我有以下vcl_deliver
子程序:
sub vcl_deliver {
# Remove some HTTP-headers:
unset resp.http.Server;
unset resp.http.X-Varnish;
unset resp.http.Via;
unset resp.http.X-Cacheable;
unset resp.http.Age;
return (deliver);
}
现在奇怪的是,除了标头之外的所有其他 HTTP 标头都被删除了Server
(我已经curl
使用 Google Chrome 进行了检查)。当我使用 调试时varnishlog -g raw
,我得到以下信息:
202443 RespProtocol c HTTP/1.1
202443 RespStatus c 200
202443 RespReason c OK
202443 RespHeader c Server: nginx
202443 RespHeader c Content-Type: text/html; charset=UTF-8
202443 RespHeader c Vary: Accept-Encoding
202443 RespHeader c Cache-Control: no-cache, private
202443 RespHeader c Date: Sun, 12 Aug 2018 14:19:11 GMT
202443 RespHeader c X-Frame-Options: SAMEORIGIN
202443 RespHeader c X-XSS-Protection: 1; mode=block
202443 RespHeader c X-Content-Type-Options: nosniff
202443 RespHeader c Content-Encoding: gzip
202443 RespHeader c X-Varnish: 202443 168601
202443 RespHeader c Age: 69910
202443 RespHeader c Via: 1.1 varnish (Varnish/5.0)
202443 VCL_call c DELIVER [7/171]
202443 RespUnset c Server: nginx
202443 RespUnset c X-Varnish: 202443 168601
202443 RespUnset c Via: 1.1 varnish (Varnish/5.0)
202443 RespUnset c Age: 69910
202443 VCL_return c deliver
202443 Timestamp c Process: 1534153462.090447 0.000147 0.000147
202443 RespUnset c Content-Encoding: gzip
202443 RespHeader c Accept-Ranges: bytes
202443 Debug c "RES_MODE 40"
202443 RespHeader c Connection: close
202443 Gzip c U D - 0 0 0 0 0
202443 Timestamp c Resp: 1534153462.090535 0.000235 0.000088
202443 ReqAcct c 229 0 229 302 0 302
202443 End c
202442 SessClose c REQ_CLOSE 0.000
202442 End c
正如我们所见 ( RespUnset Server: nginx
) Varnish 正在尝试删除 HTTPServer
标头 - 但是为什么当我使用curl
Google Chrome 或 Google Chrome 进行调试时它仍然出现?
您必须使用 Varnish 和 nginx“三明治”来终止 SSL:
所以很自然,
Server
在 Varnish 中删除标头后,nginx (SSL) 仍然会发送自己的标头。解决方案是同时删除 nginx 中的 Server 标头,例如使用 headers-more nginx 模块: