Bug Report #1189

Cache library's sanitizing of ID's should happen at driver level

Added by Josh Turmel - almost 3 years ago. Updated almost 3 years ago.

Status:Closed Start date:
Priority:High Due date:
Assignee:Kiall Mac Innes % Done:

100%
Category:Libraries:Cache
Target version:2.4
Resolution:fixed Points:

Description

When the cache library sanitized the cache id, it currently does this at the core level instead of doing it at the driver level. This should be switched to driver level. Here's why.

Building a very high load site (API) and using Nginx connecting directly to memcached to serve high-load pages. The advantage is we never spawn PHP, this setup can easily support thousands of requests per second on your average run of the mill hardware.

In Nginx, you use the requested uri along with GET arguments as the cache key. Problem is when you set the key/value in PHP with the module, it turns slashes into equals, when Nginx/memcached then try to grab it, it doesn't find it since it was actually stored with equals.

Conclusion, each cache driver should sanitize what is necessary to sanitize in the way that driver implements cache.

nginx-memcached.png - Diagram example of what we're doing incase anyone is interested (23.1 kB) Josh Turmel -, 03/13/2009 08:28 pm

Associated revisions

Revision 4323
Added by Kiall Mac Innes almost 3 years ago

fixes #1189 - Thanks Josh

Revision 4324
Added by Kiall Mac Innes almost 3 years ago

refs #1189 - Quick update to r4323

History

#1
Updated by Jeremy Bush almost 3 years ago

Have you fixed this locally and can you supply a patch?

#2
Updated by Josh Turmel - almost 3 years ago

That would involve going through all the cache drivers and modifying them which I have not yet.

If it's just something we want to keep in mind for 3.0 that's fine as well.

Josh

#3
Updated by Kiall Mac Innes almost 3 years ago

  • Status changed from New to Assigned
  • Assignee set to Kiall Mac Innes
  • Target version changed from 2.3.3 to 2.4

Moved to 2.4 since it would be an API change in Cache_Driver.

#4
Updated by Kiall Mac Innes almost 3 years ago

  • Resolution set to fixed

I've moved the sanitize_id() method out to the Drivers - I've been unable to find concrete lists of what ID's should/shouldn't be allowed for each of the drivers. So all drivers bar memcahe have been left as is.

Memcache now allows /'s.

This should be an easy backport to 2.3.X if anyone needs it.

#5
Updated by Kiall Mac Innes almost 3 years ago

  • Status changed from Assigned to Closed
  • % Done changed from 0 to 100

Applied in changeset r4323.

Also available in: Atom PDF