Нет описания

HttpCache.php 24KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694
  1. <?php
  2. /*
  3. * This file is part of the Symfony package.
  4. *
  5. * (c) Fabien Potencier <fabien@symfony.com>
  6. *
  7. * This code is partially based on the Rack-Cache library by Ryan Tomayko,
  8. * which is released under the MIT license.
  9. * (based on commit 02d2b48d75bcb63cf1c0c7149c077ad256542801)
  10. *
  11. * For the full copyright and license information, please view the LICENSE
  12. * file that was distributed with this source code.
  13. */
  14. namespace Symfony\Component\HttpKernel\HttpCache;
  15. use Symfony\Component\HttpKernel\HttpKernelInterface;
  16. use Symfony\Component\HttpKernel\TerminableInterface;
  17. use Symfony\Component\HttpFoundation\Request;
  18. use Symfony\Component\HttpFoundation\Response;
  19. /**
  20. * Cache provides HTTP caching.
  21. *
  22. * @author Fabien Potencier <fabien@symfony.com>
  23. */
  24. class HttpCache implements HttpKernelInterface, TerminableInterface
  25. {
  26. private $kernel;
  27. private $store;
  28. private $request;
  29. private $surrogate;
  30. private $surrogateCacheStrategy;
  31. private $options = array();
  32. private $traces = array();
  33. /**
  34. * Constructor.
  35. *
  36. * The available options are:
  37. *
  38. * * debug: If true, the traces are added as a HTTP header to ease debugging
  39. *
  40. * * default_ttl The number of seconds that a cache entry should be considered
  41. * fresh when no explicit freshness information is provided in
  42. * a response. Explicit Cache-Control or Expires headers
  43. * override this value. (default: 0)
  44. *
  45. * * private_headers Set of request headers that trigger "private" cache-control behavior
  46. * on responses that don't explicitly state whether the response is
  47. * public or private via a Cache-Control directive. (default: Authorization and Cookie)
  48. *
  49. * * allow_reload Specifies whether the client can force a cache reload by including a
  50. * Cache-Control "no-cache" directive in the request. Set it to ``true``
  51. * for compliance with RFC 2616. (default: false)
  52. *
  53. * * allow_revalidate Specifies whether the client can force a cache revalidate by including
  54. * a Cache-Control "max-age=0" directive in the request. Set it to ``true``
  55. * for compliance with RFC 2616. (default: false)
  56. *
  57. * * stale_while_revalidate Specifies the default number of seconds (the granularity is the second as the
  58. * Response TTL precision is a second) during which the cache can immediately return
  59. * a stale response while it revalidates it in the background (default: 2).
  60. * This setting is overridden by the stale-while-revalidate HTTP Cache-Control
  61. * extension (see RFC 5861).
  62. *
  63. * * stale_if_error Specifies the default number of seconds (the granularity is the second) during which
  64. * the cache can serve a stale response when an error is encountered (default: 60).
  65. * This setting is overridden by the stale-if-error HTTP Cache-Control extension
  66. * (see RFC 5861).
  67. *
  68. * @param HttpKernelInterface $kernel An HttpKernelInterface instance
  69. * @param StoreInterface $store A Store instance
  70. * @param SurrogateInterface $surrogate A SurrogateInterface instance
  71. * @param array $options An array of options
  72. */
  73. public function __construct(HttpKernelInterface $kernel, StoreInterface $store, SurrogateInterface $surrogate = null, array $options = array())
  74. {
  75. $this->store = $store;
  76. $this->kernel = $kernel;
  77. $this->surrogate = $surrogate;
  78. // needed in case there is a fatal error because the backend is too slow to respond
  79. register_shutdown_function(array($this->store, 'cleanup'));
  80. $this->options = array_merge(array(
  81. 'debug' => false,
  82. 'default_ttl' => 0,
  83. 'private_headers' => array('Authorization', 'Cookie'),
  84. 'allow_reload' => false,
  85. 'allow_revalidate' => false,
  86. 'stale_while_revalidate' => 2,
  87. 'stale_if_error' => 60,
  88. ), $options);
  89. }
  90. /**
  91. * Gets the current store.
  92. *
  93. * @return StoreInterface $store A StoreInterface instance
  94. */
  95. public function getStore()
  96. {
  97. return $this->store;
  98. }
  99. /**
  100. * Returns an array of events that took place during processing of the last request.
  101. *
  102. * @return array An array of events
  103. */
  104. public function getTraces()
  105. {
  106. return $this->traces;
  107. }
  108. /**
  109. * Returns a log message for the events of the last request processing.
