diogo/symfony
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
forked from https://github.com/symfony/symfony
This repository has been archived on 2023-08-20. You can view files and clone it, but cannot push or open issues or pull requests.
49,198 Commits 24 Branches 563 Tags 228 MiB
PHP 98.7%
Twig 1.1%
CSS 0.1%
4bbd76d4fe
Go to file
Fabien Potencier 4bbd76d4fe bug #41663 [HttpKernel] [HttpCache] Keep s-maxage=0 from ESI sub-responses (mpdude) 
This PR was squashed before being merged into the 4.4 branch.

Discussion
----------

[HttpKernel] [HttpCache] Keep s-maxage=0 from ESI sub-responses

| Q             | A
| ------------- | ---
| Branch?       | 4.4
| Bug fix?      | yes
| New feature?  | no
| Deprecations? | no
| Tickets       |
| License       | MIT
| Doc PR        |

When the `ResponseCacheStrategy` is merging ESI surrogates and the master response, it treats `s-maxage=0` as if no `s-maxage` has been set.

The result is that for a main and a surrogate response that both are `public, s-maxage=0`, the result will only be `public`, with no further expiration time.

https://datatracker.ietf.org/doc/html/rfc7234#section-4.2.2 allows caches to assign a _heuristic expiration time_ when no explicit expiration time has been given but the response has been marked as explicitly cacheable with `public`. Clearly, such a heuristic was _not_ intended or desired when `public, s-maxage=0` was given.

This PR ensures that `s-maxage=0` is passed along with the resulting response.

### Some notes on `s-maxage=0`

You might argue that `s-maxage=0` does not make sense on a response.

According to https://datatracker.ietf.org/doc/html/rfc7234#section-3.2, `s-maxage=0` is a valid setting to ensure that a cached response "cannot be used to satisfy a subsequent request without revalidating it on the origin server".

This setting can be used to keep responses in edge caches/CDNs, but to re-validate on every request. The bottom line result can still be faster (304 + response already at the edge vs. fetch response from origin).

To my understanding, the difference between `s-maxage=0` and `must-revalidate` is that a "disconnected" cache (one that cannot contact the origin server) _must not_ use a stale response when `must-revalidate` is used, but _is not prohibited_  from doing so for `s-maxage=0` (https://datatracker.ietf.org/doc/html/rfc7234#section-4.2.4). In other words, `must-revalidate` is not exactly the same as (or the "right" way instead of) `s-maxage=0`.

In the special case of ESI (composite) responses, revalidation is not possible (no `ETag`, no `Last-Modified`). But, as explained above, it is still important to pass on the explicit expiration time, instead of having no value for it.

Commits
-------

ee7bc0272e [HttpKernel] [HttpCache] Keep s-maxage=0 from ESI sub-responses
2021-06-23 11:45:01 +02:00
.github Pin masterminds/html5 to the master branch for PHP 8.1 2021-06-22 17:42:29 +02:00
src/Symfony bug #41663 [HttpKernel] [HttpCache] Keep s-maxage=0 from ESI sub-responses (mpdude) 2021-06-23 11:45:01 +02:00
.appveyor.yml Ignore indirect deprecation triggered by doctrine/orm 2021-02-16 10:34:45 +01:00
.editorconfig Update .editorconfig 2018-09-06 16:22:56 +02:00
.gitattributes "export-ignore" contracts and phpunit-bridge 2021-01-22 10:53:35 +01:00
.gitignore Migrate configuration file for PHP CS Fixer 2.19/3.0 2021-05-15 21:29:53 +02:00
.php-cs-fixer.dist.php Migrate configuration file for PHP CS Fixer 2.19/3.0 2021-05-15 21:29:53 +02:00
.travis.yml Optimize travis file a bit 2021-06-08 13:38:09 +02:00
CHANGELOG-4.0.md Merge branch '3.4' into 4.1 2018-08-01 18:22:14 +02:00
CHANGELOG-4.1.md updated CHANGELOG for 4.1.10 2019-01-06 17:16:07 +01:00
CHANGELOG-4.2.md updated CHANGELOG for 4.2.10 2019-06-26 16:19:37 +02:00
CHANGELOG-4.3.md updated CHANGELOG for 4.3.10 2020-01-21 14:13:32 +01:00
CHANGELOG-4.4.md Update CHANGELOG for 4.4.25 2021-06-01 09:11:35 +02:00
CODE_OF_CONDUCT.md Added the Code of Conduct file 2018-10-10 03:13:30 -07:00
composer.json bug #39847 [Messenger] Fix merging PrototypedArrayNode associative values (svityashchuk) 2021-05-22 21:45:48 +02:00
CONTRIBUTING.md Mention the community review guide 2016-12-18 22:02:35 +01:00
CONTRIBUTORS.md Update CONTRIBUTORS for 4.4.25 2021-06-01 09:12:02 +02:00
LICENSE Bump license year 2021-01-01 10:24:35 +01:00
link Fix CS in link binary 2020-12-10 19:02:00 +01:00
phpunit sync ./phpunit in all branches 2021-05-27 14:44:44 +02:00
phpunit.xml.dist Adds LDAP Adapter test in integration group 2020-11-16 15:17:13 +01:00
psalm.xml Adding a Github action to run Psalm 2021-02-25 17:18:18 +01:00
README.md Update README.md 2020-12-29 01:17:49 +01:00
UPGRADE-4.0.md Fix CS in changelogs 2020-12-10 17:34:26 +01:00
UPGRADE-4.1.md Merge branch '4.0' into 4.1 2018-05-31 12:17:53 +02:00
UPGRADE-4.2.md Merge branch '3.4' into 4.3 2020-01-08 18:19:22 +01:00
UPGRADE-4.3.md Merge branch '4.3' into 4.4 2019-11-19 13:20:06 +01:00
UPGRADE-4.4.md Fix CS in changelogs 2020-12-10 17:34:26 +01:00
UPGRADE-5.0.md Fix CS in changelogs 2020-12-10 17:34:26 +01:00

README.md

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Symfony is used by thousands of web applications (including BlaBlaCar.com and Spotify.com) and most of the popular PHP projects (including Drupal and Magento).

Installation

Documentation

Community

Contributing

Symfony is an Open Source, community-driven project with thousands of contributors. Join them contributing code or contributing documentation.

Security Issues

If you discover a security vulnerability within Symfony, please follow our disclosure procedure.

About Us

Symfony development is sponsored by SensioLabs, led by the Symfony Core Team and supported by Symfony contributors.