Working with cookies

In Transparent Edge, we implement , allowing you to take advantage of all the benefits it offers.

In this case, we implement the module of Varnish.

This module enables you to interact with both request and response cookies. You can add, remove, and retrieve the values of the Cookie header (req.http.Cookie) and the Set-Cookie header (resp.http.Set-Cookie).

All functions maintain an internal state of the Cookie and Set-Cookie until you release it in the configuration using the write() or setcookie_write() function.

Operations with set-cookies can only be used where the objects are available (vcl_deliver or vcl_backend_response).

sub vcl_recv
{
    // Keep these Cookies
    cookieplus.keep("JSESSIONID");
    cookieplus.keep_regex("^BNES_SSESS");
    cookieplus.keep_regex("^SSESS[a-zA-Z0-9]+$");
    cookieplus.keep_regex("^SESS[a-zA-Z0-9]+$");

    // Any Cookie that is not kept will be removed
    cookieplus.write();
}

Set-cookies filtering

sub vcl_backend_response
{
    // Mark all Set-Cookies for removal
    cookieplus.setcookie_keep("");

    // Only allow these Set-Cookies if the URL allows for it
    if (bereq.url ~ "^/admin") {
        cookieplus.setcookie_keep("JSESSIONID");
        cookieplus.setcookie_keep_regex("^BNES_SSESS");
        cookieplus.setcookie_keep_regex("^SSESS[a-zA-Z0-9]+$");
        cookieplus.setcookie_keep_regex("^SESS[a-zA-Z0-9]+$");
    }

    // Any Set-Cookie that is not kept will be removed
    cookieplus.setcookie_write();
}

PreviousActing on the Query String NextMaking decisions based on HTTP headers

Last updated 1 year ago

Was this helpful?

In Transparent Edge, we implement , allowing you to take advantage of all the benefits it offers.

In this case, we implement the module of Varnish.

This module enables you to interact with both request and response cookies. You can add, remove, and retrieve the values of the Cookie header (req.http.Cookie) and the Set-Cookie header (resp.http.Set-Cookie).

All functions maintain an internal state of the Cookie and Set-Cookie until you release it in the configuration using the write() or setcookie_write() function.

Operations with set-cookies can only be used where the objects are available (vcl_deliver or vcl_backend_response).

sub vcl_recv
{
    // Keep these Cookies
    cookieplus.keep("JSESSIONID");
    cookieplus.keep_regex("^BNES_SSESS");
    cookieplus.keep_regex("^SSESS[a-zA-Z0-9]+$");
    cookieplus.keep_regex("^SESS[a-zA-Z0-9]+$");

    // Any Cookie that is not kept will be removed
    cookieplus.write();
}

Set-cookies filtering

sub vcl_backend_response
{
    // Mark all Set-Cookies for removal
    cookieplus.setcookie_keep("");

    // Only allow these Set-Cookies if the URL allows for it
    if (bereq.url ~ "^/admin") {
        cookieplus.setcookie_keep("JSESSIONID");
        cookieplus.setcookie_keep_regex("^BNES_SSESS");
        cookieplus.setcookie_keep_regex("^SSESS[a-zA-Z0-9]+$");
        cookieplus.setcookie_keep_regex("^SESS[a-zA-Z0-9]+$");
    }

    // Any Set-Cookie that is not kept will be removed
    cookieplus.setcookie_write();
}

You can find a comprehensive documentation of the cookieplus module in this from the official Varnish Enterprise documentation.

Cookie filtering

Set-cookies filtering

Cookie filtering

Set-cookies filtering