  110. *
  111. * @return string A log message
  112. */
  113. public function getLog()
  114. {
  115. $log = array();
  116. foreach ($this->traces as $request => $traces) {
  117. $log[] = sprintf('%s: %s', $request, implode(', ', $traces));
  118. }
  119. return implode('; ', $log);
  120. }
  121. /**
  122. * Gets the Request instance associated with the master request.
  123. *
  124. * @return Request A Request instance
  125. */
  126. public function getRequest()
  127. {
  128. return $this->request;
  129. }
  130. /**
  131. * Gets the Kernel instance.
  132. *
  133. * @return HttpKernelInterface An HttpKernelInterface instance
  134. */
  135. public function getKernel()
  136. {
  137. return $this->kernel;
  138. }
  139. /**
  140. * Gets the Surrogate instance.
  141. *
  142. * @return SurrogateInterface A Surrogate instance
  143. *
  144. * @throws \LogicException
  145. */
  146. public function getSurrogate()
  147. {
  148. return $this->surrogate;
  149. }
  150. /**
  151. * {@inheritdoc}
  152. */
  153. public function handle(Request $request, $type = HttpKernelInterface::MASTER_REQUEST, $catch = true)
  154. {
  155. // FIXME: catch exceptions and implement a 500 error page here? -> in Varnish, there is a built-in error page mechanism
  156. if (HttpKernelInterface::MASTER_REQUEST === $type) {
  157. $this->traces = array();
  158. $this->request = $request;
  159. if (null !== $this->surrogate) {
  160. $this->surrogateCacheStrategy = $this->surrogate->createCacheStrategy();
  161. }
  162. }
  163. $path = $request->getPathInfo();
  164. if ($qs = $request->getQueryString()) {
  165. $path .= '?'.$qs;
  166. }
  167. $this->traces[$request->getMethod().' '.$path] = array();
  168. if (!$request->isMethodSafe(false)) {
  169. $response = $this->invalidate($request, $catch);
  170. } elseif ($request->headers->has('expect') || !$request->isMethodCacheable()) {
  171. $response = $this->pass($request, $catch);
  172. } else {
  173. $response = $this->lookup($request, $catch);
  174. }
  175. $this->restoreResponseBody($request, $response);
  176. $response->setDate(\DateTime::createFromFormat('U', time(), new \DateTimeZone('UTC')));
  177. if (HttpKernelInterface::MASTER_REQUEST === $type && $this->options['debug']) {
  178. $response->headers->set('X-Symfony-Cache', $this->getLog());
  179. }
  180. if (null !== $this->surrogate) {
  181. if (HttpKernelInterface::MASTER_REQUEST === $type) {
  182. $this->surrogateCacheStrategy->update($response);
  183. } else {
  184. $this->surrogateCacheStrategy->add($response);
  185. }
  186. }
  187. $response->prepare($request);
  188. $response->isNotModified($request);
  189. return $response;
  190. }
  191. /**
  192. * {@inheritdoc}
  193. */
  194. public function terminate(Request $request, Response $response)
  195. {
  196. if ($this->getKernel() instanceof TerminableInterface) {
  197. $this->getKernel()->terminate($request, $response);
  198. }
  199. }
  200. /**
  201. * Forwards the Request to the backend without storing the Response in the cache.
  202. *
  203. * @param Request $request A Request instance
  204. * @param bool $catch Whether to process exceptions
  205. *
  206. * @return Response A Response instance
  207. */
  208. protected function pass(Request $request, $catch = false)
  209. {
  210. $this->record($request, 'pass');
  211. return $this->forward($request, $catch);
  212. }
  213. /**
  214. * Invalidates non-safe methods (like POST, PUT, and DELETE).
  215. *
  216. * @param Request $request A Request instance
  217. * @param bool $catch Whether to process exceptions
  218. *
  219. * @return Response A Response instance
  220. *
  221. * @throws \Exception
  222. *
  223. * @see RFC2616 13.10
  224. */
  225. protected function invalidate(Request $request, $catch = false)
  226. {
  227. $response = $this->pass($request, $catch);
  228. // invalidate only when the response is successful
  229. if ($response->isSuccessful() || $response->isRedirect()) {
  230. try {
  231. $this->store->invalidate($request);
  232. // As per the RFC, invalidate Location and Content-Location URLs if present
  233. foreach (array('Location', 'Content-Location') as $header) {
  234. if ($uri = $response->headers->get($header)) {
  235. $subRequest = Request::create($uri, 'get', array(), array(), array(), $request->server->all());
  236. $this->store->invalidate($subRequest);
  237. }
  238. }
  239. $this->record($request, 'invalidate');
  240. } catch (\Exception $e) {
  241. $this->record($request, 'invalidate-failed');
  242. if ($this->options['debug']) {
  243. throw $e;
  244. }
  245. }
  246. }
  247. return $response;
  248. }
  249. /**
  250. * Lookups a Response from the cache for the given Request.
