnish4 does not cache at all... And when I remove the Authorization header, it caches but I get 401 Forbidden from the CDN. Is there a way to solve this? -- []'s Hugo www.devin.com.br _______________________________________________ varnish-misc mailing list [email protected] https://www.varnish-cache.org/lists/mailman/listinfo/varnish-misc
