Accueil Explorer Aide
Connexion
trxbot
/
admin
2
0
Fork 0
Fichiers Tickets 0 Pull Requests 0 Wiki
Aborescence: 516b110210
Branches Tags
admin
/
vendor
/
symfony
/
http-kernel
/
HttpCache
/
HttpCache.php

HttpCache.php 25 KB
Historique Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753 
  1. <?php
    2. 

  2. 

  3. /*
    4. 

  4.  * This file is part of the Symfony package.
    5. 

  5.  *
    6. 

  6.  * (c) Fabien Potencier <fabien@symfony.com>
    7. 

  7.  *
    8. 

  8.  * For the full copyright and license information, please view the LICENSE
    9. 

  9.  * file that was distributed with this source code.
    10. 

  10.  */
    11. 

  11. 

  12. /*
    13. 

  13.  * This code is partially based on the Rack-Cache library by Ryan Tomayko,
    14. 

  14.  * which is released under the MIT license.
    15. 

  15.  * (based on commit 02d2b48d75bcb63cf1c0c7149c077ad256542801)
    16. 

  16.  */
    17. 

  17. 

  18. namespace Symfony\Component\HttpKernel\HttpCache;
    19. 

  19. 

  20. use Symfony\Component\HttpFoundation\Request;
    21. 

  21. use Symfony\Component\HttpFoundation\Response;
    22. 

  22. use Symfony\Component\HttpKernel\HttpKernelInterface;
    23. 

  23. use Symfony\Component\HttpKernel\TerminableInterface;
    24. 

  24. 

  25. /**
    26. 

  26.  * Cache provides HTTP caching.
    27. 

  27.  *
    28. 

  28.  * @author Fabien Potencier <fabien@symfony.com>
    29. 

  29.  */
    30. 

  30. class HttpCache implements HttpKernelInterface, TerminableInterface
    31. 

  31. {
    32. 

  32.     public const BODY_EVAL_BOUNDARY_LENGTH = 24;
    33. 

  33. 

  34.     private $kernel;
    35. 

  35.     private $store;
    36. 

  36.     private $request;
    37. 

  37.     private $surrogate;
    38. 

  38.     private $surrogateCacheStrategy;
    39. 

  39.     private $options = [];
    40. 

  40.     private $traces = [];
    41. 

  41. 

  42.     /**
    43. 

  43.      * Constructor.
    44. 

  44.      *
    45. 

  45.      * The available options are:
    46. 

  46.      *
    47. 

  47.      *   * debug                  If true, exceptions are thrown when things go wrong. Otherwise, the cache
    48. 

  48.      *                            will try to carry on and deliver a meaningful response.
    49. 

  49.      *
    50. 

  50.      *   * trace_level            May be one of 'none', 'short' and 'full'. For 'short', a concise trace of the
    51. 

  51.      *                            main request will be added as an HTTP header. 'full' will add traces for all
    52. 

  52.      *                            requests (including ESI subrequests). (default: 'full' if in debug; 'none' otherwise)
    53. 

  53.      *
    54. 

  54.      *   * trace_header           Header name to use for traces. (default: X-Symfony-Cache)
    55. 

  55.      *
    56. 

  56.      *   * default_ttl            The number of seconds that a cache entry should be considered
    57. 

  57.      *                            fresh when no explicit freshness information is provided in
    58. 

  58.      *                            a response. Explicit Cache-Control or Expires headers
    59. 

  59.      *                            override this value. (default: 0)
    60. 

  60.      *
    61. 

  61.      *   * private_headers        Set of request headers that trigger "private" cache-control behavior
    62. 

  62.      *                            on responses that don't explicitly state whether the response is
    63. 

  63.      *                            public or private via a Cache-Control directive. (default: Authorization and Cookie)
    64. 

  64.      *
    65. 

  65.      *   * allow_reload           Specifies whether the client can force a cache reload by including a
    66. 

  66.      *                            Cache-Control "no-cache" directive in the request. Set it to ``true``
    67. 

  67.      *                            for compliance with RFC 2616. (default: false)
    68. 

  68.      *
    69. 

  69.      *   * allow_revalidate       Specifies whether the client can force a cache revalidate by including
    70. 

  70.      *                            a Cache-Control "max-age=0" directive in the request. Set it to ``true``
    71. 

  71.      *                            for compliance with RFC 2616. (default: false)
    72. 

  72.      *
    73. 

  73.      *   * stale_while_revalidate Specifies the default number of seconds (the granularity is the second as the
    74. 

  74.      *                            Response TTL precision is a second) during which the cache can immediately return
    75. 

  75.      *                            a stale response while it revalidates it in the background (default: 2).
    76. 

  76.      *                            This setting is overridden by the stale-while-revalidate HTTP Cache-Control
    77. 

  77.      *                            extension (see RFC 5861).
    78. 

  78.      *
    79. 

  79.      *   * stale_if_error         Specifies the default number of seconds (the granularity is the second) during which
    80. 

  80.      *                            the cache can serve a stale response when an error is encountered (default: 60).
    81. 

  81.      *                            This setting is overridden by the stale-if-error HTTP Cache-Control extension
    82. 

  82.      *                            (see RFC 5861).
    83. 

  83.      */
    84. 

  84.     public function __construct(HttpKernelInterface $kernel, StoreInterface $store, ?SurrogateInterface $surrogate = null, array $options = [])
    85. 

  85.     {
    86. 

  86.         $this->store = $store;
    87. 

  87.         $this->kernel = $kernel;
    88. 

  88.         $this->surrogate = $surrogate;
    89. 

  89. 

  90.         // needed in case there is a fatal error because the backend is too slow to respond
    91. 

  91.         register_shutdown_function([$this->store, 'cleanup']);
    92. 

  92. 

  93.         $this->options = array_merge([
    94. 

  94.             'debug' => false,
    95. 

  95.             'default_ttl' => 0,
    96. 

  96.             'private_headers' => ['Authorization', 'Cookie'],
    97. 

  97.             'allow_reload' => false,
    98. 

  98.             'allow_revalidate' => false,
    99. 

  99.             'stale_while_revalidate' => 2,
    100. 

  100.             'stale_if_error' => 60,
    101. 

  101.             'trace_level' => 'none',
    102. 

  102.             'trace_header' => 'X-Symfony-Cache',
    103. 

  103.         ], $options);
    104. 

  104. 

  105.         if (!isset($options['trace_level'])) {
    106. 

  106.             $this->options['trace_level'] = $this->options['debug'] ? 'full' : 'none';
    107. 

  107.         }
    108. 

  108.     }
    109. 

  109. 

  110.     /**
    111. 

  111.      * Gets the current store.
    112. 

  112.      *
    113. 

  113.      * @return StoreInterface
    114. 

  114.      */
    115. 

  115.     public function getStore()
    116. 

  116.     {
    117. 

  117.         return $this->store;
    118. 

  118.     }
    119. 

  119. 

  120.     /**
    121. 

  121.      * Returns an array of events that took place during processing of the last request.
    122. 

  122.      *
    123. 

  123.      * @return array
    124. 

  124.      */
    125. 

  125.     public function getTraces()
    126. 

  126.     {
    127. 

  127.         return $this->traces;
    128. 

  128.     }
    129. 

  129. 

  130.     private function addTraces(Response $response)
    131. 

  131.     {
    132. 

  132.         $traceString = null;
    133. 

  133. 

  134.         if ('full' === $this->options['trace_level']) {
    135. 

  135.             $traceString = $this->getLog();
    136. 

  136.         }
    137. 

  137. 

  138.         if ('short' === $this->options['trace_level'] && $masterId = array_key_first($this->traces)) {
    139. 

  139.             $traceString = implode('/', $this->traces[$masterId]);
    140. 

  140.         }
    141. 

  141. 

  142.         if (null !== $traceString) {
    143. 

  143.             $response->headers->add([$this->options['trace_header'] => $traceString]);
    144. 

  144.         }
    145. 

  145.     }
    146. 

  146. 

  147.     /**
    148. 

  148.      * Returns a log message for the events of the last request processing.
    149. 

  149.      *
    150. 

  150.      * @return string
    151. 

  151.      */
    152. 

  152.     public function getLog()
    153. 

  153.     {
    154. 

  154.         $log = [];
    155. 

  155.         foreach ($this->traces as $request => $traces) {
    156. 

  156.             $log[] = sprintf('%s: %s', $request, implode(', ', $traces));
    157. 

  157.         }
    158. 

  158. 

  159.         return implode('; ', $log);
    160. 

  160.     }
    161. 

  161. 

  162.     /**
    163. 

  163.      * Gets the Request instance associated with the main request.
    164. 

  164.      *
    165. 

  165.      * @return Request
    166. 

  166.      */
    167. 

  167.     public function getRequest()
    168. 

  168.     {
    169. 

  169.         return $this->request;
    170. 

  170.     }
    171. 

  171. 

  172.     /**
    173. 

  173.      * Gets the Kernel instance.
    174. 

  174.      *
    175. 

  175.      * @return HttpKernelInterface
    176. 

  176.      */
    177. 

  177.     public function getKernel()
    178. 

  178.     {
    179. 

  179.         return $this->kernel;
    180. 

  180.     }
    181. 

  181. 

  182.     /**
    183. 

  183.      * Gets the Surrogate instance.
    184. 

  184.      *
    185. 

  185.      * @return SurrogateInterface
    186. 

  186.      *
    187. 

  187.      * @throws \LogicException
    188. 

  188.      */
    189. 

  189.     public function getSurrogate()
    190. 

  190.     {
    191. 

  191.         return $this->surrogate;
    192. 

  192.     }
    193. 

  193. 

  194.     /**
    195. 

  195.      * {@inheritdoc}
    196. 

  196.      */
    197. 

  197.     public function handle(Request $request, int $type = HttpKernelInterface::MAIN_REQUEST, bool $catch = true)
    198. 

  198.     {
    199. 

  199.         // FIXME: catch exceptions and implement a 500 error page here? -> in Varnish, there is a built-in error page mechanism
    200. 

  200.         if (HttpKernelInterface::MAIN_REQUEST === $type) {
    201. 

  201.             $this->traces = [];
    202. 

  202.             // Keep a clone of the original request for surrogates so they can access it.
    203. 

  203.             // We must clone here to get a separate instance because the application will modify the request during
    204. 

  204.             // the application flow (we know it always does because we do ourselves by setting REMOTE_ADDR to 127.0.0.1
    205. 

  205.             // and adding the X-Forwarded-For header, see HttpCache::forward()).
    206. 

  206.             $this->request = clone $request;
    207. 

  207.             if (null !== $this->surrogate) {
    208. 

  208.                 $this->surrogateCacheStrategy = $this->surrogate->createCacheStrategy();
    209. 

  209.             }
    210. 

  210.         }
    211. 

  211. 

  212.         $this->traces[$this->getTraceKey($request)] = [];
    213. 

  213. 

  214.         if (!$request->isMethodSafe()) {
    215. 

  215.             $response = $this->invalidate($request, $catch);
    216. 

  216.         } elseif ($request->headers->has('expect') || !$request->isMethodCacheable()) {
    217. 

  217.             $response = $this->pass($request, $catch);
    218. 

  218.         } elseif ($this->options['allow_reload'] && $request->isNoCache()) {
    219. 

  219.             /*
    220. 

  220.                 If allow_reload is configured and the client requests "Cache-Control: no-cache",
    221. 

  221.                 reload the cache by fetching a fresh response and caching it (if possible).
    222. 

  222.             */
    223. 

  223.             $this->record($request, 'reload');
    224. 

  224.             $response = $this->fetch($request, $catch);
    225. 

  225.         } else {
    226. 

  226.             $response = $this->lookup($request, $catch);
    227. 

  227.         }
    228. 

  228. 

  229.         $this->restoreResponseBody($request, $response);
    230. 

  230. 

  231.         if (HttpKernelInterface::MAIN_REQUEST === $type) {
    232. 

  232.             $this->addTraces($response);
    233. 

  233.         }
    234. 

  234. 

  235.         if (null !== $this->surrogate) {
    236. 

  236.             if (HttpKernelInterface::MAIN_REQUEST === $type) {
    237. 

  237.                 $this->surrogateCacheStrategy->update($response);
    238. 

  238.             } else {
    239. 

  239.                 $this->surrogateCacheStrategy->add($response);
    240. 

  240.             }
    241. 

  241.         }
    242. 

  242. 

  243.         $response->prepare($request);
    244. 

  244. 

  245.         $response->isNotModified($request);
    246. 

  246. 

  247.         return $response;
    248. 

  248.     }
    249. 

  249. 

  250.     /**
    251. 

  251.      * {@inheritdoc}
    252. 

  252.      */
    253. 

  253.     public function terminate(Request $request, Response $response)
    254. 

  254.     {
    255. 

  255.         if ($this->getKernel() instanceof TerminableInterface) {
    256. 

  256.             $this->getKernel()->terminate($request, $response);
    257. 

  257.         }
    258. 

  258.     }
    259. 

  259. 

  260.     /**
    261. 

  261.      * Forwards the Request to the backend without storing the Response in the cache.
    262. 

  262.      *
    263. 

  263.      * @param bool $catch Whether to process exceptions
    264. 

  264.      *
    265. 

  265.      * @return Response
    266. 

  266.      */
    267. 

  267.     protected function pass(Request $request, bool $catch = false)
    268. 

  268.     {
    269. 

  269.         $this->record($request, 'pass');
    270. 

  270. 

  271.         return $this->forward($request, $catch);
    272. 

  272.     }
    273. 

  273. 

  274.     /**
    275. 

  275.      * Invalidates non-safe methods (like POST, PUT, and DELETE).
    276. 

  276.      *
    277. 

  277.      * @param bool $catch Whether to process exceptions
    278. 

  278.      *
    279. 

  279.      * @return Response
    280. 

  280.      *
    281. 

  281.      * @throws \Exception
    282. 

  282.      *
    283. 

  283.      * @see RFC2616 13.10
    284. 

  284.      */
    285. 

  285.     protected function invalidate(Request $request, bool $catch = false)
    286. 

  286.     {
    287. 

  287.         $response = $this->pass($request, $catch);
    288. 

  288. 

  289.         // invalidate only when the response is successful
    290. 

  290.         if ($response->isSuccessful() || $response->isRedirect()) {
    291. 

  291.             try {
    292. 

  292.                 $this->store->invalidate($request);
    293. 

  293. 

  294.                 // As per the RFC, invalidate Location and Content-Location URLs if present
    295. 

  295.                 foreach (['Location', 'Content-Location'] as $header) {
    296. 

  296.                     if ($uri = $response->headers->get($header)) {
    297. 

  297.                         $subRequest = Request::create($uri, 'get', [], [], [], $request->server->all());
    298. 

  298. 

  299.                         $this->store->invalidate($subRequest);
    300. 

  300.                     }
    301. 

  301.                 }
    302. 

  302. 

  303.                 $this->record($request, 'invalidate');
    304. 

  304.             } catch (\Exception $e) {
    305. 

  305.                 $this->record($request, 'invalidate-failed');
    306. 

  306. 

  307.                 if ($this->options['debug']) {
    308. 

  308.                     throw $e;
    309. 

  309.                 }
    310. 

  310.             }
    311. 

  311.         }
    312. 

  312. 

  313.         return $response;
    314. 

  314.     }
    315. 

  315. 

  316.     /**
    317. 

  317.      * Lookups a Response from the cache for the given Request.
    318. 

  318.      *
    319. 

  319.      * When a matching cache entry is found and is fresh, it uses it as the
    320. 

  320.      * response without forwarding any request to the backend. When a matching
    321. 

  321.      * cache entry is found but is stale, it attempts to "validate" the entry with
    322. 

  322.      * the backend using conditional GET. When no matching cache entry is found,
    323. 

  323.      * it triggers "miss" processing.
    324. 

  324.      *
    325. 

  325.      * @param bool $catch Whether to process exceptions
    326. 

  326.      *
    327. 

  327.      * @return Response
    328. 

  328.      *
    329. 

  329.      * @throws \Exception
    330. 

  330.      */
    331. 

  331.     protected function lookup(Request $request, bool $catch = false)
    332. 

  332.     {
    333. 

  333.         try {
    334. 

  334.             $entry = $this->store->lookup($request);
    335. 

  335.         } catch (\Exception $e) {
    336. 

  336.             $this->record($request, 'lookup-failed');
    337. 

  337. 

  338.             if ($this->options['debug']) {
    339. 

  339.                 throw $e;
    340. 

  340.             }
    341. 

  341. 

  342.             return $this->pass($request, $catch);
    343. 

  343.         }
    344. 

  344. 

  345.         if (null === $entry) {
    346. 

  346.             $this->record($request, 'miss');
    347. 

  347. 

  348.             return $this->fetch($request, $catch);
    349. 

  349.         }
    350. 

  350. 

  351.         if (!$this->isFreshEnough($request, $entry)) {
    352. 

  352.             $this->record($request, 'stale');
    353. 

  353. 

