菜谱项目

HttpCache.php 24KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713
  1. <?php
  2. /*
  3. * This file is part of the Symfony package.
  4. *
  5. * (c) Fabien Potencier <fabien@symfony.com>
  6. *
  7. * This code is partially based on the Rack-Cache library by Ryan Tomayko,
  8. * which is released under the MIT license.
  9. * (based on commit 02d2b48d75bcb63cf1c0c7149c077ad256542801)
  10. *
  11. * For the full copyright and license information, please view the LICENSE
  12. * file that was distributed with this source code.
  13. */
  14. namespace Symfony\Component\HttpKernel\HttpCache;
  15. use Symfony\Component\HttpKernel\HttpKernelInterface;
  16. use Symfony\Component\HttpKernel\TerminableInterface;
  17. use Symfony\Component\HttpFoundation\Request;
  18. use Symfony\Component\HttpFoundation\Response;
  19. /**
  20. * Cache provides HTTP caching.
  21. *
  22. * @author Fabien Potencier <fabien@symfony.com>
  23. */
  24. class HttpCache implements HttpKernelInterface, TerminableInterface
  25. {
  26. private $kernel;
  27. private $store;
  28. private $request;
  29. private $surrogate;
  30. private $surrogateCacheStrategy;
  31. private $options = array();
  32. private $traces = array();
  33. /**
  34. * The available options are:
  35. *
  36. * * debug: If true, the traces are added as a HTTP header to ease debugging
  37. *
  38. * * default_ttl The number of seconds that a cache entry should be considered
  39. * fresh when no explicit freshness information is provided in
  40. * a response. Explicit Cache-Control or Expires headers
  41. * override this value. (default: 0)
  42. *
  43. * * private_headers Set of request headers that trigger "private" cache-control behavior
  44. * on responses that don't explicitly state whether the response is
  45. * public or private via a Cache-Control directive. (default: Authorization and Cookie)
  46. *
  47. * * allow_reload Specifies whether the client can force a cache reload by including a
  48. * Cache-Control "no-cache" directive in the request. Set it to ``true``
  49. * for compliance with RFC 2616. (default: false)
  50. *
  51. * * allow_revalidate Specifies whether the client can force a cache revalidate by including
  52. * a Cache-Control "max-age=0" directive in the request. Set it to ``true``
  53. * for compliance with RFC 2616. (default: false)
  54. *
  55. * * stale_while_revalidate Specifies the default number of seconds (the granularity is the second as the
  56. * Response TTL precision is a second) during which the cache can immediately return
  57. * a stale response while it revalidates it in the background (default: 2).
  58. * This setting is overridden by the stale-while-revalidate HTTP Cache-Control
  59. * extension (see RFC 5861).
  60. *
  61. * * stale_if_error Specifies the default number of seconds (the granularity is the second) during which
  62. * the cache can serve a stale response when an error is encountered (default: 60).
  63. * This setting is overridden by the stale-if-error HTTP Cache-Control extension
  64. * (see RFC 5861).
  65. */
  66. public function __construct(HttpKernelInterface $kernel, StoreInterface $store, SurrogateInterface $surrogate = null, array $options = array())
  67. {
  68. $this->store = $store;
  69. $this->kernel = $kernel;
  70. $this->surrogate = $surrogate;
  71. // needed in case there is a fatal error because the backend is too slow to respond
  72. register_shutdown_function(array($this->store, 'cleanup'));
  73. $this->options = array_merge(array(
  74. 'debug' => false,
  75. 'default_ttl' => 0,
  76. 'private_headers' => array('Authorization', 'Cookie'),
  77. 'allow_reload' => false,
  78. 'allow_revalidate' => false,
  79. 'stale_while_revalidate' => 2,
  80. 'stale_if_error' => 60,
  81. ), $options);
  82. }
  83. /**
  84. * Gets the current store.
  85. *
  86. * @return StoreInterface $store A StoreInterface instance
  87. */
  88. public function getStore()
  89. {
  90. return $this->store;
  91. }
  92. /**
  93. * Returns an array of events that took place during processing of the last request.
  94. *
  95. * @return array An array of events
  96. */
  97. public function getTraces()
  98. {
  99. return $this->traces;
  100. }
  101. /**
  102. * Returns a log message for the events of the last request processing.
  103. *
  104. * @return string A log message
  105. */
  106. public function getLog()
  107. {
  108. $log = array();
  109. foreach ($this->traces as $request => $traces) {
  110. $log[] = sprintf('%s: %s', $request, implode(', ', $traces));
  111. }
  112. return implode('; ', $log);
  113. }
  114. /**
  115. * Gets the Request instance associated with the master request.
  116. *
  117. * @return Request A Request instance
  118. */
  119. public function getRequest()
  120. {
  121. return $this->request;
  122. }
  123. /**
  124. * Gets the Kernel instance.
  125. *
  126. * @return HttpKernelInterface An HttpKernelInterface instance
  127. */
  128. public function getKernel()
  129. {
  130. return $this->kernel;
  131. }
  132. /**
  133. * Gets the Surrogate instance.
  134. *
  135. * @return SurrogateInterface A Surrogate instance
  136. *
  137. * @throws \LogicException
  138. */
  139. public function getSurrogate()
  140. {
  141. return $this->surrogate;
  142. }
  143. /**
  144. * {@inheritdoc}
  145. */
  146. public function handle(Request $request, $type = HttpKernelInterface::MASTER_REQUEST, $catch = true)
  147. {
  148. // FIXME: catch exceptions and implement a 500 error page here? -> in Varnish, there is a built-in error page mechanism
  149. if (HttpKernelInterface::MASTER_REQUEST === $type) {
  150. $this->traces = array();
  151. $this->request = $request;
  152. if (null !== $this->surrogate) {
  153. $this->surrogateCacheStrategy = $this->surrogate->createCacheStrategy();
  154. }
  155. }
  156. $this->traces[$this->getTraceKey($request)] = array();
  157. if (!$request->isMethodSafe(false)) {
  158. $response = $this->invalidate($request, $catch);
  159. } elseif ($request->headers->has('expect') || !$request->isMethodCacheable()) {
  160. $response = $this->pass($request, $catch);
  161. } elseif ($this->options['allow_reload'] && $request->isNoCache()) {
  162. /*
  163. If allow_reload is configured and the client requests "Cache-Control: no-cache",
  164. reload the cache by fetching a fresh response and caching it (if possible).
  165. */
  166. $this->record($request, 'reload');
  167. $response = $this->fetch($request, $catch);
  168. } else {
  169. $response = $this->lookup($request, $catch);
  170. }
  171. $this->restoreResponseBody($request, $response);
  172. if (HttpKernelInterface::MASTER_REQUEST === $type && $this->options['debug']) {
  173. $response->headers->set('X-Symfony-Cache', $this->getLog());
  174. }
  175. if (null !== $this->surrogate) {
  176. if (HttpKernelInterface::MASTER_REQUEST === $type) {
  177. $this->surrogateCacheStrategy->update($response);
  178. } else {
  179. $this->surrogateCacheStrategy->add($response);
  180. }
  181. }
  182. $response->prepare($request);
  183. $response->isNotModified($request);
  184. return $response;
  185. }
  186. /**
  187. * {@inheritdoc}
  188. */
  189. public function terminate(Request $request, Response $response)
  190. {
  191. if ($this->getKernel() instanceof TerminableInterface) {
  192. $this->getKernel()->terminate($request, $response);
  193. }
  194. }
  195. /**
  196. * Forwards the Request to the backend without storing the Response in the cache.
  197. *
  198. * @param Request $request A Request instance
  199. * @param bool $catch Whether to process exceptions
  200. *
  201. * @return Response A Response instance
  202. */
  203. protected function pass(Request $request, $catch = false)
  204. {
  205. $this->record($request, 'pass');
  206. return $this->forward($request, $catch);
  207. }
  208. /**
  209. * Invalidates non-safe methods (like POST, PUT, and DELETE).
  210. *
  211. * @param Request $request A Request instance
  212. * @param bool $catch Whether to process exceptions
  213. *
  214. * @return Response A Response instance
  215. *
  216. * @throws \Exception
  217. *
  218. * @see RFC2616 13.10
  219. */
  220. protected function invalidate(Request $request, $catch = false)
  221. {
  222. $response = $this->pass($request, $catch);
  223. // invalidate only when the response is successful
  224. if ($response->isSuccessful() || $response->isRedirect()) {
  225. try {
  226. $this->store->invalidate($request);
  227. // As per the RFC, invalidate Location and Content-Location URLs if present
  228. foreach (array('Location', 'Content-Location') as $header) {
  229. if ($uri = $response->headers->get($header)) {
  230. $subRequest = Request::create($uri, 'get', array(), array(), array(), $request->server->all());
  231. $this->store->invalidate($subRequest);
  232. }
  233. }
  234. $this->record($request, 'invalidate');
  235. } catch (\Exception $e) {
  236. $this->record($request, 'invalidate-failed');
  237. if ($this->options['debug']) {
  238. throw $e;
  239. }
  240. }
  241. }
  242. return $response;
  243. }
  244. /**
  245. * Lookups a Response from the cache for the given Request.
  246. *
  247. * When a matching cache entry is found and is fresh, it uses it as the
  248. * response without forwarding any request to the backend. When a matching
  249. * cache entry is found but is stale, it attempts to "validate" the entry with
  250. * the backend using conditional GET. When no matching cache entry is found,
  251. * it triggers "miss" processing.
  252. *
  253. * @param Request $request A Request instance
  254. * @param bool $catch Whether to process exceptions
  255. *
  256. * @return Response A Response instance
  257. *
  258. * @throws \Exception
  259. */
  260. protected function lookup(Request $request, $catch = false)
  261. {
  262. try {
  263. $entry = $this->store->lookup($request);
  264. } catch (\Exception $e) {
  265. $this->record($request, 'lookup-failed');
  266. if ($this->options['debug']) {
  267. throw $e;
  268. }
  269. return $this->pass($request, $catch);
  270. }
  271. if (null === $entry) {
  272. $this->record($request, 'miss');
  273. return $this->fetch($request, $catch);
  274. }
  275. if (!$this->isFreshEnough($request, $entry)) {
  276. $this->record($request, 'stale');
  277. return $this->validate($request, $entry, $catch);
  278. }
  279. $this->record($request, 'fresh');
  280. $entry->headers->set('Age', $entry->getAge());
  281. return $entry;
  282. }
  283. /**
  284. * Validates that a cache entry is fresh.
  285. *
  286. * The original request is used as a template for a conditional
  287. * GET request with the backend.
  288. *
  289. * @param Request $request A Request instance
  290. * @param Response $entry A Response instance to validate
  291. * @param bool $catch Whether to process exceptions
  292. *
  293. * @return Response A Response instance
  294. */
  295. protected function validate(Request $request, Response $entry, $catch = false)
  296. {
  297. $subRequest = clone $request;
  298. // send no head requests because we want content
  299. if ('HEAD' === $request->getMethod()) {
  300. $subRequest->setMethod('GET');
  301. }
  302. // add our cached last-modified validator
  303. $subRequest->headers->set('if_modified_since', $entry->headers->get('Last-Modified'));
  304. // Add our cached etag validator to the environment.
  305. // We keep the etags from the client to handle the case when the client
  306. // has a different private valid entry which is not cached here.