  251. *
  252. * When a matching cache entry is found and is fresh, it uses it as the
  253. * response without forwarding any request to the backend. When a matching
  254. * cache entry is found but is stale, it attempts to "validate" the entry with
  255. * the backend using conditional GET. When no matching cache entry is found,
  256. * it triggers "miss" processing.
  257. *
  258. * @param Request $request A Request instance
  259. * @param bool $catch whether to process exceptions
  260. *
  261. * @return Response A Response instance
  262. *
  263. * @throws \Exception
  264. */
  265. protected function lookup(Request $request, $catch = false)
  266. {
  267. // if allow_reload and no-cache Cache-Control, allow a cache reload
  268. if ($this->options['allow_reload'] && $request->isNoCache()) {
  269. $this->record($request, 'reload');
  270. return $this->fetch($request, $catch);
  271. }
  272. try {
  273. $entry = $this->store->lookup($request);
  274. } catch (\Exception $e) {
  275. $this->record($request, 'lookup-failed');
  276. if ($this->options['debug']) {
  277. throw $e;
  278. }
  279. return $this->pass($request, $catch);
  280. }
  281. if (null === $entry) {
  282. $this->record($request, 'miss');
  283. return $this->fetch($request, $catch);
  284. }
  285. if (!$this->isFreshEnough($request, $entry)) {
  286. $this->record($request, 'stale');
  287. return $this->validate($request, $entry, $catch);
  288. }
  289. $this->record($request, 'fresh');
  290. $entry->headers->set('Age', $entry->getAge());
  291. return $entry;
  292. }
  293. /**
  294. * Validates that a cache entry is fresh.
  295. *
  296. * The original request is used as a template for a conditional
  297. * GET request with the backend.
  298. *
  299. * @param Request $request A Request instance
  300. * @param Response $entry A Response instance to validate
  301. * @param bool $catch Whether to process exceptions
  302. *
  303. * @return Response A Response instance
  304. */
  305. protected function validate(Request $request, Response $entry, $catch = false)
  306. {
  307. $subRequest = clone $request;
  308. // send no head requests because we want content
  309. if ('HEAD' === $request->getMethod()) {
  310. $subRequest->setMethod('GET');
  311. }
  312. // add our cached last-modified validator
  313. $subRequest->headers->set('if_modified_since', $entry->headers->get('Last-Modified'));
  314. // Add our cached etag validator to the environment.
  315. // We keep the etags from the client to handle the case when the client
  316. // has a different private valid entry which is not cached here.
  317. $cachedEtags = $entry->getEtag() ? array($entry->getEtag()) : array();
  318. $requestEtags = $request->getETags();
  319. if ($etags = array_unique(array_merge($cachedEtags, $requestEtags))) {
  320. $subRequest->headers->set('if_none_match', implode(', ', $etags));
  321. }
  322. $response = $this->forward($subRequest, $catch, $entry);
  323. if (304 == $response->getStatusCode()) {
  324. $this->record($request, 'valid');
  325. // return the response and not the cache entry if the response is valid but not cached
  326. $etag = $response->getEtag();
  327. if ($etag && in_array($etag, $requestEtags) && !in_array($etag, $cachedEtags)) {
  328. return $response;
  329. }
  330. $entry = clone $entry;
  331. $entry->headers->remove('Date');
  332. foreach (array('Date', 'Expires', 'Cache-Control', 'ETag', 'Last-Modified') as $name) {
  333. if ($response->headers->has($name)) {
  334. $entry->headers->set($name, $response->headers->get($name));
  335. }
  336. }
  337. $response = $entry;
  338. } else {
  339. $this->record($request, 'invalid');
  340. }
  341. if ($response->isCacheable()) {
  342. $this->store($request, $response);
  343. }
  344. return $response;
  345. }
  346. /**
  347. * Forwards the Request to the backend and determines whether the response should be stored.
  348. *
  349. * This methods is triggered when the cache missed or a reload is required.
  350. *
  351. * @param Request $request A Request instance
  352. * @param bool $catch whether to process exceptions
  353. *
  354. * @return Response A Response instance
  355. */
  356. protected function fetch(Request $request, $catch = false)
  357. {
  358. $subRequest = clone $request;
  359. // send no head requests because we want content
  360. if ('HEAD' === $request->getMethod()) {
  361. $subRequest->setMethod('GET');
  362. }
  363. // avoid that the backend sends no content
  364. $subRequest->headers->remove('if_modified_since');
  365. $subRequest->headers->remove('if_none_match');
  366. $response = $this->forward($subRequest, $catch);
  367. if ($response->isCacheable()) {
  368. $this->store($request, $response);
  369. }
  370. return $response;
  371. }
  372. /**
  373. * Forwards the Request to the backend and returns the Response.
  374. *
  375. * @param Request $request A Request instance
  376. * @param bool $catch Whether to catch exceptions or not
  377. * @param Response $entry A Response instance (the stale entry if present, null otherwise)
  378. *
  379. * @return Response A Response instance
  380. */
  381. protected function forward(Request $request, $catch = false, Response $entry = null)
  382. {
  383. if ($this->surrogate) {
  384. $this->surrogate->addSurrogateCapability($request);
  385. }
  386. // modify the X-Forwarded-For header if needed
  387. $forwardedFor = $request->headers->get('X-Forwarded-For');
  388. if ($forwardedFor) {
  389. $request->headers->set('X-Forwarded-For', $forwardedFor.', '.$request->server->get('REMOTE_ADDR'));
  390. } else {
  391. $request->headers->set('X-Forwarded-For', $request->server->get('REMOTE_ADDR'));
  392. }
  393. // fix the client IP address by setting it to 127.0.0.1 as HttpCache
  394. // is always called from the same process as the backend.
  395. $request->server->set('REMOTE_ADDR', '127.0.0.1');
  396. // make sure HttpCache is a trusted proxy
  397. if (!in_array('127.0.0.1', $trustedProxies = Request::getTrustedProxies())) {
  398. $trustedProxies[] = '127.0.0.1';
  399. Request::setTrustedProxies($trustedProxies);
  400. }
  401. // always a "master" request (as the real master request can be in cache)
  402. $response = $this->kernel->handle($request, HttpKernelInterface::MASTER_REQUEST, $catch);
  403. // FIXME: we probably need to also catch exceptions if raw === true
  404. // we don't implement the stale-if-error on Requests, which is nonetheless part of the RFC
  405. if (null !== $entry && in_array($response->getStatusCode(), array(500, 502, 503, 504))) {
  406. if (null === $age = $entry->headers->getCacheControlDirective('stale-if-error')) {
  407. $age = $this->options['stale_if_error'];
  408. }
  409. if (abs($entry->getTtl()) < $age) {
  410. $this->record($request, 'stale-if-error');
  411. return $entry;
  412. }
  413. }
  414. $this->processResponseBody($request, $response);
  415. if ($this->isPrivateRequest($request) && !$response->headers->hasCacheControlDirective('public')) {
  416. $response->setPrivate();
  417. } elseif ($this->options['default_ttl'] > 0 && null === $response->getTtl() && !$response->headers->getCacheControlDirective('must-revalidate')) {
  418. $response->setTtl($this->options['default_ttl']);
  419. }
  420. return $response;
  421. }
  422. /**
  423. * Checks whether the cache entry is "fresh enough" to satisfy the Request.
  424. *
  425. * @param Request $request A Request instance
  426. * @param Response $entry A Response instance
  427. *
  428. * @return bool true if the cache entry if fresh enough, false otherwise
  429. */
  430. protected function isFreshEnough(Request $request, Response $entry)
  431. {
  432. if (!$entry->isFresh()) {
  433. return $this->lock($request, $entry);
  434. }
  435. if ($this->options['allow_revalidate'] && null !== $maxAge = $request->headers->getCacheControlDirective('max-age')) {
  436. return $maxAge > 0 && $maxAge >= $entry->getAge();
  437. }
  438. return true;
  439. }
  440. /**
  441. * Locks a Request during the call to the backend.
  442. *
  443. * @param Request $request A Request instance
  444. * @param Response $entry A Response instance
  445. *
  446. * @return bool true if the cache entry can be returned even if it is staled, false otherwise
  447. */
  448. protected function lock(Request $request, Response $entry)
  449. {
  450. // try to acquire a lock to call the backend
  451. $lock = $this->store->lock($request);
  452. // there is already another process calling the backend
  453. if (true !== $lock) {
  454. // check if we can serve the stale entry
  455. if (null === $age = $entry->headers->getCacheControlDirective('stale-while-revalidate')) {
  456. $age = $this->options['stale_while_revalidate'];
  457. }
  458. if (abs($entry->getTtl()) < $age) {
  459. $this->record($request, 'stale-while-revalidate');
  460. // server the stale response while there is a revalidation
  461. return true;
  462. }
  463. // wait for the lock to be released
  464. $wait = 0;
  465. while ($this->store->isLocked($request) && $wait < 5000000) {
  466. usleep(50000);
  467. $wait += 50000;
  468. }
  469. if ($wait < 5000000) {
  470. // replace the current entry with the fresh one
  471. $new = $this->lookup($request);
  472. $entry->headers = $new->headers;
  473. $entry->setContent($new->getContent());
  474. $entry->setStatusCode($new->getStatusCode());
  475. $entry->setProtocolVersion($new->getProtocolVersion());
  476. foreach ($new->headers->getCookies() as $cookie) {
  477. $entry->headers->setCookie($cookie);
  478. }
  479. } else {
  480. // backend is slow as hell, send a 503 response (to avoid the dog pile effect)
  481. $entry->setStatusCode(503);
  482. $entry->setContent('503 Service Unavailable');
  483. $entry->headers->set('Retry-After', 10);
  484. }
  485. return true;
  486. }
  487. // we have the lock, call the backend
  488. return false;
  489. }
  490. /**
  491. * Writes the Response to the cache.
  492. *
  493. * @param Request $request A Request instance
  494. * @param Response $response A Response instance
  495. *
  496. * @throws \Exception
  497. */
  498. protected function store(Request $request, Response $response)
  499. {
  500. if (!$response->headers->has('Date')) {
  501. $response->setDate(\DateTime::createFromFormat('U', time()));
  502. }
  503. try {
  504. $this->store->write($request, $response);
  505. $this->record($request, 'store');
  506. $response->headers->set('Age', $response->getAge());
  507. } catch (\Exception $e) {
  508. $this->record($request, 'store-failed');
  509. if ($this->options['debug']) {
  510. throw $e;
  511. }
  512. }
  513. // now that the response is cached, release the lock
  514. $this->store->unlock($request);
  515. }
  516. /**
  517. * Restores the Response body.
  518. *
  519. * @param Request $request A Request instance
  520. * @param Response $response A Response instance
  521. */
  522. private function restoreResponseBody(Request $request, Response $response)
  523. {
  524. if ($request->isMethod('HEAD') || 304 === $response->getStatusCode()) {
  525. $response->setContent(null);
  526. $response->headers->remove('X-Body-Eval');
  527. $response->headers->remove('X-Body-File');
  528. return;
  529. }
  530. if ($response->headers->has('X-Body-Eval')) {
  531. ob_start();
  532. if ($response->headers->has('X-Body-File')) {
  533. include $response->headers->get('X-Body-File');
  534. } else {
  535. eval('; ?>'.$response->getContent().'<?php ;');
  536. }
  537. $response->setContent(ob_get_clean());
  538. $response->headers->remove('X-Body-Eval');
  539. if (!$response->headers->has('Transfer-Encoding')) {
  540. $response->headers->set('Content-Length', strlen($response->getContent()));
  541. }
  542. } elseif ($response->headers->has('X-Body-File')) {
  543. $response->setContent(file_get_contents($response->headers->get('X-Body-File')));
  544. } else {
  545. return;
  546. }
  547. $response->headers->remove('X-Body-File');
  548. }
  549. protected function processResponseBody(Request $request, Response $response)
  550. {
  551. if (null !== $this->surrogate && $this->surrogate->needsParsing($response)) {
  552. $this->surrogate->process($request, $response);
  553. }
  554. }
  555. /**
  556. * Checks if the Request includes authorization or other sensitive information
  557. * that should cause the Response to be considered private by default.
  558. *
  559. * @param Request $request A Request instance
  560. *
  561. * @return bool true if the Request is private, false otherwise
  562. */
  563. private function isPrivateRequest(Request $request)
  564. {
  565. foreach ($this->options['private_headers'] as $key) {
  566. $key = strtolower(str_replace('HTTP_', '', $key));
  567. if ('cookie' === $key) {
  568. if (count($request->cookies->all())) {
  569. return true;
  570. }
  571. } elseif ($request->headers->has($key)) {
  572. return true;
  573. }
  574. }
  575. return false;
  576. }
  577. /**
  578. * Records that an event took place.
  579. *
  580. * @param Request $request A Request instance
  581. * @param string $event The event name
  582. */
  583. private function record(Request $request, $event)
  584. {
  585. $path = $request->getPathInfo();
  586. if ($qs = $request->getQueryString()) {
  587. $path .= '?'.$qs;
  588. }
  589. $this->traces[$request->getMethod().' '.$path][] = $event;
  590. }
  591. }