  354.             return $this->validate($request, $entry, $catch);
    355. 

  355.         }
    356. 

  356. 

  357.         if ($entry->headers->hasCacheControlDirective('no-cache')) {
    358. 

  358.             return $this->validate($request, $entry, $catch);
    359. 

  359.         }
    360. 

  360. 

  361.         $this->record($request, 'fresh');
    362. 

  362. 

  363.         $entry->headers->set('Age', $entry->getAge());
    364. 

  364. 

  365.         return $entry;
    366. 

  366.     }
    367. 

  367. 

  368.     /**
    369. 

  369.      * Validates that a cache entry is fresh.
    370. 

  370.      *
    371. 

  371.      * The original request is used as a template for a conditional
    372. 

  372.      * GET request with the backend.
    373. 

  373.      *
    374. 

  374.      * @param bool $catch Whether to process exceptions
    375. 

  375.      *
    376. 

  376.      * @return Response
    377. 

  377.      */
    378. 

  378.     protected function validate(Request $request, Response $entry, bool $catch = false)
    379. 

  379.     {
    380. 

  380.         $subRequest = clone $request;
    381. 

  381. 

  382.         // send no head requests because we want content
    383. 

  383.         if ('HEAD' === $request->getMethod()) {
    384. 

  384.             $subRequest->setMethod('GET');
    385. 

  385.         }
    386. 

  386. 

  387.         // add our cached last-modified validator
    388. 

  388.         if ($entry->headers->has('Last-Modified')) {
    389. 

  389.             $subRequest->headers->set('If-Modified-Since', $entry->headers->get('Last-Modified'));
    390. 

  390.         }
    391. 

  391. 

  392.         // Add our cached etag validator to the environment.
    393. 

  393.         // We keep the etags from the client to handle the case when the client
    394. 

  394.         // has a different private valid entry which is not cached here.
    395. 

  395.         $cachedEtags = $entry->getEtag() ? [$entry->getEtag()] : [];
    396. 

  396.         $requestEtags = $request->getETags();
    397. 

  397.         if ($etags = array_unique(array_merge($cachedEtags, $requestEtags))) {
    398. 

  398.             $subRequest->headers->set('If-None-Match', implode(', ', $etags));
    399. 

  399.         }
    400. 

  400. 

  401.         $response = $this->forward($subRequest, $catch, $entry);
    402. 

  402. 

  403.         if (304 == $response->getStatusCode()) {
    404. 

  404.             $this->record($request, 'valid');
    405. 

  405. 

  406.             // return the response and not the cache entry if the response is valid but not cached
    407. 

  407.             $etag = $response->getEtag();
    408. 

  408.             if ($etag && \in_array($etag, $requestEtags) && !\in_array($etag, $cachedEtags)) {
    409. 

  409.                 return $response;
    410. 

  410.             }
    411. 

  411. 

  412.             $entry = clone $entry;
    413. 

  413.             $entry->headers->remove('Date');
    414. 

  414. 

  415.             foreach (['Date', 'Expires', 'Cache-Control', 'ETag', 'Last-Modified'] as $name) {
    416. 

  416.                 if ($response->headers->has($name)) {
    417. 

  417.                     $entry->headers->set($name, $response->headers->get($name));
    418. 

  418.                 }
    419. 

  419.             }
    420. 

  420. 

  421.             $response = $entry;
    422. 

  422.         } else {
    423. 

  423.             $this->record($request, 'invalid');
    424. 

  424.         }
    425. 

  425. 

  426.         if ($response->isCacheable()) {
    427. 

  427.             $this->store($request, $response);
    428. 

  428.         }
    429. 

  429. 

  430.         return $response;
    431. 

  431.     }
    432. 

  432. 

  433.     /**
    434. 

  434.      * Unconditionally fetches a fresh response from the backend and
    435. 

  435.      * stores it in the cache if is cacheable.
    436. 

  436.      *
    437. 

  437.      * @param bool $catch Whether to process exceptions
    438. 

  438.      *
    439. 

  439.      * @return Response
    440. 

  440.      */
    441. 

  441.     protected function fetch(Request $request, bool $catch = false)
    442. 

  442.     {
    443. 

  443.         $subRequest = clone $request;
    444. 

  444. 

  445.         // send no head requests because we want content
    446. 

  446.         if ('HEAD' === $request->getMethod()) {
    447. 

  447.             $subRequest->setMethod('GET');
    448. 

