Performing a Conditional GET for Cache Hits

Comments

1 comment

  • Richard Alpagot

    Hi Skidder,

    Apologies for not getting back to you here. It's an interesting question, you'd be changing the typical VCL flow as shown below and it'd likely be more complex than implementing the signing separately between Fastly and client then Fastly to the origin. I'd be interested in hearing more if there is a specific case use for this?

    Typical flow:

    fastly-vcl-flow|341x500

    Note that this would have fairly significant performance detriments as you'd be contacting the origin each time. It would seem more beneficial to move the URL signing potion to Fastly so that the verification is performant (not to mention, lessening the load on the origin). We have UUID and Cryptographic functions documented here: https://docs.fastly.com/vcl/functions/

    Also we have some similar VCL examples here: AWS S3 protected backend (sig v4) - https://fiddle.fastlydemo.net/fiddle/7b037295 Authenticating JSON web tokens at the edge - https://fiddle.fastlydemo.net/fiddle/27bdd957

    If you need specific support. Please send a ticket into support@fastly.com and we'll be happy to help further.

    0
    Comment actions Permalink

Please sign in to leave a comment.