Uploaded image for project: 'eZ Publish / Platform'
  1. eZ Publish / Platform
  2. EZP-25533

Hardcoded anonymous_hash in FosHttpCache mismatches what is generated by Platform

    Details

      Description

      FosHttpCache uses a default, hardcoded user hash for anonymous users to save on performances.

      PR FosHttpCacheBundle#274 added a consistency check on the hash that re-generates the hash using the session in order to prevent inconsistencies with expired / cleared up sessions.

      The hash that gets generated for Platform's anonymous user does not match the hardcoded one. Since it depends on how the anonymous role is configured, it may change on any instance.

      This causes anonymous requests to invalidate cached versions of pages, since the consistency check disables caches / varying.

        Issue Links

          Activity

          Hide
          Bertrand Dunogier added a comment - - edited

          PR FriendsOfSymfony/FOSHttpCacheBundle#289 that fixes anonymous user hash handling sanity check.

          PR ezsystems/ezpublish-kernel#1601 that integrates the one above.

          Show
          Bertrand Dunogier added a comment - - edited PR FriendsOfSymfony/FOSHttpCacheBundle#289 that fixes anonymous user hash handling sanity check. PR ezsystems/ezpublish-kernel#1601 that integrates the one above.
          Hide
          Bertrand Dunogier added a comment - - edited

          https://github.com/ezsystems/ezpublish-kernel/pull/1609 merged to:

          Limits the version of fos-http-cache-bundle to 1.3.6 until the pull-requests above have been merged, and the issue fixed upstream.

          Show
          Bertrand Dunogier added a comment - - edited https://github.com/ezsystems/ezpublish-kernel/pull/1609 merged to: 6.1@87dd946 (ezpublish-kernel 6.1.1) 6.2@8b3f840 (ezpublish-kernel 6.2.1) master@a05d0e6 (ezpublish-kernel 6.3.0) Limits the version of fos-http-cache-bundle to 1.3.6 until the pull-requests above have been merged, and the issue fixed upstream.
          Hide
          Bertrand Dunogier added a comment -

          New PR to ezpublish-kernel, that replaces the previous one: https://github.com/ezsystems/ezpublish-kernel/pull/1758.

          Show
          Bertrand Dunogier added a comment - New PR to ezpublish-kernel, that replaces the previous one: https://github.com/ezsystems/ezpublish-kernel/pull/1758 .
          Hide
          Bertrand Dunogier added a comment -

          It looks like the PR to http-cache-bundle is ready to be merged. Once done, I'll ask for a release so that we can close this.

          [~eduardo.fernandes@ez.no] would you mind testing the new implementation with the same scenario you have used before ? Apply this patch to ezplatform@master's composer.json, and run composer update. It should apply all the dependencies.

          Show
          Bertrand Dunogier added a comment - It looks like the PR to http-cache-bundle is ready to be merged. Once done, I'll ask for a release so that we can close this. [~eduardo.fernandes@ez.no] would you mind testing the new implementation with the same scenario you have used before ? Apply this patch to ezplatform@master's composer.json, and run composer update. It should apply all the dependencies.
          Show
          André Rømcke added a comment - Merged (6.3, 6.4, 6.5, master): https://github.com/ezsystems/ezpublish-kernel/commit/7148d39b4ee8d05478128401408c414f8d3864ff
          Hide
          Bertrand Dunogier added a comment -

          [~rui.silva@ez.no]

          • configure eZ Platform / eZ Publish Platform with a customized anonymous role
          • enable HTTP cache
          • get pages, and check the cache headers. Without this change (e.g. with the faulty fos-http-cache-bundle version) pages should not get cached
          Show
          Bertrand Dunogier added a comment - [~rui.silva@ez.no] configure eZ Platform / eZ Publish Platform with a customized anonymous role enable HTTP cache get pages, and check the cache headers. Without this change (e.g. with the faulty fos-http-cache-bundle version) pages should not get cached
          Hide
          Rui Silva (Inactive) added a comment -

          Issue could not be reproduced on an Nginx setup since QA was not able to remove the fix from the installations tested, so Sanity tests were executed to check that pages were properly cached using the respective headers, and not relevant issues were found.
          As referred on the jira, the issue does not happen at all on an Apache setup so just broad-scope sanity tests were executed on an Apache setup.
          Tested and approved by QA.

          Show
          Rui Silva (Inactive) added a comment - Issue could not be reproduced on an Nginx setup since QA was not able to remove the fix from the installations tested, so Sanity tests were executed to check that pages were properly cached using the respective headers, and not relevant issues were found. As referred on the jira, the issue does not happen at all on an Apache setup so just broad-scope sanity tests were executed on an Apache setup. Tested and approved by QA.

            People

            • Assignee:
              Unassigned
              Reporter:
              Bertrand Dunogier
            • Votes:
              0 Vote for this issue
              Watchers:
              9 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: