I have a situation where customer ajax login is not working even though the customer types in valid credentials. Instead, the page just reloads and the customer is not logged in. To clarify, it DOES work when the below Varnish VCL rules are not in place.
Ajax Request/Response
The request is to /customer/ajax/login with valid credentials and re-captcha data.
The response has a status code of 200 but the response content is empty.
Varnish Configuration
Varnish is installed and in effect on this particular environment and has the following VCL rules applied in the RECV/SYNTH blocks
RECV Block
Intercepts customer ajax login and produces synthetic response to be handled later
sub vcl_recv {
if (req.url ~ "/customer/ajax/login") {
return (synth(801, "BOT"));
}
}
SYNTH Block
Intercepts the synthetic response from RECV block and sets 200 response status, header values, and delivers.
sub vcl_synth {
if (resp.status == 801) {
set resp.status = 200;
set resp.http.Access-Control-Allow-Origin = req.http.Origin;
set resp.http.Access-Control-Allow-Methods = "GET, POST, OPTIONS, DELETE, PUT, HEAD";
set resp.http.Access-Control-Allow-Credentials = "true";
set resp.http.Access-Control-Allow-Headers = "Accept, Accept-Language, Accept-Charset, Authorization, Content-Language, Content-Type, Cookie, Host, Origin, User"
return(deliver);
}
}
More Detail
- This is custom Varnish VCL, but I am not sure what it is trying to accomplish
- From what I read about Synthetic responses, they are intended for error pages
- Commenting out these rules fixes the empty response and failure to actually login the customer
- I have a suspicion that the use of this synthetic response is not how it’s intended to be used + blows out the original response content of the ajax login request
- I’m pretty sure the stock Magento varnish VCL doesn’t include these rules / trying to understand the side effects of these rules presence or removal
Question
- What is the purpose of a Varnish Synthetic response?
- In this context, is this proper usage of it?
