lmarquine/0001-Combined-PR-s-into-optimized-VCL-file.patch

## 0001-Combined-PR-s-into-optimized-VCL-file.patch
Combined PR's into optimized VCL file:
1. https://github.com/magento/magento2/pull/29360
2. https://github.com/magento/magento2/pull/28944
3. https://github.com/magento/magento2/pull/28894
4. https://github.com/magento/magento2/pull/35228
5. https://github.com/magento/magento2/pull/36524
6. https://github.com/magento/magento2/pull/34323

@package magento/module-page-cache
@version 100.4.5
@level 0

diff --git etc/varnish6.vcl etc/varnish6.vcl
index 16dd950..468330c 100644
--- etc/varnish6.vcl
+++ etc/varnish6.vcl
@@ -10,7 +10,7 @@ backend default {
     .port = "/* {{ port }} */";
     .first_byte_timeout = 600s;
     .probe = {
-        .url = "/pub/health_check.php";
+        .url = "/health_check.php";
         .timeout = 2s;
         .interval = 5s;
         .window = 10;
@@ -81,24 +81,9 @@ sub vcl_recv {
     # collect all cookies
     std.collect(req.http.Cookie);

-    # Compression filter. See https://www.varnish-cache.org/trac/wiki/FAQ/Compression
-    if (req.http.Accept-Encoding) {
-        if (req.url ~ "\.(jpg|jpeg|png|gif|gz|tgz|bz2|tbz|mp3|ogg|swf|flv)$") {
-            # No point in compressing these
-            unset req.http.Accept-Encoding;
-        } elsif (req.http.Accept-Encoding ~ "gzip") {
-            set req.http.Accept-Encoding = "gzip";
-        } elsif (req.http.Accept-Encoding ~ "deflate" && req.http.user-agent !~ "MSIE") {
-            set req.http.Accept-Encoding = "deflate";
-        } else {
-            # unknown algorithm
-            unset req.http.Accept-Encoding;
-        }
-    }
-
     # Remove all marketing get parameters to minimize the cache objects
-    if (req.url ~ "(\?|&)(gclid|cx|ie|cof|siteurl|zanpid|origin|fbclid|mc_[a-z]+|utm_[a-z]+|_bta_[a-z]+)=") {
-        set req.url = regsuball(req.url, "(gclid|cx|ie|cof|siteurl|zanpid|origin|fbclid|mc_[a-z]+|utm_[a-z]+|_bta_[a-z]+)=[-_A-z0-9+()%.]+&?", "");
+    if (req.url ~ "(\?|&)(gclid|cx|_kx|ie|cof|siteurl|zanpid|origin|fbclid|mc_[a-z]+|utm_[a-z]+|_bta_[a-z]+)=") {
+        set req.url = regsuball(req.url, "(gclid|cx|_kx|ie|cof|siteurl|zanpid|origin|fbclid|mc_[a-z]+|utm_[a-z]+|_bta_[a-z]+)=[-_A-z0-9+()%.]+&?", "");
         set req.url = regsub(req.url, "[?|&]+$", "");
     }

@@ -127,9 +112,8 @@ sub vcl_hash {
     }

     # To make sure http users don't see ssl warning
-    if (req.http./* {{ ssl_offloaded_header }} */) {
-        hash_data(req.http./* {{ ssl_offloaded_header }} */);
-    }
+    hash_data(req.http./* {{ ssl_offloaded_header }} */);
+
     /* {{ design_exceptions_code }} */

     if (req.url ~ "/graphql") {
@@ -147,13 +131,9 @@ sub process_graphql_headers {
         }
     }

-    if (req.http.Store) {
-        hash_data(req.http.Store);
-    }
+    hash_data(req.http.Store);

-    if (req.http.Content-Currency) {
-        hash_data(req.http.Content-Currency);
-    }
+    hash_data(req.http.Content-Currency);
 }

 sub vcl_backend_response {
@@ -173,9 +153,7 @@ sub vcl_backend_response {
     }

     # cache only successfully responses and 404s that are not marked as private
-    if (beresp.status != 200 &&
-            beresp.status != 404 &&
-            beresp.http.Cache-Control ~ "private") {
+    if ((beresp.status != 200 && beresp.status != 404) || beresp.http.Cache-Control ~ "private") {
         set beresp.uncacheable = true;
         set beresp.ttl = 86400s;
         return (deliver);
@@ -186,28 +164,18 @@ sub vcl_backend_response {
         unset beresp.http.set-cookie;
     }