  307. $cachedEtags = $entry->getEtag() ? array($entry->getEtag()) : array();
  308. $requestEtags = $request->getETags();
  309. if ($etags = array_unique(array_merge($cachedEtags, $requestEtags))) {
  310. $subRequest->headers->set('if_none_match', implode(', ', $etags));
  311. }
  312. $response = $this->forward($subRequest, $catch, $entry);
  313. if (304 == $response->getStatusCode()) {
  314. $this->record($request, 'valid');
  315. // return the response and not the cache entry if the response is valid but not cached
  316. $etag = $response->getEtag();
  317. if ($etag && in_array($etag, $requestEtags) && !in_array($etag, $cachedEtags)) {
  318. return $response;
  319. }
  320. $entry = clone $entry;
  321. $entry->headers->remove('Date');
  322. foreach (array('Date', 'Expires', 'Cache-Control', 'ETag', 'Last-Modified') as $name) {
  323. if ($response->headers->has($name)) {
  324. $entry->headers->set($name, $response->headers->get($name));
  325. }
  326. }
  327. $response = $entry;
  328. } else {
  329. $this->record($request, 'invalid');
  330. }
  331. if ($response->isCacheable()) {
  332. $this->store($request, $response);
  333. }
  334. return $response;
  335. }
  336. /**
  337. * Unconditionally fetches a fresh response from the backend and
  338. * stores it in the cache if is cacheable.
  339. *
  340. * @param Request $request A Request instance
  341. * @param bool $catch Whether to process exceptions
  342. *
  343. * @return Response A Response instance
  344. */
  345. protected function fetch(Request $request, $catch = false)
  346. {
  347. $subRequest = clone $request;
  348. // send no head requests because we want content
  349. if ('HEAD' === $request->getMethod()) {
  350. $subRequest->setMethod('GET');
  351. }
  352. // avoid that the backend sends no content
  353. $subRequest->headers->remove('if_modified_since');
  354. $subRequest->headers->remove('if_none_match');
  355. $response = $this->forward($subRequest, $catch);
  356. if ($response->isCacheable()) {
  357. $this->store($request, $response);
  358. }
  359. return $response;
  360. }
  361. /**
  362. * Forwards the Request to the backend and returns the Response.
  363. *
  364. * All backend requests (cache passes, fetches, cache validations)
  365. * run through this method.
  366. *
  367. * @param Request $request A Request instance
  368. * @param bool $catch Whether to catch exceptions or not
  369. * @param Response $entry A Response instance (the stale entry if present, null otherwise)
  370. *
  371. * @return Response A Response instance
  372. */
  373. protected function forward(Request $request, $catch = false, Response $entry = null)
  374. {
  375. if ($this->surrogate) {
  376. $this->surrogate->addSurrogateCapability($request);
  377. }
  378. // modify the X-Forwarded-For header if needed
  379. $forwardedFor = $request->headers->get('X-Forwarded-For');
  380. if ($forwardedFor) {
  381. $request->headers->set('X-Forwarded-For', $forwardedFor.', '.$request->server->get('REMOTE_ADDR'));
  382. } else {
  383. $request->headers->set('X-Forwarded-For', $request->server->get('REMOTE_ADDR'));
  384. }
  385. // fix the client IP address by setting it to 127.0.0.1 as HttpCache
  386. // is always called from the same process as the backend.
  387. $request->server->set('REMOTE_ADDR', '127.0.0.1');
  388. // make sure HttpCache is a trusted proxy
  389. if (!in_array('127.0.0.1', $trustedProxies = Request::getTrustedProxies())) {
  390. $trustedProxies[] = '127.0.0.1';
  391. Request::setTrustedProxies($trustedProxies, Request::HEADER_X_FORWARDED_ALL);
  392. }
  393. // always a "master" request (as the real master request can be in cache)
  394. $response = $this->kernel->handle($request, HttpKernelInterface::MASTER_REQUEST, $catch);
  395. // FIXME: we probably need to also catch exceptions if raw === true
  396. // we don't implement the stale-if-error on Requests, which is nonetheless part of the RFC
  397. if (null !== $entry && in_array($response->getStatusCode(), array(500, 502, 503, 504))) {
  398. if (null === $age = $entry->headers->getCacheControlDirective('stale-if-error')) {
  399. $age = $this->options['stale_if_error'];
  400. }
  401. if (abs($entry->getTtl()) < $age) {
  402. $this->record($request, 'stale-if-error');
  403. return $entry;
  404. }
  405. }
  406. /*
  407. RFC 7231 Sect. 7.1.1.2 says that a server that does not have a reasonably accurate
  408. clock MUST NOT send a "Date" header, although it MUST send one in most other cases
  409. except for 1xx or 5xx responses where it MAY do so.
  410. Anyway, a client that received a message without a "Date" header MUST add it.
  411. */
  412. if (!$response->headers->has('Date')) {
  413. $response->setDate(\DateTime::createFromFormat('U', time()));
  414. }
  415. $this->processResponseBody($request, $response);
  416. if ($this->isPrivateRequest($request) && !$response->headers->hasCacheControlDirective('public')) {
  417. $response->setPrivate();
  418. } elseif ($this->options['default_ttl'] > 0 && null === $response->getTtl() && !$response->headers->getCacheControlDirective('must-revalidate')) {
  419. $response->setTtl($this->options['default_ttl']);
  420. }
  421. return $response;
  422. }
  423. /**
  424. * Checks whether the cache entry is "fresh enough" to satisfy the Request.
  425. *
  426. * @return bool true if the cache entry if fresh enough, false otherwise
  427. */
  428. protected function isFreshEnough(Request $request, Response $entry)
  429. {
  430. if (!$entry->isFresh()) {
  431. return $this->lock($request, $entry);
  432. }
  433. if ($this->options['allow_revalidate'] && null !== $maxAge = $request->headers->getCacheControlDirective('max-age')) {
  434. return $maxAge > 0 && $maxAge >= $entry->getAge();
  435. }
  436. return true;
  437. }
  438. /**
  439. * Locks a Request during the call to the backend.
  440. *
  441. * @return bool true if the cache entry can be returned even if it is staled, false otherwise
  442. */
  443. protected function lock(Request $request, Response $entry)
  444. {
  445. // try to acquire a lock to call the backend
  446. $lock = $this->store->lock($request);
  447. if (true === $lock) {
  448. // we have the lock, call the backend
  449. return false;
  450. }
  451. // there is already another process calling the backend
  452. // May we serve a stale response?
  453. if ($this->mayServeStaleWhileRevalidate($entry)) {
  454. $this->record($request, 'stale-while-revalidate');
  455. return true;
  456. }
  457. // wait for the lock to be released
  458. if ($this->waitForLock($request)) {
  459. // replace the current entry with the fresh one
  460. $new = $this->lookup($request);
  461. $entry->headers = $new->headers;
  462. $entry->setContent($new->getContent());
  463. $entry->setStatusCode($new->getStatusCode());
  464. $entry->setProtocolVersion($new->getProtocolVersion());
  465. foreach ($new->headers->getCookies() as $cookie) {
  466. $entry->headers->setCookie($cookie);
  467. }
  468. } else {
  469. // backend is slow as hell, send a 503 response (to avoid the dog pile effect)
  470. $entry->setStatusCode(503);
  471. $entry->setContent('503 Service Unavailable');
  472. $entry->headers->set('Retry-After', 10);
  473. }
  474. return true;
  475. }
  476. /**
  477. * Writes the Response to the cache.
  478. *
  479. * @throws \Exception
  480. */
  481. protected function store(Request $request, Response $response)
  482. {
  483. try {
  484. $this->store->write($request, $response);
  485. $this->record($request, 'store');
  486. $response->headers->set('Age', $response->getAge());
  487. } catch (\Exception $e) {
  488. $this->record($request, 'store-failed');
  489. if ($this->options['debug']) {
  490. throw $e;
  491. }
  492. }
  493. // now that the response is cached, release the lock
  494. $this->store->unlock($request);
  495. }
  496. /**
  497. * Restores the Response body.
