Does anyone has expirience with - Cloudflare Worker to bypass cookies for Ghost:
Ghost blog login not working with cache everything
The problem is related to members and login.
The sample worker for Wordpress is posted below:
For members, you can check for ghost-members-ssr, and for staff, you can check for ghost-admin-api-session
1 Like
Do you mean that change of:
// Cookie prefixes that cause a request to bypass the cache when present.
const BYPASS_COOKIE_PREFIXES = [
"wp-",
"wordpress",
"comment_",
"woocommerce_"
];
// URL paths to bypass the cache (each pattern is a regex)
const BYPASS_URL_PATTERNS = [
/\/wp-admin\/.*/
];
to:
// Cookie prefixes that cause a request to bypass the cache when present.
const BYPASS_COOKIE_PREFIXES = [
"ghost-members-ssr",
"admin-api-session"
];
// URL paths to bypass the cache (each pattern is a regex)
const BYPASS_URL_PATTERNS = [
/\/ghost\/.*/
];
will be enough
You’re on the right track, but you the bypass patterns could cause issues with members.
→ ghost-admin-api-session should bypass /\/ghost\/.*/
→ ghost-members-ssr should bypass /\/.*/
Thank you very much for sharing.
I’m experimenting with your suggestions.
Will come back when I have results.
Also will post in the thread.
Greetings.
1 Like
So I was able to make it work by using:
// Cookie prefixes that cause a request to bypass the cache when present.
const BYPASS_COOKIE_PREFIXES = [
"ghost-members-ssr",
"admin-api-session"
];
// URL paths to bypass the cache (each pattern is a regex)
const BYPASS_URL_PATTERNS = [
".*/members/api/member/"
];
Steps to make it work:
Create Worker
- CloudFlare main menu
- Workers
- Create service
- HTTP handler
- use the code from - cf-workers/cache-bypass-on-cookie.js at master · pmeenan/cf-workers · GitHub
Add worker to site:
- Open the site in cloudflare
- Worker routes
- Add route
There is limitation of 100 000 requests per day for worker.
This limit is not enough for sites with high volumes of requests.
Thanks @vikaspotluri123
2 Likes
P.S. Somehow my profile changed. I didn’t do anything to change it.
The final working code is:
// Cookie prefixes that cause a request to bypass the cache when present.
const BYPASS_COOKIE_PREFIXES = [
"ghost-members-ssr",
"admin-api-session"
];
// URL paths to bypass the cache (each pattern is a regex)
const BYPASS_URL_PATTERNS = [
".*/members/api/member/",
"/\/ghost\/.*/"
];
2 Likes
With these routes… the Ghost not display all images.
It is working fine for me with the latest ghost version.
Not sure why is not working for you.
Do you have a way to debug or investigate what is going on?
Hi @Johny_K
Your full code is:
// Cookie prefixes that cause a request to bypass the cache when present.
const BYPASS_COOKIE_PREFIXES = [
"wp-",
"wordpress",
"comment_",
"woocommerce_"
];
// URL paths to bypass the cache (each pattern is a regex)
const BYPASS_URL_PATTERNS = [
/\/wp-admin\/.*/
];
/**
* Main worker entry point.
*/
addEventListener("fetch", event => {
//event.passThroughOnException();
const request = event.request;
if (bypassCache(request)) {
event.respondWith(handleRequest(request));
}
});
/**
* Do all of the work to bypass the cache
* @param {Request} request - Original request
*/
async function handleRequest(request) {
// Clone the request so we can add a no-cache, no-store Cache-Control request header.
let init = {
method: request.method,
headers: [...request.headers],
redirect: "manual",
body: request.body,
cf: { cacheTtl: 0 }
};
// Use a unique URL (query params) to make SURE the cache is busted for this request
let uniqueUrl = await generateUniqueUrl(request);
let newRequest = new Request(uniqueUrl, init);
newRequest.headers.set('Cache-Control', 'no-cache, no-store');
// For debugging, clone the response and add some debug headers
let response = await fetch(newRequest);
let newResponse = new Response(response.body, response);
newResponse.headers.set('X-Bypass-Cache', 'Bypassed');
return newResponse;
}
/**
* Determine if the given request needs to bypass the cache.
* @param {Request} request - inbound request.
* @returns {bool} true if the cache should be bypassed
*/
function bypassCache(request) {
let needsBypass = false;
// Bypass the cache for all requests to a URL that matches any of the URL path bypass patterns
const url = new URL(request.url);
const path = url.pathname + url.search;
if (BYPASS_URL_PATTERNS.length) {
for (let pattern of BYPASS_URL_PATTERNS) {
if (path.match(pattern)) {
needsBypass = true;
break;
}
}
}
// Bypass the cache if the request contains a cookie that starts with one of the pre-configured prefixes
if (!needsBypass) {
const cookieHeader = request.headers.get('cookie');
if (cookieHeader && cookieHeader.length && BYPASS_COOKIE_PREFIXES.length) {
const cookies = cookieHeader.split(';');
for (let cookie of cookies) {
// See if the cookie starts with any of the logged-in user prefixes
for (let prefix of BYPASS_COOKIE_PREFIXES) {
if (cookie.trim().startsWith(prefix)) {
needsBypass = true;
break;
}
}
if (needsBypass) {
break;
}
}
}
}
return needsBypass;
}
/**
* Generate a unique URL so it will never match in the cache.
* This is a bit of a hack since there is no way to explicitly bypass the Cloudflare cache (yet)
* and requires that the origin will ignore unknown query parameters.
* @param {Request} request - Original request
*/
async function generateUniqueUrl(request) {
let url = request.url;
let timeInMs = Date.now();
let hashString = '';
for (let header of request.headers) {
hashString += header[0] + ': ' + header[1] + '\n';
}
const encoder = new TextEncoder();
const digest = await crypto.subtle.digest('SHA-512', encoder.encode(hashString));
const base64digest = btoa(String.fromCharCode(...new Uint8Array(digest)));
const unique = encodeURIComponent(base64digest) + '.' + timeInMs;
if (url.indexOf('?') >= 0) {
url += '&';
} else {
url += '?';
}
url += 'cf_cache_bust=' + unique;
return url;
}
Do you have enabled another option in Cloudfare too? Page Rules, Cache rules, etc?
With this Worker… mi site not show all images in posts. It’s strange.
Yes I have page rules and caching - what is the recommendation
You can read about them here: