HttpCache.php 23 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688
  1. <?php
  2. /*
  3. * This file is part of the Symfony package.
  4. *
  5. * (c) Fabien Potencier <fabien@symfony.com>
  6. *
  7. * This code is partially based on the Rack-Cache library by Ryan Tomayko,
  8. * which is released under the MIT license.
  9. * (based on commit 02d2b48d75bcb63cf1c0c7149c077ad256542801)
  10. *
  11. * For the full copyright and license information, please view the LICENSE
  12. * file that was distributed with this source code.
  13. */
  14. namespace Symfony\Component\HttpKernel\HttpCache;
  15. use Symfony\Component\HttpKernel\HttpKernelInterface;
  16. use Symfony\Component\HttpKernel\TerminableInterface;
  17. use Symfony\Component\HttpFoundation\Request;
  18. use Symfony\Component\HttpFoundation\Response;
  19. use Symfony\Component\HttpKernel\HttpCache\Esi;
  20. /**
  21. * Cache provides HTTP caching.
  22. *
  23. * @author Fabien Potencier <fabien@symfony.com>
  24. *
  25. * @api
  26. */
  27. class HttpCache implements HttpKernelInterface, TerminableInterface
  28. {
  29. private $kernel;
  30. private $store;
  31. private $request;
  32. private $esi;
  33. private $esiCacheStrategy;
  34. private $traces;
  35. /**
  36. * Constructor.
  37. *
  38. * The available options are:
  39. *
  40. * * debug: If true, the traces are added as a HTTP header to ease debugging
  41. *
  42. * * default_ttl The number of seconds that a cache entry should be considered
  43. * fresh when no explicit freshness information is provided in
  44. * a response. Explicit Cache-Control or Expires headers
  45. * override this value. (default: 0)
  46. *
  47. * * private_headers Set of request headers that trigger "private" cache-control behavior
  48. * on responses that don't explicitly state whether the response is
  49. * public or private via a Cache-Control directive. (default: Authorization and Cookie)
  50. *
  51. * * allow_reload Specifies whether the client can force a cache reload by including a
  52. * Cache-Control "no-cache" directive in the request. Set it to ``true``
  53. * for compliance with RFC 2616. (default: false)
  54. *
  55. * * allow_revalidate Specifies whether the client can force a cache revalidate by including
  56. * a Cache-Control "max-age=0" directive in the request. Set it to ``true``
  57. * for compliance with RFC 2616. (default: false)
  58. *
  59. * * stale_while_revalidate Specifies the default number of seconds (the granularity is the second as the
  60. * Response TTL precision is a second) during which the cache can immediately return
  61. * a stale response while it revalidates it in the background (default: 2).
  62. * This setting is overridden by the stale-while-revalidate HTTP Cache-Control
  63. * extension (see RFC 5861).
  64. *
  65. * * stale_if_error Specifies the default number of seconds (the granularity is the second) during which
  66. * the cache can serve a stale response when an error is encountered (default: 60).
  67. * This setting is overridden by the stale-if-error HTTP Cache-Control extension
  68. * (see RFC 5861).
  69. *
  70. * @param HttpKernelInterface $kernel An HttpKernelInterface instance
  71. * @param StoreInterface $store A Store instance
  72. * @param Esi $esi An Esi instance
  73. * @param array $options An array of options
  74. */
  75. public function __construct(HttpKernelInterface $kernel, StoreInterface $store, Esi $esi = null, array $options = array())
  76. {
  77. $this->store = $store;
  78. $this->kernel = $kernel;
  79. // needed in case there is a fatal error because the backend is too slow to respond
  80. register_shutdown_function(array($this->store, 'cleanup'));
  81. $this->options = array_merge(array(
  82. 'debug' => false,
  83. 'default_ttl' => 0,
  84. 'private_headers' => array('Authorization', 'Cookie'),
  85. 'allow_reload' => false,
  86. 'allow_revalidate' => false,
  87. 'stale_while_revalidate' => 2,
  88. 'stale_if_error' => 60,
  89. ), $options);
  90. $this->esi = $esi;
  91. $this->traces = array();
  92. }
  93. /**
  94. * Gets the current store.
  95. *
  96. * @return StoreInterface $store A StoreInterface instance
  97. */
  98. public function getStore()
  99. {
  100. return $this->store;
  101. }
  102. /**
  103. * Returns an array of events that took place during processing of the last request.
  104. *
  105. * @return array An array of events
  106. */
  107. public function getTraces()
  108. {
  109. return $this->traces;
  110. }
  111. /**
  112. * Returns a log message for the events of the last request processing.
  113. *
  114. * @return string A log message
  115. */
  116. public function getLog()
  117. {
  118. $log = array();
  119. foreach ($this->traces as $request => $traces) {
  120. $log[] = sprintf('%s: %s', $request, implode(', ', $traces));
  121. }
  122. return implode('; ', $log);
  123. }
  124. /**
  125. * Gets the Request instance associated with the master request.
  126. *
  127. * @return Request A Request instance
  128. */
  129. public function getRequest()
  130. {
  131. return $this->request;
  132. }
  133. /**
  134. * Gets the Kernel instance
  135. *
  136. * @return HttpKernelInterface An HttpKernelInterface instance
  137. */
  138. public function getKernel()
  139. {
  140. return $this->kernel;
  141. }
  142. /**
  143. * Gets the Esi instance
  144. *
  145. * @return Esi An Esi instance
  146. */
  147. public function getEsi()
  148. {
  149. return $this->esi;
  150. }
  151. /**
  152. * {@inheritdoc}
  153. *
  154. * @api
  155. */
  156. public function handle(Request $request, $type = HttpKernelInterface::MASTER_REQUEST, $catch = true)
  157. {
  158. // FIXME: catch exceptions and implement a 500 error page here? -> in Varnish, there is a built-in error page mechanism
  159. if (HttpKernelInterface::MASTER_REQUEST === $type) {
  160. $this->traces = array();
  161. $this->request = $request;
  162. if (null !== $this->esi) {
  163. $this->esiCacheStrategy = $this->esi->createCacheStrategy();
  164. }
  165. }
  166. $path = $request->getPathInfo();
  167. if ($qs = $request->getQueryString()) {
  168. $path .= '?'.$qs;
  169. }
  170. $this->traces[$request->getMethod().' '.$path] = array();
  171. if (!$request->isMethodSafe()) {
  172. $response = $this->invalidate($request, $catch);
  173. } elseif ($request->headers->has('expect')) {
  174. $response = $this->pass($request, $catch);
  175. } else {
  176. $response = $this->lookup($request, $catch);
  177. }
  178. $this->restoreResponseBody($request, $response);
  179. $response->setDate(new \DateTime(null, new \DateTimeZone('UTC')));
  180. if (HttpKernelInterface::MASTER_REQUEST === $type && $this->options['debug']) {
  181. $response->headers->set('X-Symfony-Cache', $this->getLog());
  182. }
  183. if (null !== $this->esi) {
  184. if (HttpKernelInterface::MASTER_REQUEST === $type) {
  185. $this->esiCacheStrategy->update($response);
  186. } else {
  187. $this->esiCacheStrategy->add($response);
  188. }
  189. }
  190. $response->prepare($request);
  191. $response->isNotModified($request);
  192. return $response;
  193. }
  194. /**
  195. * {@inheritdoc}
  196. *
  197. * @api
  198. */
  199. public function terminate(Request $request, Response $response)
  200. {
  201. if ($this->getKernel() instanceof TerminableInterface) {
  202. $this->getKernel()->terminate($request, $response);
  203. }
  204. }
  205. /**
  206. * Forwards the Request to the backend without storing the Response in the cache.
  207. *
  208. * @param Request $request A Request instance
  209. * @param Boolean $catch Whether to process exceptions
  210. *
  211. * @return Response A Response instance
  212. */
  213. protected function pass(Request $request, $catch = false)
  214. {
  215. $this->record($request, 'pass');
  216. return $this->forward($request, $catch);
  217. }
  218. /**
  219. * Invalidates non-safe methods (like POST, PUT, and DELETE).
  220. *
  221. * @param Request $request A Request instance
  222. * @param Boolean $catch Whether to process exceptions
  223. *
  224. * @return Response A Response instance
  225. *
  226. * @throws \Exception
  227. *
  228. * @see RFC2616 13.10
  229. */
  230. protected function invalidate(Request $request, $catch = false)
  231. {
  232. $response = $this->pass($request, $catch);
  233. // invalidate only when the response is successful
  234. if ($response->isSuccessful() || $response->isRedirect()) {
  235. try {
  236. $this->store->invalidate($request, $catch);
  237. // As per the RFC, invalidate Location and Content-Location URLs if present
  238. foreach (array('Location', 'Content-Location') as $header) {
  239. if ($uri = $response->headers->get($header)) {
  240. $subRequest = $request::create($uri, 'get', array(), array(), array(), $request->server->all());
  241. $this->store->invalidate($subRequest);
  242. }
  243. }
  244. $this->record($request, 'invalidate');
  245. } catch (\Exception $e) {
  246. $this->record($request, 'invalidate-failed');
  247. if ($this->options['debug']) {
  248. throw $e;
  249. }
  250. }
  251. }
  252. return $response;
  253. }
  254. /**
  255. * Lookups a Response from the cache for the given Request.
