Similar to query parameter vhp-regex, you can now add a custom regex using the query parameter vhp-ban-regex to the purge_urls.
If it is set, the PURGE request contains an additional header X-Ban-Regex and the X-Purge-Method is ban-regex.
If the VCL contains this functionality (described below), it will be used. Otherwise – to preserve backwards compatibility – only the request url itself is purged.
The VCL now looks like this:
sub vcl_recv {
if (req.method == "PURGE" || req.method == "BAN") {
# If the IP isn't a match, we can't flush cache.
if (!client.ip ~ purge) {
return (synth(405, "This IP is not allowed to send PURGE requests."));
}
# If we're trying to custom regex, then we need to use the ban calls:
if (req.http.X-Purge-Method == "ban-regex" && req.http.X-Ban-Regex) {
ban("obj.http.x-url ~ " + req.http.X-Ban-Regex + " && obj.http.x-host ~ " + req.http.host);
return (synth(200, "Banned"));
}
# If we're trying to regex, then we need to use the ban calls:
if (req.http.X-Purge-Method == "regex") {
ban("obj.http.x-url ~ " + req.url + " && obj.http.x-host ~ " + req.http.host);
return (synth(200, "Purged"));
}
# Backported catch for exact cache flush calls:
if (req.http.X-Purge-Method == "exact") {
ban("obj.http.x-url == " + req.url + " && obj.http.X-Req-Host == " + req.http.host);
return (synth(200, "Purged"));
}
# Otherwise, we strip the query params and flush as is:
set req.url = regsub(req.url, "\?.*$", "");
return (purge);
}
}
What I don't like in this approach is that X-Purge-Method: regex and X-Purge-Method: ban-regex as well as $pregex and $bregex might be confusing (but is needed for backwards compatibility or for people who cannot change their VCL).
lukasbesch
commented
2 years ago
My approach for #96.
Similar to query parameter
vhp-regex, you can now add a custom regex using the query parametervhp-ban-regexto thepurge_urls. If it is set, thePURGErequest contains an additional headerX-Ban-Regexand theX-Purge-Methodisban-regex. If the VCL contains this functionality (described below), it will be used. Otherwise – to preserve backwards compatibility – only the request url itself is purged.The VCL now looks like this:
What I don't like in this approach is that
X-Purge-Method: regexandX-Purge-Method: ban-regexas well as$pregexand$bregexmight be confusing (but is needed for backwards compatibility or for people who cannot change their VCL).