  498. */
  499. private function restoreResponseBody(Request $request, Response $response)
  500. {
  501. if ($response->headers->has('X-Body-Eval')) {
  502. ob_start();
  503. if ($response->headers->has('X-Body-File')) {
  504. include $response->headers->get('X-Body-File');
  505. } else {
  506. eval('; ?>'.$response->getContent().'<?php ;');
  507. }
  508. $response->setContent(ob_get_clean());
  509. $response->headers->remove('X-Body-Eval');
  510. if (!$response->headers->has('Transfer-Encoding')) {
  511. $response->headers->set('Content-Length', strlen($response->getContent()));
  512. }
  513. } elseif ($response->headers->has('X-Body-File')) {
  514. // Response does not include possibly dynamic content (ESI, SSI), so we need
  515. // not handle the content for HEAD requests
  516. if (!$request->isMethod('HEAD')) {
  517. $response->setContent(file_get_contents($response->headers->get('X-Body-File')));
  518. }
  519. } else {
  520. return;
  521. }
  522. $response->headers->remove('X-Body-File');
  523. }
  524. protected function processResponseBody(Request $request, Response $response)
  525. {
  526. if (null !== $this->surrogate && $this->surrogate->needsParsing($response)) {
  527. $this->surrogate->process($request, $response);
  528. }
  529. }
  530. /**
  531. * Checks if the Request includes authorization or other sensitive information
  532. * that should cause the Response to be considered private by default.
  533. *
  534. * @return bool true if the Request is private, false otherwise
  535. */
  536. private function isPrivateRequest(Request $request)
  537. {
  538. foreach ($this->options['private_headers'] as $key) {
  539. $key = strtolower(str_replace('HTTP_', '', $key));
  540. if ('cookie' === $key) {
  541. if (count($request->cookies->all())) {
  542. return true;
  543. }
  544. } elseif ($request->headers->has($key)) {
  545. return true;
  546. }
  547. }
  548. return false;
  549. }
  550. /**
  551. * Records that an event took place.
  552. *
  553. * @param Request $request A Request instance
  554. * @param string $event The event name
  555. */
  556. private function record(Request $request, $event)
  557. {
  558. $this->traces[$this->getTraceKey($request)][] = $event;
  559. }
  560. /**
  561. * Calculates the key we use in the "trace" array for a given request.
  562. *
  563. * @param Request $request
  564. *
  565. * @return string
  566. */
  567. private function getTraceKey(Request $request)
  568. {
  569. $path = $request->getPathInfo();
  570. if ($qs = $request->getQueryString()) {
  571. $path .= '?'.$qs;
  572. }
  573. return $request->getMethod().' '.$path;
  574. }
  575. /**
  576. * Checks whether the given (cached) response may be served as "stale" when a revalidation
  577. * is currently in progress.
  578. *
  579. * @param Response $entry
  580. *
  581. * @return bool true when the stale response may be served, false otherwise
  582. */
  583. private function mayServeStaleWhileRevalidate(Response $entry)
  584. {
  585. $timeout = $entry->headers->getCacheControlDirective('stale-while-revalidate');
  586. if (null === $timeout) {
  587. $timeout = $this->options['stale_while_revalidate'];
  588. }
  589. return abs($entry->getTtl()) < $timeout;
  590. }
  591. /**
  592. * Waits for the store to release a locked entry.
  593. *
  594. * @param Request $request The request to wait for
  595. *
  596. * @return bool true if the lock was released before the internal timeout was hit; false if the wait timeout was exceeded
  597. */
  598. private function waitForLock(Request $request)
  599. {
  600. $wait = 0;
  601. while ($this->store->isLocked($request) && $wait < 5000000) {
  602. usleep(50000);
  603. $wait += 50000;
  604. }
  605. return $wait < 5000000;
  606. }
  607. }