  256. *
  257. * When a matching cache entry is found and is fresh, it uses it as the
  258. * response without forwarding any request to the backend. When a matching
  259. * cache entry is found but is stale, it attempts to "validate" the entry with
  260. * the backend using conditional GET. When no matching cache entry is found,
  261. * it triggers "miss" processing.
  262. *
  263. * @param Request $request A Request instance
  264. * @param Boolean $catch whether to process exceptions
  265. *
  266. * @return Response A Response instance
  267. *
  268. * @throws \Exception
  269. */
  270. protected function lookup(Request $request, $catch = false)
  271. {
  272. // if allow_reload and no-cache Cache-Control, allow a cache reload
  273. if ($this->options['allow_reload'] && $request->isNoCache()) {
  274. $this->record($request, 'reload');
  275. return $this->fetch($request);
  276. }
  277. try {
  278. $entry = $this->store->lookup($request);
  279. } catch (\Exception $e) {
  280. $this->record($request, 'lookup-failed');
  281. if ($this->options['debug']) {
  282. throw $e;
  283. }
  284. return $this->pass($request, $catch);
  285. }
  286. if (null === $entry) {
  287. $this->record($request, 'miss');
  288. return $this->fetch($request, $catch);
  289. }
  290. if (!$this->isFreshEnough($request, $entry)) {
  291. $this->record($request, 'stale');
  292. return $this->validate($request, $entry, $catch);
  293. }
  294. $this->record($request, 'fresh');
  295. $entry->headers->set('Age', $entry->getAge());
  296. return $entry;
  297. }
  298. /**
  299. * Validates that a cache entry is fresh.
  300. *
  301. * The original request is used as a template for a conditional
  302. * GET request with the backend.
  303. *
  304. * @param Request $request A Request instance
  305. * @param Response $entry A Response instance to validate
  306. * @param Boolean $catch Whether to process exceptions
  307. *
  308. * @return Response A Response instance
  309. */
  310. protected function validate(Request $request, Response $entry, $catch = false)
  311. {
  312. $subRequest = clone $request;
  313. // send no head requests because we want content
  314. $subRequest->setMethod('GET');
  315. // add our cached last-modified validator
  316. $subRequest->headers->set('if_modified_since', $entry->headers->get('Last-Modified'));
  317. // Add our cached etag validator to the environment.
  318. // We keep the etags from the client to handle the case when the client
  319. // has a different private valid entry which is not cached here.
  320. $cachedEtags = $entry->getEtag() ? array($entry->getEtag()) : array();
  321. $requestEtags = $request->getEtags();
  322. if ($etags = array_unique(array_merge($cachedEtags, $requestEtags))) {
  323. $subRequest->headers->set('if_none_match', implode(', ', $etags));
  324. }
  325. $response = $this->forward($subRequest, $catch, $entry);
  326. if (304 == $response->getStatusCode()) {
  327. $this->record($request, 'valid');
  328. // return the response and not the cache entry if the response is valid but not cached
  329. $etag = $response->getEtag();
  330. if ($etag && in_array($etag, $requestEtags) && !in_array($etag, $cachedEtags)) {
  331. return $response;
  332. }
  333. $entry = clone $entry;
  334. $entry->headers->remove('Date');
  335. foreach (array('Date', 'Expires', 'Cache-Control', 'ETag', 'Last-Modified') as $name) {
  336. if ($response->headers->has($name)) {
  337. $entry->headers->set($name, $response->headers->get($name));
  338. }
  339. }
  340. $response = $entry;
  341. } else {
  342. $this->record($request, 'invalid');
  343. }
  344. if ($response->isCacheable()) {
  345. $this->store($request, $response);
  346. }
  347. return $response;
  348. }
  349. /**
  350. * Forwards the Request to the backend and determines whether the response should be stored.
  351. *
  352. * This methods is triggered when the cache missed or a reload is required.
  353. *
  354. * @param Request $request A Request instance
  355. * @param Boolean $catch whether to process exceptions
  356. *
  357. * @return Response A Response instance
  358. */
  359. protected function fetch(Request $request, $catch = false)
  360. {
  361. $subRequest = clone $request;
  362. // send no head requests because we want content
  363. $subRequest->setMethod('GET');
  364. // avoid that the backend sends no content
  365. $subRequest->headers->remove('if_modified_since');
  366. $subRequest->headers->remove('if_none_match');
  367. $response = $this->forward($subRequest, $catch);
  368. if ($this->isPrivateRequest($request) && !$response->headers->hasCacheControlDirective('public')) {
  369. $response->setPrivate(true);
  370. } elseif ($this->options['default_ttl'] > 0 && null === $response->getTtl() && !$response->headers->getCacheControlDirective('must-revalidate')) {
  371. $response->setTtl($this->options['default_ttl']);
  372. }
  373. if ($response->isCacheable()) {
  374. $this->store($request, $response);
  375. }
  376. return $response;
  377. }
  378. /**
  379. * Forwards the Request to the backend and returns the Response.
  380. *
  381. * @param Request $request A Request instance
  382. * @param Boolean $catch Whether to catch exceptions or not
  383. * @param Response $entry A Response instance (the stale entry if present, null otherwise)
  384. *
  385. * @return Response A Response instance
  386. */
  387. protected function forward(Request $request, $catch = false, Response $entry = null)
  388. {
  389. if ($this->esi) {
  390. $this->esi->addSurrogateEsiCapability($request);
  391. }
  392. // modify the X-Forwarded-For header if needed
  393. $forwardedFor = $request->headers->get('X-Forwarded-For');
  394. if ($forwardedFor) {
  395. $request->headers->set('X-Forwarded-For', $forwardedFor.', '.$request->server->get('REMOTE_ADDR'));
  396. } else {
  397. $request->headers->set('X-Forwarded-For', $request->server->get('REMOTE_ADDR'));
  398. }
  399. // fix the client IP address by setting it to 127.0.0.1 as HttpCache
  400. // is always called from the same process as the backend.
  401. $request->server->set('REMOTE_ADDR', '127.0.0.1');
  402. // always a "master" request (as the real master request can be in cache)
  403. $response = $this->kernel->handle($request, HttpKernelInterface::MASTER_REQUEST, $catch);
  404. // FIXME: we probably need to also catch exceptions if raw === true
  405. // we don't implement the stale-if-error on Requests, which is nonetheless part of the RFC
  406. if (null !== $entry && in_array($response->getStatusCode(), array(500, 502, 503, 504))) {
  407. if (null === $age = $entry->headers->getCacheControlDirective('stale-if-error')) {
  408. $age = $this->options['stale_if_error'];
  409. }
  410. if (abs($entry->getTtl()) < $age) {
  411. $this->record($request, 'stale-if-error');
  412. return $entry;
  413. }
  414. }
  415. $this->processResponseBody($request, $response);
  416. return $response;
  417. }
  418. /**
  419. * Checks whether the cache entry is "fresh enough" to satisfy the Request.
  420. *
  421. * @param Request $request A Request instance
  422. * @param Response $entry A Response instance
  423. *
  424. * @return Boolean true if the cache entry if fresh enough, false otherwise
  425. */
  426. protected function isFreshEnough(Request $request, Response $entry)
  427. {
  428. if (!$entry->isFresh()) {
  429. return $this->lock($request, $entry);
  430. }
  431. if ($this->options['allow_revalidate'] && null !== $maxAge = $request->headers->getCacheControlDirective('max-age')) {
  432. return $maxAge > 0 && $maxAge >= $entry->getAge();
  433. }
  434. return true;
  435. }
  436. /**
  437. * Locks a Request during the call to the backend.
  438. *
  439. * @param Request $request A Request instance
  440. * @param Response $entry A Response instance
  441. *
  442. * @return Boolean true if the cache entry can be returned even if it is staled, false otherwise
  443. */
  444. protected function lock(Request $request, Response $entry)
  445. {
  446. // try to acquire a lock to call the backend
  447. $lock = $this->store->lock($request, $entry);
  448. // there is already another process calling the backend
  449. if (true !== $lock) {
  450. // check if we can serve the stale entry
  451. if (null === $age = $entry->headers->getCacheControlDirective('stale-while-revalidate')) {
  452. $age = $this->options['stale_while_revalidate'];
  453. }
  454. if (abs($entry->getTtl()) < $age) {
  455. $this->record($request, 'stale-while-revalidate');
  456. // server the stale response while there is a revalidation
  457. return true;
  458. }
  459. // wait for the lock to be released
  460. $wait = 0;
  461. while ($this->store->isLocked($request) && $wait < 5000000) {
  462. usleep(50000);
  463. $wait += 50000;
  464. }
  465. if ($wait < 2000000) {
  466. // replace the current entry with the fresh one
  467. $new = $this->lookup($request);
  468. $entry->headers = $new->headers;
  469. $entry->setContent($new->getContent());
  470. $entry->setStatusCode($new->getStatusCode());
  471. $entry->setProtocolVersion($new->getProtocolVersion());
  472. foreach ($new->headers->getCookies() as $cookie) {
  473. $entry->headers->setCookie($cookie);
  474. }
  475. } else {
  476. // backend is slow as hell, send a 503 response (to avoid the dog pile effect)
  477. $entry->setStatusCode(503);
  478. $entry->setContent('503 Service Unavailable');
  479. $entry->headers->set('Retry-After', 10);
  480. }
  481. return true;
  482. }
  483. // we have the lock, call the backend
  484. return false;
  485. }
  486. /**
  487. * Writes the Response to the cache.
  488. *
  489. * @param Request $request A Request instance
  490. * @param Response $response A Response instance
  491. *
  492. * @throws \Exception
  493. */
  494. protected function store(Request $request, Response $response)
  495. {
  496. try {
  497. $this->store->write($request, $response);
  498. $this->record($request, 'store');
  499. $response->headers->set('Age', $response->getAge());
  500. } catch (\Exception $e) {
  501. $this->record($request, 'store-failed');
  502. if ($this->options['debug']) {
  503. throw $e;
  504. }
  505. }
  506. // now that the response is cached, release the lock
  507. $this->store->unlock($request);
  508. }
  509. /**
  510. * Restores the Response body.
  511. *
  512. * @param Request $request A Request instance
  513. * @param Response $response A Response instance
  514. *
  515. * @return Response A Response instance
  516. */
  517. private function restoreResponseBody(Request $request, Response $response)
  518. {
  519. if ($request->isMethod('HEAD') || 304 === $response->getStatusCode()) {
  520. $response->setContent(null);
  521. $response->headers->remove('X-Body-Eval');
  522. $response->headers->remove('X-Body-File');
  523. return;
  524. }
  525. if ($response->headers->has('X-Body-Eval')) {
  526. ob_start();
  527. if ($response->headers->has('X-Body-File')) {
  528. include $response->headers->get('X-Body-File');
  529. } else {
  530. eval('; ?>'.$response->getContent().'<?php ;');
  531. }
  532. $response->setContent(ob_get_clean());
  533. $response->headers->remove('X-Body-Eval');
  534. if (!$response->headers->has('Transfer-Encoding')) {
  535. $response->headers->set('Content-Length', strlen($response->getContent()));
  536. }
  537. } elseif ($response->headers->has('X-Body-File')) {
  538. $response->setContent(file_get_contents($response->headers->get('X-Body-File')));
  539. } else {
  540. return;
  541. }
  542. $response->headers->remove('X-Body-File');
  543. }
  544. protected function processResponseBody(Request $request, Response $response)
  545. {
  546. if (null !== $this->esi && $this->esi->needsEsiParsing($response)) {
  547. $this->esi->process($request, $response);
  548. }
  549. }
  550. /**
  551. * Checks if the Request includes authorization or other sensitive information
  552. * that should cause the Response to be considered private by default.
  553. *
  554. * @param Request $request A Request instance
  555. *
  556. * @return Boolean true if the Request is private, false otherwise
  557. */
  558. private function isPrivateRequest(Request $request)
  559. {
  560. foreach ($this->options['private_headers'] as $key) {
  561. $key = strtolower(str_replace('HTTP_', '', $key));
  562. if ('cookie' === $key) {
  563. if (count($request->cookies->all())) {
  564. return true;
  565. }
  566. } elseif ($request->headers->has($key)) {
  567. return true;
  568. }
  569. }
  570. return false;
  571. }
  572. /**
  573. * Records that an event took place.
  574. *
  575. * @param Request $request A Request instance
  576. * @param string $event The event name
  577. */
  578. private function record(Request $request, $event)
  579. {
  580. $path = $request->getPathInfo();
  581. if ($qs = $request->getQueryString()) {
  582. $path .= '?'.$qs;
  583. }
  584. $this->traces[$request->getMethod().' '.$path][] = $event;
  585. }
  586. }