-   # If page is not cacheable then bypass varnish for 2 minutes as Hit-For-Pass
-   if (beresp.ttl <= 0s ||
-       beresp.http.Surrogate-control ~ "no-store" ||
-       (!beresp.http.Surrogate-Control &&
-       beresp.http.Cache-Control ~ "no-cache|no-store") ||
-       beresp.http.Vary == "*") {
-        # Mark as Hit-For-Pass for the next 2 minutes
-        set beresp.ttl = 120s;
-        set beresp.uncacheable = true;
-   }
-
-   # If the cache key in the Magento response doesn't match the one that was sent in the request, don't cache under the request's key
-   if (bereq.url ~ "/graphql" && bereq.http.X-Magento-Cache-Id && bereq.http.X-Magento-Cache-Id != beresp.http.X-Magento-Cache-Id) {
-      set beresp.ttl = 0s;
-      set beresp.uncacheable = true;
-   }
-
-    return (deliver);
+    # If the cache key in the Magento response doesn't match the one that was sent in the request, don't cache under the request's key
+    if (bereq.url ~ "/graphql" && bereq.http.X-Magento-Cache-Id && bereq.http.X-Magento-Cache-Id != beresp.http.X-Magento-Cache-Id) {
+       set beresp.ttl = 120s;
+       set beresp.uncacheable = true;
+       return (deliver);
+    }
 }

 sub vcl_deliver {
-    if (resp.http.x-varnish ~ " ") {
+    if (obj.uncacheable) {
+        set resp.http.X-Magento-Cache-Debug = "UNCACHEABLE";
+    } else if (obj.hits) {
         set resp.http.X-Magento-Cache-Debug = "HIT";
         set resp.http.Grace = req.http.grace;
     } else {
 sub vcl_deliver {
-    if (resp.http.x-varnish ~ " ") {
+    if (obj.uncacheable) {
+        set resp.http.X-Magento-Cache-Debug = "UNCACHEABLE";
+    } else if (obj.hits) {
         set resp.http.X-Magento-Cache-Debug = "HIT";
         set resp.http.Grace = req.http.grace;
     } else {

## varnish6.vcl
# VCL version 5.0 is not supported so it should be 4.0 even though actually used Varnish version is 6
vcl 4.0;

import std;
# The minimal Varnish version is 6.0
# For SSL offloading, pass the following header in your proxy server or load balancer: '/* {{ ssl_offloaded_header }} */: https'

backend default {
    .host = "/* {{ host }} */";
    .port = "/* {{ port }} */";
    .first_byte_timeout = 600s;
    .probe = {
        .url = "/health_check.php";
        .timeout = 2s;
        .interval = 5s;
        .window = 10;
        .threshold = 5;
   }
}

acl purge {
/* {{ ips }} */
}

sub vcl_recv {
    if (req.restarts > 0) {
        set req.hash_always_miss = true;
    }

    if (req.method == "PURGE") {
        if (client.ip !~ purge) {
            return (synth(405, "Method not allowed"));
        }
        # To use the X-Pool header for purging varnish during automated deployments, make sure the X-Pool header
        # has been added to the response in your backend server config. This is used, for example, by the
        # capistrano-magento2 gem for purging old content from varnish during it's deploy routine.
        if (!req.http.X-Magento-Tags-Pattern && !req.http.X-Pool) {
            return (synth(400, "X-Magento-Tags-Pattern or X-Pool header required"));
        }
        if (req.http.X-Magento-Tags-Pattern) {
          ban("obj.http.X-Magento-Tags ~ " + req.http.X-Magento-Tags-Pattern);
        }
        if (req.http.X-Pool) {
          ban("obj.http.X-Pool ~ " + req.http.X-Pool);
        }
        return (synth(200, "Purged"));
    }

    if (req.method != "GET" &&
        req.method != "HEAD" &&
        req.method != "PUT" &&
        req.method != "POST" &&
        req.method != "TRACE" &&
        req.method != "OPTIONS" &&
        req.method != "DELETE") {
          /* Non-RFC2616 or CONNECT which is weird. */
          return (pipe);
    }

    # We only deal with GET and HEAD by default
    if (req.method != "GET" && req.method != "HEAD") {
        return (pass);
    }

    # Bypass health check requests
    if (req.url ~ "^/(pub/)?(health_check.php)$") {
        return (pass);
    }

    # Set initial grace period usage status
    set req.http.grace = "none";

    # normalize url in case of leading HTTP scheme and domain
    set req.url = regsub(req.url, "^http[s]?://", "");

    # collect all cookies
    std.collect(req.http.Cookie);

    # Remove all marketing get parameters to minimize the cache objects
    if (req.url ~ "(\?|&)(gclid|cx|_kx|ie|cof|siteurl|zanpid|origin|fbclid|mc_[a-z]+|utm_[a-z]+|_bta_[a-z]+)=") {
        set req.url = regsuball(req.url, "(gclid|cx|_kx|ie|cof|siteurl|zanpid|origin|fbclid|mc_[a-z]+|utm_[a-z]+|_bta_[a-z]+)=[-_A-z0-9+()%.]+&?", "");
        set req.url = regsub(req.url, "[?|&]+$", "");
    }

    # Static files caching
    if (req.url ~ "^/(pub/)?(media|static)/") {
        # Static files should not be cached by default
        return (pass);

        # But if you use a few locales and don't use CDN you can enable caching static files by commenting previous line (#return (pass);) and uncommenting next 3 lines
        #unset req.http.Https;
        #unset req.http./* {{ ssl_offloaded_header }} */;
        #unset req.http.Cookie;
    }

    # Bypass authenticated GraphQL requests without a X-Magento-Cache-Id
    if (req.url ~ "/graphql" && !req.http.X-Magento-Cache-Id && req.http.Authorization ~ "^Bearer") {
        return (pass);
    }

    return (hash);
}

sub vcl_hash {
    if ((req.url !~ "/graphql" || !req.http.X-Magento-Cache-Id) && req.http.cookie ~ "X-Magento-Vary=") {
        hash_data(regsub(req.http.cookie, "^.*?X-Magento-Vary=([^;]+);*.*$", "\1"));
    }

    # To make sure http users don't see ssl warning
    hash_data(req.http./* {{ ssl_offloaded_header }} */);

    /* {{ design_exceptions_code }} */

    if (req.url ~ "/graphql") {
        call process_graphql_headers;
    }
}

sub process_graphql_headers {
    if (req.http.X-Magento-Cache-Id) {
        hash_data(req.http.X-Magento-Cache-Id);

        # When the frontend stops sending the auth token, make sure users stop getting results cached for logged-in users
        if (req.http.Authorization ~ "^Bearer") {
            hash_data("Authorized");
        }
    }

    hash_data(req.http.Store);

    hash_data(req.http.Content-Currency);
}

sub vcl_backend_response {

    set beresp.grace = 3d;

    if (beresp.http.content-type ~ "text") {
        set beresp.do_esi = true;
    }

    if (bereq.url ~ "\.js$" || beresp.http.content-type ~ "text") {
        set beresp.do_gzip = true;
    }

    if (beresp.http.X-Magento-Debug) {
        set beresp.http.X-Magento-Cache-Control = beresp.http.Cache-Control;
    }

    # cache only successfully responses and 404s that are not marked as private
    if ((beresp.status != 200 && beresp.status != 404) || beresp.http.Cache-Control ~ "private") {
        set beresp.uncacheable = true;
        set beresp.ttl = 86400s;
        return (deliver);
    }

    # validate if we need to cache it and prevent from setting cookie
    if (beresp.ttl > 0s && (bereq.method == "GET" || bereq.method == "HEAD")) {
        unset beresp.http.set-cookie;
    }

    # If the cache key in the Magento response doesn't match the one that was sent in the request, don't cache under the request's key
    if (bereq.url ~ "/graphql" && bereq.http.X-Magento-Cache-Id && bereq.http.X-Magento-Cache-Id != beresp.http.X-Magento-Cache-Id) {
       set beresp.ttl = 120s;
       set beresp.uncacheable = true;
       return (deliver);
    }
}

sub vcl_deliver {
    if (obj.uncacheable) {
        set resp.http.X-Magento-Cache-Debug = "UNCACHEABLE";
    } else if (obj.hits) {
        set resp.http.X-Magento-Cache-Debug = "HIT";
        set resp.http.Grace = req.http.grace;
    } else {
        set resp.http.X-Magento-Cache-Debug = "MISS";
    }

    # Not letting browser to cache non-static files.
    if (resp.http.Cache-Control !~ "private" && req.url !~ "^/(pub/)?(media|static)/") {
        set resp.http.Pragma = "no-cache";
        set resp.http.Expires = "-1";
        set resp.http.Cache-Control = "no-store, no-cache, must-revalidate, max-age=0";
    }

    if (!resp.http.X-Magento-Debug) {
        unset resp.http.Age;
    }
    unset resp.http.X-Magento-Debug;
    unset resp.http.X-Magento-Tags;
    unset resp.http.X-Powered-By;
    unset resp.http.Server;
    unset resp.http.X-Varnish;
    unset resp.http.Via;
    unset resp.http.Link;
}

sub vcl_hit {
    if (obj.ttl >= 0s) {
        # Hit within TTL period
        return (deliver);
    }
    if (std.healthy(req.backend_hint)) {
        if (obj.ttl + /* {{ grace_period }} */s > 0s) {
            # Hit after TTL expiration, but within grace period
            set req.http.grace = "normal (healthy server)";
            return (deliver);
        } else {
            # Hit after TTL and grace expiration
            return (restart);
        }
    } else {
        # server is not healthy, retrieve from cache
        set req.http.grace = "unlimited (unhealthy server)";
        return (deliver);
    }
}
	Combined PR's into optimized VCL file:
	1. https://github.com/magento/magento2/pull/29360
	2. https://github.com/magento/magento2/pull/28944
	3. https://github.com/magento/magento2/pull/28894
	4. https://github.com/magento/magento2/pull/35228
	5. https://github.com/magento/magento2/pull/36524
	6. https://github.com/magento/magento2/pull/34323

	@package magento/module-page-cache
	@version 100.4.5
	@level 0

	diff --git etc/varnish6.vcl etc/varnish6.vcl
	index 16dd950..468330c 100644
	--- etc/varnish6.vcl
	+++ etc/varnish6.vcl
	@@ -10,7 +10,7 @@ backend default {
	.port = "/* {{ port }} */";
	.first_byte_timeout = 600s;
	.probe = {
	- .url = "/pub/health_check.php";
	+ .url = "/health_check.php";
	.timeout = 2s;
	.interval = 5s;
	.window = 10;
	@@ -81,24 +81,9 @@ sub vcl_recv {
	# collect all cookies
	std.collect(req.http.Cookie);

	- # Compression filter. See https://www.varnish-cache.org/trac/wiki/FAQ/Compression
	- if (req.http.Accept-Encoding) {
	- if (req.url ~ "\.(jpg\|jpeg\|png\|gif\|gz\|tgz\|bz2\|tbz\|mp3\|ogg\|swf\|flv)$") {
	- # No point in compressing these
	- unset req.http.Accept-Encoding;
	- } elsif (req.http.Accept-Encoding ~ "gzip") {
	- set req.http.Accept-Encoding = "gzip";
	- } elsif (req.http.Accept-Encoding ~ "deflate" && req.http.user-agent !~ "MSIE") {
	- set req.http.Accept-Encoding = "deflate";
	- } else {
	- # unknown algorithm
	- unset req.http.Accept-Encoding;
	- }
	- }
	-
	# Remove all marketing get parameters to minimize the cache objects
	- if (req.url ~ "(\?\|&)(gclid\|cx\|ie\|cof\|siteurl\|zanpid\|origin\|fbclid\|mc_[a-z]+\|utm_[a-z]+\|_bta_[a-z]+)=") {
	- set req.url = regsuball(req.url, "(gclid\|cx\|ie\|cof\|siteurl\|zanpid\|origin\|fbclid\|mc_[a-z]+\|utm_[a-z]+\|_bta_[a-z]+)=[-_A-z0-9+()%.]+&?", "");
	+ if (req.url ~ "(\?\|&)(gclid\|cx\|_kx\|ie\|cof\|siteurl\|zanpid\|origin\|fbclid\|mc_[a-z]+\|utm_[a-z]+\|_bta_[a-z]+)=") {
	+ set req.url = regsuball(req.url, "(gclid\|cx\|_kx\|ie\|cof\|siteurl\|zanpid\|origin\|fbclid\|mc_[a-z]+\|utm_[a-z]+\|_bta_[a-z]+)=[-_A-z0-9+()%.]+&?", "");
	set req.url = regsub(req.url, "[?\|&]+$", "");
	}

