refs Fix from Deivison Arthur for formKey issues and switch between fixes

app/code/community/Nexcessnet/Turpentine/Helper/Data.php

@@ -270,6 +270,16 @@ public function getAutoApplyOnSave() {
             'turpentine_varnish/general/auto_apply_on_save' );
     }
 
+    /**
+     * Get config value specifying when to strip VCL whitespaces
+     *
+     * @return string
+     */
+    public function getVclFix() {
+        return Mage::getStoreConfig(
+            'turpentine_varnish/general/vcl_fix' );
+    }
+
 	/**
 	 * Get config value specifying when to strip VCL whitespaces
 	 *

app/code/community/Nexcessnet/Turpentine/Model/Observer/Esi.php

@@ -520,4 +520,29 @@ protected function _checkIsNotEsiUrl( $url ) {
     protected function _checkIsEsiUrl( $url ) {
         return !$this->_checkIsNotEsiUrl( $url );
     }
+
+    public function hookToControllerActionPreDispatch($observer) {
+        if(Mage::helper( 'turpentine/data')->getVclFix() == 0 && $observer->getEvent()->getControllerAction()->getFullActionName() == 'checkout_cart_add') {
+            Mage::dispatchEvent("add_to_cart_before", array('request' => $observer->getControllerAction()->getRequest()));
+        }
+    }
+
+    public function hookToControllerActionPostDispatch($observer) {
+        if($observer->getEvent()->getControllerAction()->getFullActionName() == 'checkout_cart_add') {
+            Mage::dispatchEvent("add_to_cart_after", array('request' => $observer->getControllerAction()->getRequest()));
+        }
+    }
+
+    public function hookToAddToCartBefore($observer) {
+        //Mage::log("hookToAddToCartBefore-antes ".print_r($observer->getEvent()->getRequest()->getParams(),true)." will be added to cart.", null, 'carrinho.log', true);
+        $key = Mage::getSingleton('core/session')->getFormKey();
+        $observer->getEvent()->getRequest()->setParam('form_key', $key);
+        $request = $observer->getEvent()->getRequest()->getParams();
+        //Mage::log("hookToAddToCartBefore ".print_r($request,true)." will be added to cart.", null, 'carrinho.log', true);
+    }
+
+    public function hookToAddToCartAfter($observer) {
+        $request = $observer->getEvent()->getRequest()->getParams();
+        //Mage::log("hookToAddToCartAfter ".print_r($request,true)." is added to cart.", null, 'carrinho.log', true);
+    }
 }

app/code/community/Nexcessnet/Turpentine/Model/Varnish/Configurator/Abstract.php

@@ -350,6 +350,48 @@ protected function _getIgnoreGetParameters()
         return implode( '|',  $ignoredParameters);
     }
 
+    /**
+     * Get the Generate Session
+     *
+     * @return string
+     */
+    protected function _getGenerateSessionStart() {
+        return Mage::getStoreConfig( 'turpentine_varnish/general/vcl_fix' )
+            ? '/* -- REMOVED' : '';
+    }
+
+    /**
+     * Get the Generate Session
+     *
+     * @return string
+     */
+    protected function _getGenerateSessionEnd() {
+        return Mage::getStoreConfig( 'turpentine_varnish/general/vcl_fix' )
+            ? '-- */' : '';
+    }
+
+
+    /**
+     * Get the Generate Session
+     *
+     * @return string
+     */
+    protected function _getGenerateSession() {
+        return Mage::getStoreConfig( 'turpentine_varnish/general/vcl_fix' )
+            ? '# call generate_session' : 'call generate_session;';
+    }
+
+
+    /**
+     * Get the Generate Session Expires
+     *
+     * @return string
+     */
+    protected function _getGenerateSessionExpires() {
+        return Mage::getStoreConfig( 'turpentine_varnish/general/vcl_fix' )
+            ? '# call generate_session_expires' : 'call generate_session_expires;';
+    }
+
     /**
      * Get the Force Static Caching option
      *
@@ -655,6 +697,10 @@ protected function _getTemplateVars() {
             'debug_headers' => $this->_getEnableDebugHeaders(),
             'grace_period'  => $this->_getGracePeriod(),
             'force_cache_static'    => $this->_getForceCacheStatic(),
+            'generate_session_expires'    => $this->_getGenerateSessionExpires(),
+            'generate_session'    => $this->_getGenerateSession(),
+            'generate_session_start'    => $this->_getGenerateSessionStart(),
+            'generate_session_end'    => $this->_getGenerateSessionEnd(),
             'static_extensions' => $this->_getStaticExtensions(),
             'static_ttl'    => $this->_getStaticTtl(),
             'url_ttls'      => $this->_getUrlTtls(),

app/code/community/Nexcessnet/Turpentine/etc/config.xml

@@ -29,6 +29,7 @@
                 <auto_apply_on_save>1</auto_apply_on_save>
                 <strip_vcl_whitespace>always</strip_vcl_whitespace>
                 <varnish_debug>0</varnish_debug>
+                <vcl_fix>1</vcl_fix>
                 <block_debug>0</block_debug>
                 <ajax_messages>1</ajax_messages>
                 <fix_product_toolbar>0</fix_product_toolbar>
@@ -416,6 +417,40 @@
                 </turpentine_esi>
             </updates>
         </layout>
+        <events>
+            <controller_action_predispatch>
+                <observers>
+                    <controller_action_before>
+                        <class>turpentine/observer_esi</class>
+                        <method>hookToControllerActionPreDispatch</method>
+                    </controller_action_before>
+                </observers>
+            </controller_action_predispatch>
+            <!--controller_action_postdispatch>
+                <observers>
+                    <controller_action_after>
+                        <class>turpentine/observer_esi</class>
+                        <method>hookToControllerActionPostDispatch</method>
+                    </controller_action_after>
+                </observers>
+            </controller_action_postdispatch-->
+            <add_to_cart_before>
+                <observers>
+                    <add_to_cart_before>
+                        <class>turpentine/observer_esi</class>
+                        <method>hookToAddToCartBefore</method>
+                    </add_to_cart_before>
+                </observers>
+            </add_to_cart_before>
+            <!--add_to_cart_after>
+                <observers>
+                    <add_to_cart_after>
+                        <class>turpentine/observer_esi</class>
+                        <method>hookToAddToCartAfter</method>
+                    </add_to_cart_after>
+                </observers>
+            </add_to_cart_after-->
+        </events>
     </frontend>
     <admin>
         <routers>

app/code/community/Nexcessnet/Turpentine/etc/system.xml

@@ -62,6 +62,16 @@
                             <show_in_website>0</show_in_website>
                             <show_in_store>0</show_in_store>
                         </strip_vcl_whitespace>
+                        <vcl_fix translate="label comment">
+                            <label>Use VCL fix</label>
+                            <comment>When Enable is selected, a VCL fix will be used to prevent formKey issues. If Disable is selected, an observer will be used.</comment>
+                            <frontend_type>select</frontend_type>
+                            <sort_order>28</sort_order>
+                            <source_model>adminhtml/system_config_source_enabledisable</source_model>
+                            <show_in_default>1</show_in_default>
+                            <show_in_website>1</show_in_website>
+                            <show_in_store>1</show_in_store>
+                        </vcl_fix>
                         <varnish_debug translate="label" module="turpentine">
                             <label>Enable Debug Info</label>
                             <comment>It is a major security vulnerability, to leave this enabled on production sites</comment>

app/code/community/Nexcessnet/Turpentine/misc/version-3.vcl

@@ -46,7 +46,7 @@ import std;
 
 ## Custom Subroutines
 
-/* -- REMOVED 
+{{generate_session_start}}
 sub generate_session {
     # generate a UUID and add `frontend=$UUID` to the Cookie header, or use SID
     # from SID URL param
@@ -93,7 +93,7 @@ sub generate_session_expires {
         );
     }C
 }
--- */
+{{generate_session_end}}
 ## Varnish Subroutines
 
 sub vcl_recv {
@@ -170,7 +170,7 @@ sub vcl_recv {
                 set req.http.Cookie = "frontend=crawler-session";
             } else {
                 # it's a real user, make up a new session for them
-                # call generate_session;
+                {{generate_session}}# call generate_session;
                 return (pipe);
             }
         }
@@ -354,6 +354,7 @@ sub vcl_deliver {
     if (req.http.X-Varnish-Faked-Session) {
         # need to set the set-cookie header since we just made it out of thin air
         # call generate_session_expires;
+        {{generate_session_expires}}
         set resp.http.Set-Cookie = req.http.X-Varnish-Faked-Session +
             "; expires=" + resp.http.X-Varnish-Cookie-Expires + "; path=/";
         if (req.http.Host) {