Anonymous user context lookup #330
Conversation
dbu
force-pushed
the
anonymous-user-context-lookup
branch
2 times, most recently
from
9241135 to
df4b4fb
Compare
|
WDYT @lolautruche @bdunogier ? |
|
Ok, seems we are +1 But does this make sense from your perspective as well @dbu ? |
doc/symfony-cache-configuration.rst
Outdated
| * **anonymous_hash**: Hash used for anonymous user. This is a performance | ||
| optimization to not do a backend request for users that are not logged in. | ||
| By default, the header is skipped. If you specify a header, that header is | ||
| used. |
There was a problem hiding this comment.
This is a bit unclear. What’s the header you’re talking about being skipped or used?
There was a problem hiding this comment.
thats the old doc, sorry. it should say "By default, a hash lookup is done. If you specify a hash, no hash lookup for anonymous users occurs and the specified hash is used."
Does that mean you have spoken with @lolautruche and @bdunogier? 😉
I have one argument against this change (which does a hash lookup for requests even if they have no Cookie/Authorization header) and in favour of #318 (which doesn’t): performance. Usually HTTP caching is optimised for the largest group of users. Arguably, that’s the anonymous users. Changing defaults to do a hash lookup (and hit Symfony) for anonymous users will degrade performance. A couple of solutions:
|
i will work on 3. if the hash is cached, it should be one additional |
|
Hi Sorry but I think I'm missing something here. Why do you want to remove the anonymous hash? I don't see the point... Anonymous hash is here for performance if you don't have any session. Difference will be quite big, even if the hash is cached. However I understand interrogations people may have about this anonymous-no-session hash, so there's more a need of documentation. |
|
one important reason is #318 (comment) - if you change the permission set of anonymous, a hardcoded hash will not change and thus the cache could be wrong. its in general confusing when the hash lookup sometimes does not happen. if we cache the lookup, i don't see the cost. the hash lookup response is shared between all anonymous users, so its done only once. |
|
Right, but what will be the cache key? AFAIR for session based requests, it was the cookie header. Is it still the case? |
|
we use whatever the backend tells that the hash depends on. which by default are the headers "Authentication" and "Cookies". you need to use vcl to clean up the cookie and only keep the cookies relevant to the backend when using the context hash (otherwise it also won't work for logged in users). |
|
Right, so there should not be any problem. +1 for me |
|
great, thanks @lolautruche - there was a lot of back and forth with this, glad we have a solution that looks ok for everyone. |
|
So we just need some small adjustments to the doc, @dbu, and we can merge this and publish 2.0 alpha! 🌟 |
dbu
force-pushed
the
anonymous-user-context-lookup
branch
from
df4b4fb to
532da82
Compare
|
i just updated the doc. can you check again if that makes sense? then lets get this merge, merge #329 and tag 2.0.0-alpha1 ! |
|
regarding making it clear that the hash lookup needs to be cached: http://foshttpcache.readthedocs.io/en/latest/user-context.html#caching-the-hash-response is pretty clear to me. anything we could add? or any other place we should point this out? |
ddeboer
force-pushed
the
anonymous-user-context-lookup
branch
from
532da82 to
9098d49
Compare
|
Amended the commit to fix the build, hang on... |
always send a hash lookup request, even for anonymous users.
the symfony HttpCache implementation allows to configure a hardcoded hash for anonymous users if that is desired, but defaults to do a hash lookup.
alternative to #318
cc @lolautruche @andrerom @bdunogier