	@@ -127,9 +112,8 @@ sub vcl_hash {
	}

	# To make sure http users don't see ssl warning
	- if (req.http./* {{ ssl_offloaded_header }} */) {
	- hash_data(req.http./* {{ ssl_offloaded_header }} */);
	- }
	+ hash_data(req.http./* {{ ssl_offloaded_header }} */);
	+
	/* {{ design_exceptions_code }} */

	if (req.url ~ "/graphql") {
	@@ -147,13 +131,9 @@ sub process_graphql_headers {
	}
	}

	- if (req.http.Store) {
	- hash_data(req.http.Store);
	- }
	+ hash_data(req.http.Store);

	- if (req.http.Content-Currency) {
	- hash_data(req.http.Content-Currency);
	- }
	+ hash_data(req.http.Content-Currency);
	}

	sub vcl_backend_response {
	@@ -173,9 +153,7 @@ sub vcl_backend_response {
	}

	# cache only successfully responses and 404s that are not marked as private
	- if (beresp.status != 200 &&
	- beresp.status != 404 &&
	- beresp.http.Cache-Control ~ "private") {
	+ if ((beresp.status != 200 && beresp.status != 404) \|\| beresp.http.Cache-Control ~ "private") {
	set beresp.uncacheable = true;
	set beresp.ttl = 86400s;
	return (deliver);
	@@ -186,28 +164,18 @@ sub vcl_backend_response {
	unset beresp.http.set-cookie;
	}

	- # If page is not cacheable then bypass varnish for 2 minutes as Hit-For-Pass
	- if (beresp.ttl <= 0s \|\|
	- beresp.http.Surrogate-control ~ "no-store" \|\|
	- (!beresp.http.Surrogate-Control &&
	- beresp.http.Cache-Control ~ "no-cache\|no-store") \|\|
	- beresp.http.Vary == "*") {
	- # Mark as Hit-For-Pass for the next 2 minutes
	- set beresp.ttl = 120s;
	- set beresp.uncacheable = true;
	- }
	-
	- # If the cache key in the Magento response doesn't match the one that was sent in the request, don't cache under the request's key
	- if (bereq.url ~ "/graphql" && bereq.http.X-Magento-Cache-Id && bereq.http.X-Magento-Cache-Id != beresp.http.X-Magento-Cache-Id) {
	- set beresp.ttl = 0s;
	- set beresp.uncacheable = true;
	- }
	-
	- return (deliver);
	+ # If the cache key in the Magento response doesn't match the one that was sent in the request, don't cache under the request's key
	+ if (bereq.url ~ "/graphql" && bereq.http.X-Magento-Cache-Id && bereq.http.X-Magento-Cache-Id != beresp.http.X-Magento-Cache-Id) {
	+ set beresp.ttl = 120s;
	+ set beresp.uncacheable = true;
	+ return (deliver);
	+ }
	}

	sub vcl_deliver {
	- if (resp.http.x-varnish ~ " ") {
	+ if (obj.uncacheable) {
	+ set resp.http.X-Magento-Cache-Debug = "UNCACHEABLE";
	+ } else if (obj.hits) {
	set resp.http.X-Magento-Cache-Debug = "HIT";
	set resp.http.Grace = req.http.grace;
	} else {
	sub vcl_deliver {
	- if (resp.http.x-varnish ~ " ") {
	+ if (obj.uncacheable) {
	+ set resp.http.X-Magento-Cache-Debug = "UNCACHEABLE";
	+ } else if (obj.hits) {
	set resp.http.X-Magento-Cache-Debug = "HIT";
	set resp.http.Grace = req.http.grace;
	} else {
	# VCL version 5.0 is not supported so it should be 4.0 even though actually used Varnish version is 6
	vcl 4.0;

	import std;
	# The minimal Varnish version is 6.0
	# For SSL offloading, pass the following header in your proxy server or load balancer: '/* {{ ssl_offloaded_header }} */: https'

	backend default {
	.host = "/* {{ host }} */";
	.port = "/* {{ port }} */";
	.first_byte_timeout = 600s;
	.probe = {
	.url = "/health_check.php";
	.timeout = 2s;
	.interval = 5s;
	.window = 10;
	.threshold = 5;
	}
	}

	acl purge {
	/* {{ ips }} */
	}

	sub vcl_recv {
	if (req.restarts > 0) {
	set req.hash_always_miss = true;
	}

	if (req.method == "PURGE") {
	if (client.ip !~ purge) {
	return (synth(405, "Method not allowed"));
	}
	# To use the X-Pool header for purging varnish during automated deployments, make sure the X-Pool header
	# has been added to the response in your backend server config. This is used, for example, by the
	# capistrano-magento2 gem for purging old content from varnish during it's deploy routine.
	if (!req.http.X-Magento-Tags-Pattern && !req.http.X-Pool) {
	return (synth(400, "X-Magento-Tags-Pattern or X-Pool header required"));
	}
	if (req.http.X-Magento-Tags-Pattern) {
	ban("obj.http.X-Magento-Tags ~ " + req.http.X-Magento-Tags-Pattern);
	}
	if (req.http.X-Pool) {
	ban("obj.http.X-Pool ~ " + req.http.X-Pool);
	}
	return (synth(200, "Purged"));
	}

	if (req.method != "GET" &&
	req.method != "HEAD" &&
	req.method != "PUT" &&
	req.method != "POST" &&
	req.method != "TRACE" &&
	req.method != "OPTIONS" &&
	req.method != "DELETE") {
	/* Non-RFC2616 or CONNECT which is weird. */
	return (pipe);
	}

	# We only deal with GET and HEAD by default
	if (req.method != "GET" && req.method != "HEAD") {
	return (pass);
	}

	# Bypass health check requests
	if (req.url ~ "^/(pub/)?(health_check.php)$") {
	return (pass);
	}

	# Set initial grace period usage status
	set req.http.grace = "none";

	# normalize url in case of leading HTTP scheme and domain
	set req.url = regsub(req.url, "^http[s]?://", "");

	# collect all cookies
	std.collect(req.http.Cookie);

	# Remove all marketing get parameters to minimize the cache objects
	if (req.url ~ "(\?\|&)(gclid\|cx\|_kx\|ie\|cof\|siteurl\|zanpid\|origin\|fbclid\|mc_[a-z]+\|utm_[a-z]+\|_bta_[a-z]+)=") {
	set req.url = regsuball(req.url, "(gclid\|cx\|_kx\|ie\|cof\|siteurl\|zanpid\|origin\|fbclid\|mc_[a-z]+\|utm_[a-z]+\|_bta_[a-z]+)=[-_A-z0-9+()%.]+&?", "");
	set req.url = regsub(req.url, "[?\|&]+$", "");
	}

	# Static files caching
	if (req.url ~ "^/(pub/)?(media\|static)/") {
	# Static files should not be cached by default
	return (pass);

	# But if you use a few locales and don't use CDN you can enable caching static files by commenting previous line (#return (pass);) and uncommenting next 3 lines
	#unset req.http.Https;
	#unset req.http./* {{ ssl_offloaded_header }} */;
	#unset req.http.Cookie;
	}

	# Bypass authenticated GraphQL requests without a X-Magento-Cache-Id
	if (req.url ~ "/graphql" && !req.http.X-Magento-Cache-Id && req.http.Authorization ~ "^Bearer") {
	return (pass);
	}

	return (hash);
	}

	sub vcl_hash {
	if ((req.url !~ "/graphql" \|\| !req.http.X-Magento-Cache-Id) && req.http.cookie ~ "X-Magento-Vary=") {
	hash_data(regsub(req.http.cookie, "^.?X-Magento-Vary=([^;]+);.*$", "\1"));
	}

	# To make sure http users don't see ssl warning
	hash_data(req.http./* {{ ssl_offloaded_header }} */);

	/* {{ design_exceptions_code }} */

	if (req.url ~ "/graphql") {
	call process_graphql_headers;
	}
	}

	sub process_graphql_headers {
	if (req.http.X-Magento-Cache-Id) {
	hash_data(req.http.X-Magento-Cache-Id);

	# When the frontend stops sending the auth token, make sure users stop getting results cached for logged-in users
	if (req.http.Authorization ~ "^Bearer") {
	hash_data("Authorized");
	}
	}

	hash_data(req.http.Store);

	hash_data(req.http.Content-Currency);
	}

	sub vcl_backend_response {

	set beresp.grace = 3d;

	if (beresp.http.content-type ~ "text") {
	set beresp.do_esi = true;
	}

	if (bereq.url ~ "\.js$" \|\| beresp.http.content-type ~ "text") {
	set beresp.do_gzip = true;
	}

	if (beresp.http.X-Magento-Debug) {
	set beresp.http.X-Magento-Cache-Control = beresp.http.Cache-Control;
	}

	# cache only successfully responses and 404s that are not marked as private
	if ((beresp.status != 200 && beresp.status != 404) \|\| beresp.http.Cache-Control ~ "private") {
	set beresp.uncacheable = true;
	set beresp.ttl = 86400s;
	return (deliver);
	}

	# validate if we need to cache it and prevent from setting cookie
	if (beresp.ttl > 0s && (bereq.method == "GET" \|\| bereq.method == "HEAD")) {
	unset beresp.http.set-cookie;
	}

	# If the cache key in the Magento response doesn't match the one that was sent in the request, don't cache under the request's key
	if (bereq.url ~ "/graphql" && bereq.http.X-Magento-Cache-Id && bereq.http.X-Magento-Cache-Id != beresp.http.X-Magento-Cache-Id) {
	set beresp.ttl = 120s;
	set beresp.uncacheable = true;
	return (deliver);
	}
	}

	sub vcl_deliver {
	if (obj.uncacheable) {
	set resp.http.X-Magento-Cache-Debug = "UNCACHEABLE";
	} else if (obj.hits) {
	set resp.http.X-Magento-Cache-Debug = "HIT";
	set resp.http.Grace = req.http.grace;
	} else {
	set resp.http.X-Magento-Cache-Debug = "MISS";
	}

	# Not letting browser to cache non-static files.
	if (resp.http.Cache-Control !~ "private" && req.url !~ "^/(pub/)?(media\|static)/") {
	set resp.http.Pragma = "no-cache";
	set resp.http.Expires = "-1";
	set resp.http.Cache-Control = "no-store, no-cache, must-revalidate, max-age=0";
	}

	if (!resp.http.X-Magento-Debug) {
	unset resp.http.Age;
	}
	unset resp.http.X-Magento-Debug;
	unset resp.http.X-Magento-Tags;
	unset resp.http.X-Powered-By;
	unset resp.http.Server;
	unset resp.http.X-Varnish;
	unset resp.http.Via;
	unset resp.http.Link;
	}

	sub vcl_hit {
	if (obj.ttl >= 0s) {
	# Hit within TTL period
	return (deliver);
	}
	if (std.healthy(req.backend_hint)) {
	if (obj.ttl + /* {{ grace_period }} */s > 0s) {
	# Hit after TTL expiration, but within grace period
	set req.http.grace = "normal (healthy server)";
	return (deliver);
	} else {
	# Hit after TTL and grace expiration
	return (restart);
	}
	} else {
	# server is not healthy, retrieve from cache
	set req.http.grace = "unlimited (unhealthy server)";
	return (deliver);
	}
	}