-
Notifications
You must be signed in to change notification settings - Fork 3
Expand file tree
/
Copy pathcommon-caching-with-ab-testing.js
More file actions
382 lines (326 loc) · 10.7 KB
/
common-caching-with-ab-testing.js
File metadata and controls
382 lines (326 loc) · 10.7 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
// This is a Cloudflare Worker script that implements caching with support for A/B testing.
// It is based on the common-caching.js script, with additional logic to handle A/B testing scenarios, based on:
// https://github.com/wagtail-nest/wagtail-ab-testing/blob/204493c2a78131acf52d5feda3ec40425cc0b58a/README.md#running-ab-tests-on-a-site-that-uses-cloudflare-caching
//
// A path can only be identified as having an A/B test after it has been requested.
// If it is an A/B test, ensure it never gets put into the cache via responseIsCachable, and the common caching
// logic will miss on the cache and fetch the A/B test from the origin.
// ** Set WAGTAIL_AB_TESTING_WORKER_TOKEN as a global variable in Cloudflare Workers dashboard **
// This should match the token on your Django settings
// NOTE: Wagtail AB Testing is incompatible with Basic Authentication because the worker uses the Authorization header
// to authenticate itself to the package, replacing any Basic scheme Authorization header on the incoming request.
const AB_TEST_HEADER = "X-WagtailAbTesting-Test";
async function fetchOrigin(request, env) {
if (request.method === "GET") {
const newRequest = new Request(request, {
headers: {
...request.headers,
Authorization: `Token ${env.WAGTAIL_AB_TESTING_WORKER_TOKEN}`,
"X-Requested-With": "WagtailAbTestingWorker",
},
});
const response = await fetch(newRequest);
// If there is a test running at the URL, the worker would return
// a JSON response containing both versions of the page. Also, it
// returns the test ID in the X-WagtailAbTesting-Test header.
const testId = response.headers.get(AB_TEST_HEADER);
if (testId) {
// Participants of a test would have a cookie that tells us which
// version of the page being tested on that they should see
// If they don't have this cookie, serve a random version
const versionCookieName = `abtesting-${testId}-version`;
const cookie = request.headers.get("cookie");
let version;
if (cookie && cookie.includes(`${versionCookieName}=control`)) {
version = "control";
} else if (cookie && cookie.includes(`${versionCookieName}=variant`)) {
version = "variant";
} else if (Math.random() < 0.5) {
version = "control";
} else {
version = "variant";
}
const jsonResponse = await response.json();
return new Response(jsonResponse[version], {
headers: {
...response.headers,
"Content-Type": "text/html",
},
});
}
return response;
}
return fetch(request);
}
// ----------------------------------------------------
//
// Lightly modified common-caching.js script, based on:
// https://github.com/torchbox/cloudflare-recipes/blob/cdafd8dbbb0475c25806fb32d3c6c24145924596/common-caching.js
//
// fetchOrigin replaces calls to fetch to ensure A/B test responses are handled correctly
// responseIsCachable has an additional clause to prevent caching of A/B tests
// ----------------------------------------------------
// NOTE: A 'Cache Level' page rule set to 'Cache Everything' will
// prevent private cookie cache skipping from working, as it is
// applied after this worker runs.
// When any cookie in this list is present in the request, cache will be skipped
const PRIVATE_COOKIES = ["sessionid"];
// Cookies to include in the cache key
const VARY_COOKIES = [];
// Request headers to include in the cache key.
// Note: Do not add `cookie` to this list!
const VARY_HEADERS = [
"X-Requested-With",
// HTMX
"HX-Boosted",
"HX-Current-URL",
"HX-History-Restore-Request",
"HX-Prompt",
"HX-Request",
"HX-Target",
"HX-Trigger-Name",
"HX-Trigger",
];
// These querystring keys are stripped from the request as they are generally not
// needed by the origin.
const STRIP_QUERYSTRING_KEYS = [
// UTM
"utm_id",
"utm_source",
"utm_campaign",
"utm_medium",
"utm_term",
"utm_content",
"utm_source_platform",
"utm_creative_format",
"utm_marketing_tactic",
"gclid",
"wbraid",
"gbraid",
"fbclid",
"dm_i", // DotDigital
"msclkid",
"al_applink_data", // Meta outbound app links
// https://docs.flying-press.com/cache/ignore-query-strings
"age-verified",
"ao_noptimize",
"usqp",
"cn-reloaded",
"sscid",
"ef_id",
"_bta_tid",
"_bta_c",
"fb_action_ids",
"fb_action_types",
"fb_source",
"_ga",
"adid",
"_gl",
"gclsrc",
"gdfms",
"gdftrk",
"gdffi",
"_ke",
"trk_contact",
"trk_msg",
"trk_module",
"trk_sid",
"mc_cid",
"mc_eid",
"mkwid",
"pcrid",
"mtm_source",
"mtm_medium",
"mtm_campaign",
"mtm_keyword",
"mtm_cid",
"mtm_content",
"epik",
"pp",
"pk_source",
"pk_medium",
"pk_campaign",
"pk_keyword",
"pk_cid",
"pk_content",
"redirect_log_mongo_id",
"redirect_mongo_id",
"sb_referer_host",
];
// If this is true, the querystring keys stripped from the request will be
// addeed to any Location header served by a redirect.
const REPLACE_STRIPPED_QUERYSTRING_ON_REDIRECT_LOCATION = false;
// If this is true, querystring key are stripped if they have no value eg. ?foo
// Disabled by default, but highly recommended
const STRIP_VALUELESS_QUERYSTRING_KEYS = false;
// Only these status codes should be considered cacheable
// (from https://www.w3.org/Protocols/rfc2616/rfc2616-sec13.html#sec13.4)
const CACHABLE_HTTP_STATUS_CODES = [200, 203, 206, 300, 301, 410];
export default {
async fetch(originalRequest, env, ctx) {
const cache = caches.default;
// eslint-disable-next-line prefer-const
const [request, strippedParams] = stripQuerystring(originalRequest);
if (!requestIsCachable(request)) {
// If the request isn't cacheable, return a Response directly from the origin.
return fetchOrigin(request, env);
}
const cachingRequest = getCachingRequest(request);
let response = await cache.match(cachingRequest);
if (!response) {
// If we didn't get a response from the cache, fetch one from the origin
// and put it in the cache.
response = await fetchOrigin(request, env);
if (responseIsCachable(response)) {
ctx.waitUntil(cache.put(cachingRequest, response.clone()));
}
}
if (REPLACE_STRIPPED_QUERYSTRING_ON_REDIRECT_LOCATION) {
response = replaceStrippedQsOnRedirectResponse(response, strippedParams);
}
return response;
},
};
/*
* Cacheability Utilities
*/
function requestIsCachable(request) {
/*
* Given a Request, determine if it should be cached.
* Currently the only factor here is whether a private cookie is present.
*/
return !hasPrivateCookie(request);
}
function responseIsCachable(response) {
/*
* Given a Response, determine if it should be cached.
* Factors here are whether the status code is cachable, and whether it is an A/B test response (uncached if so).
*/
return (
CACHABLE_HTTP_STATUS_CODES.includes(response.status) &&
!response.headers.has(AB_TEST_HEADER)
);
}
function getCachingRequest(request) {
/**
* Create a new request for use as a cache key.
*
* Note: Modifications to this request are not sent upstream.
*/
const cookies = getCookies(request);
const requestURL = new URL(request.url);
// Include specified cookies in cache key
VARY_COOKIES.forEach((cookieName) =>
requestURL.searchParams.set(
`cookie-${cookieName}`,
cookies[cookieName] || ""
)
);
// Include specified headers in cache key
VARY_HEADERS.forEach((headerName) =>
requestURL.searchParams.set(
`header-${headerName}`,
request.headers.get(headerName) || ""
)
);
return new Request(requestURL, request);
}
/*
* Request Utilities
*/
function stripQuerystring(request) {
/**
* Given a Request, return a new Request with the ignored or blank querystring keys stripped out,
* along with an object representing the stripped values.
*/
const url = new URL(request.url);
const stripKeys = STRIP_QUERYSTRING_KEYS.filter((v) =>
url.searchParams.has(v)
);
const strippedParams = {};
if (stripKeys.length) {
stripKeys.reduce((acc, key) => {
acc[key] = url.searchParams.getAll(key);
url.searchParams.delete(key);
return acc;
}, strippedParams);
}
if (STRIP_VALUELESS_QUERYSTRING_KEYS) {
// Strip query params without values to avoid unnecessary cache misses
[...url.searchParams.entries()].forEach(([key, value]) => {
if (!value) {
url.searchParams.delete(key);
strippedParams[key] = "";
}
});
}
return [new Request(url, request), strippedParams];
}
function hasPrivateCookie(request) {
/*
* Given a Request, determine if one of the 'private' cookies are present.
*/
const allCookies = getCookies(request);
// Check if any of the private cookies are present and have a non-empty value
return PRIVATE_COOKIES.some(
(cookieName) => cookieName in allCookies && allCookies[cookieName]
);
}
function getCookies(request) {
/*
* Extract the cookies from a given request
*/
const cookieHeader = request.headers.get("Cookie");
if (!cookieHeader) {
return {};
}
return cookieHeader.split(";").reduce((cookieMap, cookieString) => {
const [cookieKey, cookieValue] = cookieString.split("=");
return { ...cookieMap, [cookieKey.trim()]: (cookieValue || "").trim() };
}, {});
}
/**
* Response Utilities
*/
function replaceStrippedQsOnRedirectResponse(response, strippedParams) {
/**
* Given an existing Response, and an object of stripped querystring keys,
* determine if the response is a redirect.
* If it is, add the stripped querystrings to the location header.
* This allows us to persist tracking querystrings (like UTM) over redirects.
*/
if ([301, 302].includes(response.status)) {
const redirectResponse = new Response(response.body, response);
const locationHeaderValue = redirectResponse.headers.get("location");
let locationUrl;
if (!locationHeaderValue) {
return redirectResponse;
}
const isAbsolute = isUrlAbsolute(locationHeaderValue);
if (!isAbsolute) {
// If the Location URL isn't absolute, we need to provide a Host so we can use
// a URL object.
locationUrl = new URL(locationHeaderValue, "http://www.example.com");
} else {
locationUrl = new URL(locationHeaderValue);
}
Object.entries(strippedParams).forEach(([key, value]) =>
locationUrl.searchParams.append(key, value)
);
let newLocation;
if (isAbsolute) {
newLocation = locationUrl.toString();
} else {
newLocation = `${locationUrl.pathname}${locationUrl.search}`;
}
redirectResponse.headers.set("location", newLocation);
return redirectResponse;
}
return response;
}
/**
* URL Utilities
*/
function isUrlAbsolute(url) {
return url.indexOf("://") > 0 || url.indexOf("//") === 0;
}