FormKey issues (URLs without / at the end) #1541
Description
FormKey ESI Response gets cached with wrong access settings (and served to all users) if router was changed to generate URLs without / at the end. (/turpentine/esi/getFormKey/ttl//method/esi/scope/global/access/private)
Symptoms are:
-
all forms with formkey stops to work (formkey error) if any other user requested a page with any form earlier.
-
you can see the same formkey for different users, but any other ESI block content are differ.
req.http.X-Varnish-Esi-Access calculation regex awaits URL with / at the end. If / is absent, then req.http.X-Varnish-Esi-Access would be wrong and vcl_hash will not add frontend cookie to hash calculation. Original regex:
set req.http.X-Varnish-Esi-Access = regsub(
req.url, ".*/{{esi_cache_type_param}}/(\w+)/.*", "\1");
could be changed to something like that:
set req.http.X-Varnish-Esi-Access = regsub(
req.url, ".*/{{esi_cache_type_param}}/(\w+)(/|\z).*", "\1");
to resolve issue.