  448.         }
    449. 

  449. 

  450.         // avoid that the backend sends no content
    451. 

  451.         $subRequest->headers->remove('If-Modified-Since');
    452. 

  452.         $subRequest->headers->remove('If-None-Match');
    453. 

  453. 

  454.         $response = $this->forward($subRequest, $catch);
    455. 

  455. 

  456.         if ($response->isCacheable()) {
    457. 

  457.             $this->store($request, $response);
    458. 

  458.         }
    459. 

  459. 

  460.         return $response;
    461. 

  461.     }
    462. 

  462. 

  463.     /**
    464. 

  464.      * Forwards the Request to the backend and returns the Response.
    465. 

  465.      *
    466. 

  466.      * All backend requests (cache passes, fetches, cache validations)
    467. 

  467.      * run through this method.
    468. 

  468.      *
    469. 

  469.      * @param bool          $catch Whether to catch exceptions or not
    470. 

  470.      * @param Response|null $entry A Response instance (the stale entry if present, null otherwise)
    471. 

  471.      *
    472. 

  472.      * @return Response
    473. 

  473.      */
    474. 

  474.     protected function forward(Request $request, bool $catch = false, ?Response $entry = null)
    475. 

  475.     {
    476. 

  476.         if ($this->surrogate) {
    477. 

  477.             $this->surrogate->addSurrogateCapability($request);
    478. 

  478.         }
    479. 

  479. 

  480.         // always a "master" request (as the real master request can be in cache)
    481. 

  481.         $response = SubRequestHandler::handle($this->kernel, $request, HttpKernelInterface::MAIN_REQUEST, $catch);
    482. 

  482. 

  483.         /*
    484. 

  484.          * Support stale-if-error given on Responses or as a config option.
    485. 

  485.          * RFC 7234 summarizes in Section 4.2.4 (but also mentions with the individual
    486. 

  486.          * Cache-Control directives) that
    487. 

  487.          *
    488. 

  488.          *      A cache MUST NOT generate a stale response if it is prohibited by an
    489. 

  489.          *      explicit in-protocol directive (e.g., by a "no-store" or "no-cache"
    490. 

  490.          *      cache directive, a "must-revalidate" cache-response-directive, or an
    491. 

  491.          *      applicable "s-maxage" or "proxy-revalidate" cache-response-directive;
    492. 

  492.          *      see Section 5.2.2).
    493. 

  493.          *
    494. 

  494.          * https://tools.ietf.org/html/rfc7234#section-4.2.4
    495. 

  495.          *
    496. 

  496.          * We deviate from this in one detail, namely that we *do* serve entries in the
    497. 

  497.          * stale-if-error case even if they have a `s-maxage` Cache-Control directive.
    498. 

  498.          */
    499. 

  499.         if (null !== $entry
    500. 

  500.             && \in_array($response->getStatusCode(), [500, 502, 503, 504])
    501. 

  501.             && !$entry->headers->hasCacheControlDirective('no-cache')
    502. 

  502.             && !$entry->mustRevalidate()
    503. 

  503.         ) {
    504. 

  504.             if (null === $age = $entry->headers->getCacheControlDirective('stale-if-error')) {
    505. 

  505.                 $age = $this->options['stale_if_error'];
    506. 

  506.             }
    507. 

  507. 

  508.             /*
    509. 

  509.              * stale-if-error gives the (extra) time that the Response may be used *after* it has become stale.
    510. 

  510.              * So we compare the time the $entry has been sitting in the cache already with the
    511. 

  511.              * time it was fresh plus the allowed grace period.
    512. 

  512.              */
    513. 

  513.             if ($entry->getAge() <= $entry->getMaxAge() + $age) {
    514. 

  514.                 $this->record($request, 'stale-if-error');
    515. 

  515. 

  516.                 return $entry;
    517. 

  517.             }
    518. 

  518.         }
    519. 

  519. 

  520.         /*
    521. 

  521.             RFC 7231 Sect. 7.1.1.2 says that a server that does not have a reasonably accurate
    522. 

  522.             clock MUST NOT send a "Date" header, although it MUST send one in most other cases
    523. 

  523.             except for 1xx or 5xx responses where it MAY do so.
    524. 

  524. 

  525.             Anyway, a client that received a message without a "Date" header MUST add it.
    526. 

  526.         */
    527. 

