Response Cookie handling
Last updated 2021-05-10
The traditional way to read response cookies in VCL is to inspect either the beresp.http.Set-Cookie
or the resp.http.Set-Cookie
variables and then extract values using regular expressions. However this is not ideal since attempting to parse potentially complicated or quoted strings with regular expressions is brittle and prone to being tripped up by edge cases. It also doesn't allow for reading multiple headers with the same name such as when an origin sends multiple Set-Cookie
headers. Because of these two reasons Fastly supports a method for extracting a named value out of Set-Cookie
headers no matter how many there are.
To access a named value simply use the function with either beresp
or resp
depending on what part of the request you're in - so either
1
setcookie.get_value_by_name(beresp, "name")
or
1
setcookie.get_value_by_name(resp, "name")
as appropriate, replacing "name"
with whatever the name of the value is. So for example, given this HTTP response from an origin
1
2
3
4
5
6
7
8
9
10
HTTP/1.1 200 OK
Cache-Control: max-age=60
Content-Type: text/html; charset=utf-8
Content-Length: 80806
Accept-Ranges: bytes
Date: Tue, 11 Aug 2015 19:00:04 GMT
Age: 123
Connection: keep-alive
Set-Cookie: one=a; httponly; secure
Set-Cookie: two=b or not to b; httponly
then using the function like this
1
2
set resp.http.X-One = setcookie.get_value_by_name(resp, "one");
set resp.http.X-Two = setcookie.get_value_by_name(resp, "two");
will set resp.http.X-One
to be "a" and resp.http.X-Two
to "b or not to b".
This logic can be used in uploaded custom VCL, as well as throughout the web interface. For example: