Nginx Fast-cgi cache + Cookies and Content Security Policy

  • Resolved Viktor Bijlenga

    (@viktorbijlenga)


    3 years ago

    Hi,

    I’m trying to figure out how to use an Nginx fast-CGI cache together with the Cookies and Content Security Policy plugin.

    My current setup bypasses the cache when the cookie cookies_and_content_security_policy is set as described in the FAQ. This works great, but as a result, none of the pages are cached when a user has accepted the usage of cookies (different settings, results in different headers or meta tag as expected). I’ve checked some of the example sites, which seem to be working like this as well.

    Have I done something wrong, or is it intended to work like this?
    Would it be possible to use some other cache solution, which allows more of the pages of a site to be cached, even though users have accepted the use of cookies?

    Thanks for a great plugin.

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Author Johan Jonk Stenstr?m

    (@jonkastonka)

    Thanks!

    Check if Nginx fast-CGI cache has a Cookie cache as described in the FAQ:
    I’m using a cache plugin, and it seems to be interfere with this plugin

    Plugin Author Johan Jonk Stenstr?m

    (@jonkastonka)

    Maybe https://serverfault.com/questions/809878/nginx-fastcgi-cache-exclude-session-cookie:
    fastcgi_no_cache $cookie_PHPSESSID;
    fastcgi_cache_bypass $cookie_PHPSESSID;

    Thread Starter Viktor Bijlenga

    (@viktorbijlenga)

    Hi @jonkastonka,

    I think I’ve found a working solution for using the NGINX fast-CGI cache. I was using a directive that resulted in the cache being skipped when the plugins cookie was set.

    # Don’t use the cache for users which have accepted cookies
if ($http_cookie ~* "cookies_and_content_security_policy") {
    set $skip_cache 1;
}

    I want the cache to serve different versions depending on the values of the cookies_and_content_security_policy cookie, since users need different get pages which sends different headers/meta-tags for the Content Security Policy.

    To be able to do that, I needed to use the fastcgi_cache_key directive. If you use NGINX as a proxy (in front of Apache), I think the directive should use the proxy_cache_key instead, but I haven’t tested that.

    In my case, the directive look like this:
    fastcgi_cache_key "$scheme$request_method$host$request_uri$cookie_cookies_and_content_security_policy";

    This is located in the nginx.conf for the current site. In my case, it was located at /etc/nginx/sites-available/SITENAME

    Using this type of NGINX cache configuration, pages will be cached separately for different settings.

    NOTE: If the site contains a large amount of pages, this might result in a lot of cached pages, since every page will be changed multiple times. This might be something to look into since it might require a lot more space.

    If you spot an error, or this sounds wrong. Please feel free to improve the solution. Thanks in advance.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Nginx Fast-cgi cache + Cookies and Content Security Policy’ is closed to new replies.