Varnish Changelog

DataDome Varnish

v3.4.1 (2022-12-21)

Fix payload size of new headers sent to the API Server

v3.4.0 (2022-12-12)

Improved headers management

v3.3 (2022-05-11)

Fixed a segfault when the backend is set to none

v3.2 (2021-09-20)

Added support Varnish up to 7.0 included

v3.1 (2021-05-15)

Added support Varnish up to 6.6

v3.0 (2020-06-30)

Added support for Varnish v6.4
Introduced the universal module that works with all supported varnish versions

v2.44 (2020-06-11)

Fixed support for Varnish v4 for versions earlier than v4.0.3
Synced exclusion Regex with other modules

v2.43 (2019-12-21)

Added support for Varnish v6.1, v6.2 and v6.3

v2.42 (2018-06-01)

Implemented change to not cleanup backend request if it was cleaned up at the first try

v2.41 (2018-05-10)

Included headers to ApiServer's call: Content-Type, From, X-Real-IP, Via and True-Client-IP
Improved X-Forwarded-For handling

v2.40 (2018-04-25)

Implemented fix to not use static memory to keep the headers name to prevent a crash at vcl.load & vcl.discard

v2.39 (2018-04-11)

Fixedvmod_validate_url to change the URL and not method

v2.38 (2018-04-11)

Implemented a fix to not use static memory from the module inside Varnish request to prevent a crash at vcl.load & vcl.discard

v2.37 (2018-04-03)

Implemented a prevention against memory double free when varnish runs free at module config

v2.36 (2018-03-22)

Added support for Varnish v5.2 and v6.0

v2.35 (2017-09-26)

Introduced ESI support

v2.34 (2017-09-04)

Implemented change to force close connection with request body when the API server has banned the request

v2.33 (2017-08-07)

Introduced support for 401 response code from the API Server

v2.32 (2017-07-20)

Cleaned up obsolete tests from sources

v2.31 (2017-06-27)

Introduced data_dome_shield.is_datadome_call()
Tested with directors-based upstream

v2.30 (2017-05-24)

Added support for VCL_Log:DataDome_status and VCL_Log:DataDome_spent_time

v2.29 (2017-04-27)

Restored request inside is_valid() and deprecated restore_request()
Added datadome.vcl

v2.28 (2017-04-12)

Added support for Varnish 5.1.2+
Force use HTTP/1.1 protocol to ApiServer's call

v2.27 (2017-04-03)

Added support of Varnish v5.1
Allocated more memory to overstep a bug inside http_Teardown

v2.26 (2017-03-16)

Implemented support for X-DataDome-request-Headers
Implemented change to reset memory that is used as new headers for the API server call
Synced version with other varnish versions

v2.25 (2017-02-21)

Implemented change to reset memory that is used as new headers for the API server call

v2.24 (2017-01-25)

Removed X-DataDome headers at the real backend request and introduced data_dome_shield.cleanup_backends_request
Implemented change to not copy the URI for Regex matching
Moved from syslog to the standard Varnish logging method

v2.23 (2016-12-09)

Added verification by X-DatadomeResponse header
Implemented change to send the request's headers to the API server
Implemented change to send the request's Connection, Pragma and Cache-Control header's value

v2.22 (2016-10-18)

Added support for Varnish v5
Synced the exclusion Regex with other modules

v2.21 (2016-10-06)

Fixed a crash caused by using data_dome_shield.uri_regex_exclusion without data_dome_shield.uri_regex

v2.20 (2016-09-26)

Switched to using pre-reserved memory to create API call body
Fixed memory overflow when a value has a lot of symbols that are URL-encoded
Implemented change to not duplicate Host header in the request to the real backend
Implemented change to not send request headers to the API server
Implemented change to properly truncate URL-encoded values

v2.19 (2016-09-21)

Decreased the maximum API call to 10kb

v2.18 (2016-09-13)

Added .mp4 and .otf to the default exclusion Regex
Implemented change to release workspace memory when it contains any errors

v2.17 (2016-09-06)

Implemented fix to not allocate more memory that the real usage value

v2.16 (2016-08-08)

Removed all code that can read request body
Added Regex exclusion

v2.15 (2016-07-27)

Implemented change to send Content-Length header as PostParamLen

v2.14 (2017-07-23)

Implemented fix to properly handle extra-headers in blocking mode

v2.13 (2016-06-29)

Disabled sending Cookies and Body to API server by default
Added debug_params option
Implemented change to send Cookies length and Body length to API server
Implemented change to send Authorization length
Implemented change to send Method
Implemented change to send X-Requested-With
Implemented change to send Origin

v2.12 (2016-06-23)

Added URL encoding to API call parameters

v2.11 (2016-06-03)

Fixed param truncate logic

v2.10 (2016-04-25)

Implemented change to not overwrite Set-Cookie header

v2.9 (2016-04-15)

Implemented change for the module to not generate ClientID
Implemented change to remove X-DataDome header with module version
Introduced Support for X-DataDome-headers from the API response

v2.8 (2016-04-09)

Implemented setup DATA_DOME_IS_URI_REGEX_MATCHED env
Implemented change to add X-DataDome header with module version

v2.7 (2016-01-28)

Fixed truncated client ID generation
Added fix to re-generate client ID if it shorter or longer than expected

v2.6 (2016-01-26)

Fixed corrupt API call

v2.5 (2016-01-21)

Disabled send post param in default settings

v2.4 (2016-01-08)

Fixed crashing on POST request with zero body

v2.3 (2016-01-06)

Moved logic to add Set-Cookie to the is_valid function
Fixed isSentByClient and generatedNewClientID
Disabled default URL encoding for API Call
Implemented fix to replace old cookies
Fixed accept encoding
Implemented fix to force re-read body (removes 5 seconds timeout)
Implemented fix to accept body that is sent in multiple packets

v2.2 (2015-12-10)

Fixed the crash caused when X-Forwarder-For does not have a port
Implemented change to not send empty parameters anymore

v2.1 (2015-12-02)

Implemented change for Regex to apply to URL only, and not to MIME anymore

V2.0 (2015-11-30)

Implemented cookie and session ID
Implemented change to extract more from Header: Accept, AcceptCharset, AcceptEncoding and AcceptLanguage

Updated about 2 years ago