Varnish Changelog

DataDome Varnish

v3.4.1 (2022-12-21)

  • Fix payload size of new headers sent to the API Server

v3.4.0 (2022-12-12)

  • Improved headers management

v3.3 (2022-05-11)

  • Fixed a segfault when the backend is set to none

v3.2 (2021-09-20)

  • Added support Varnish up to 7.0 included

v3.1 (2021-05-15)

  • Added support Varnish up to 6.6

v3.0 (2020-06-30)

  • Added support for Varnish v6.4
  • Introduced the universal module that works with all supported varnish versions

v2.44 (2020-06-11)

  • Fixed support for Varnish v4 for versions earlier than v4.0.3
  • Synced exclusion Regex with other modules

v2.43 (2019-12-21)

  • Added support for Varnish v6.1, v6.2 and v6.3

v2.42 (2018-06-01)

  • Implemented change to not cleanup backend request if it was cleaned up at the first try

v2.41 (2018-05-10)

  • Included headers to ApiServer's call: Content-Type, From, X-Real-IP, Via and True-Client-IP
  • Improved X-Forwarded-For handling

v2.40 (2018-04-25)

  • Implemented fix to not use static memory to keep the headers name to prevent a crash at vcl.load & vcl.discard

v2.39 (2018-04-11)

  • Fixedvmod_validate_url to change the URL and not method

v2.38 (2018-04-11)

  • Implemented a fix to not use static memory from the module inside Varnish request to prevent a crash at vcl.load & vcl.discard

v2.37 (2018-04-03)

  • Implemented a prevention against memory double free when varnish runs free at module config

v2.36 (2018-03-22)

  • Added support for Varnish v5.2 and v6.0

v2.35 (2017-09-26)

  • Introduced ESI support

v2.34 (2017-09-04)

  • Implemented change to force close connection with request body when the API server has banned the request

v2.33 (2017-08-07)

  • Introduced support for 401 response code from the API Server

v2.32 (2017-07-20)

  • Cleaned up obsolete tests from sources

v2.31 (2017-06-27)

  • Introduced data_dome_shield.is_datadome_call()
  • Tested with directors-based upstream

v2.30 (2017-05-24)

  • Added support for VCL_Log:DataDome_status and VCL_Log:DataDome_spent_time

v2.29 (2017-04-27)

  • Restored request inside is_valid() and deprecated restore_request()
  • Added datadome.vcl

v2.28 (2017-04-12)

  • Added support for Varnish 5.1.2+
  • Force use HTTP/1.1 protocol to ApiServer's call

v2.27 (2017-04-03)

  • Added support of Varnish v5.1
  • Allocated more memory to overstep a bug inside http_Teardown

v2.26 (2017-03-16)

  • Implemented support for X-DataDome-request-Headers
  • Implemented change to reset memory that is used as new headers for the API server call
  • Synced version with other varnish versions

v2.25 (2017-02-21)

  • Implemented change to reset memory that is used as new headers for the API server call

v2.24 (2017-01-25)

  • Removed X-DataDome headers at the real backend request and introduced data_dome_shield.cleanup_backends_request
  • Implemented change to not copy the URI for Regex matching
  • Moved from syslog to the standard Varnish logging method

v2.23 (2016-12-09)

  • Added verification by X-DatadomeResponse header
  • Implemented change to send the request's headers to the API server
  • Implemented change to send the request's Connection, Pragma and Cache-Control header's value

v2.22 (2016-10-18)

  • Added support for Varnish v5
  • Synced the exclusion Regex with other modules

v2.21 (2016-10-06)

  • Fixed a crash caused by using data_dome_shield.uri_regex_exclusion without data_dome_shield.uri_regex

v2.20 (2016-09-26)

  • Switched to using pre-reserved memory to create API call body
  • Fixed memory overflow when a value has a lot of symbols that are URL-encoded
  • Implemented change to not duplicate Host header in the request to the real backend
  • Implemented change to not send request headers to the API server
  • Implemented change to properly truncate URL-encoded values

v2.19 (2016-09-21)

  • Decreased the maximum API call to 10kb

v2.18 (2016-09-13)

  • Added .mp4 and .otf to the default exclusion Regex
  • Implemented change to release workspace memory when it contains any errors

v2.17 (2016-09-06)

  • Implemented fix to not allocate more memory that the real usage value

v2.16 (2016-08-08)

  • Removed all code that can read request body
  • Added Regex exclusion

v2.15 (2016-07-27)

  • Implemented change to send Content-Length header as PostParamLen

v2.14 (2017-07-23)

  • Implemented fix to properly handle extra-headers in blocking mode

v2.13 (2016-06-29)

  • Disabled sending Cookies and Body to API server by default
  • Added debug_params option
  • Implemented change to send Cookies length and Body length to API server
  • Implemented change to send Authorization length
  • Implemented change to send Method
  • Implemented change to send X-Requested-With
  • Implemented change to send Origin

v2.12 (2016-06-23)

  • Added URL encoding to API call parameters

v2.11 (2016-06-03)

  • Fixed param truncate logic

v2.10 (2016-04-25)

  • Implemented change to not overwrite Set-Cookie header

v2.9 (2016-04-15)

  • Implemented change for the module to not generate ClientID
  • Implemented change to remove X-DataDome header with module version
  • Introduced Support for X-DataDome-headers from the API response

v2.8 (2016-04-09)

  • Implemented setup DATA_DOME_IS_URI_REGEX_MATCHED env
  • Implemented change to add X-DataDome header with module version

v2.7 (2016-01-28)

  • Fixed truncated client ID generation
  • Added fix to re-generate client ID if it shorter or longer than expected

v2.6 (2016-01-26)

  • Fixed corrupt API call

v2.5 (2016-01-21)

  • Disabled send post param in default settings

v2.4 (2016-01-08)

  • Fixed crashing on POST request with zero body

v2.3 (2016-01-06)

  • Moved logic to add Set-Cookie to the is_valid function
  • Fixed isSentByClient and generatedNewClientID
  • Disabled default URL encoding for API Call
  • Implemented fix to replace old cookies
  • Fixed accept encoding
  • Implemented fix to force re-read body (removes 5 seconds timeout)
  • Implemented fix to accept body that is sent in multiple packets

v2.2 (2015-12-10)

  • Fixed the crash caused when X-Forwarder-For does not have a port
  • Implemented change to not send empty parameters anymore

v2.1 (2015-12-02)

  • Implemented change for Regex to apply to URL only, and not to MIME anymore

V2.0 (2015-11-30)

  • Implemented cookie and session ID
  • Implemented change to extract more from Header: Accept, AcceptCharset, AcceptEncoding and AcceptLanguage