  527.         if (!$response->headers->has('Date')) {
    528. 

  528.             $response->setDate(\DateTime::createFromFormat('U', time()));
    529. 

  529.         }
    530. 

  530. 

  531.         $this->processResponseBody($request, $response);
    532. 

  532. 

  533.         if ($this->isPrivateRequest($request) && !$response->headers->hasCacheControlDirective('public')) {
    534. 

  534.             $response->setPrivate();
    535. 

  535.         } elseif ($this->options['default_ttl'] > 0 && null === $response->getTtl() && !$response->headers->getCacheControlDirective('must-revalidate')) {
    536. 

  536.             $response->setTtl($this->options['default_ttl']);
    537. 

  537.         }
    538. 

  538. 

  539.         return $response;
    540. 

  540.     }
    541. 

  541. 

  542.     /**
    543. 

  543.      * Checks whether the cache entry is "fresh enough" to satisfy the Request.
    544. 

  544.      *
    545. 

  545.      * @return bool
    546. 

  546.      */
    547. 

  547.     protected function isFreshEnough(Request $request, Response $entry)
    548. 

  548.     {
    549. 

  549.         if (!$entry->isFresh()) {
    550. 

  550.             return $this->lock($request, $entry);
    551. 

  551.         }
    552. 

  552. 

  553.         if ($this->options['allow_revalidate'] && null !== $maxAge = $request->headers->getCacheControlDirective('max-age')) {
    554. 

  554.             return $maxAge > 0 && $maxAge >= $entry->getAge();
    555. 

  555.         }
    556. 

  556. 

  557.         return true;
    558. 

  558.     }
    559. 

  559. 

  560.     /**
    561. 

  561.      * Locks a Request during the call to the backend.
    562. 

  562.      *
    563. 

  563.      * @return bool true if the cache entry can be returned even if it is staled, false otherwise
    564. 

  564.      */
    565. 

  565.     protected function lock(Request $request, Response $entry)
    566. 

  566.     {
    567. 

  567.         // try to acquire a lock to call the backend
    568. 

  568.         $lock = $this->store->lock($request);
    569. 

  569. 

  570.         if (true === $lock) {
    571. 

  571.             // we have the lock, call the backend
    572. 

  572.             return false;
    573. 

  573.         }
    574. 

  574. 

  575.         // there is already another process calling the backend
    576. 

  576. 

  577.         // May we serve a stale response?
    578. 

  578.         if ($this->mayServeStaleWhileRevalidate($entry)) {
    579. 

  579.             $this->record($request, 'stale-while-revalidate');
    580. 

  580. 

  581.             return true;
    582. 

  582.         }
    583. 

  583. 

  584.         // wait for the lock to be released
    585. 

  585.         if ($this->waitForLock($request)) {
    586. 

  586.             // replace the current entry with the fresh one
    587. 

  587.             $new = $this->lookup($request);
    588. 

  588.             $entry->headers = $new->headers;
    589. 

  589.             $entry->setContent($new->getContent());
    590. 

  590.             $entry->setStatusCode($new->getStatusCode());
    591. 

  591.             $entry->setProtocolVersion($new->getProtocolVersion());
    592. 

  592.             foreach ($new->headers->getCookies() as $cookie) {
    593. 

  593.                 $entry->headers->setCookie($cookie);
    594. 

  594.             }
    595. 

  595.         } else {
    596. 

  596.             // backend is slow as hell, send a 503 response (to avoid the dog pile effect)
    597. 

  597.             $entry->setStatusCode(503);
    598. 

  598.             $entry->setContent('503 Service Unavailable');
    599. 

  599.             $entry->headers->set('Retry-After', 10);
    600. 

  600.         }
    601. 

  601. 

  602.         return true;
    603. 

  603.     }
    604. 

  604. 

  605.     /**
    606. 

  606.      * Writes the Response to the cache.
    607. 

  607.      *
    608. 

  608.      * @throws \Exception
    609. 

  609.      */
    610. 

  610.     protected function store(Request $request, Response $response)
    611. 

  611.     {
    612. 

  612.         try {
    613. 

  613.             $this->store->write($request, $response);
    614. 

  614. 

  615.             $this->record($request, 'store');
    616. 

  616. 

  617.             $response->headers->set('Age', $response->getAge());
    618. 

  618.         } catch (\Exception $e) {
    619. 

  619.             $this->record($request, 'store-failed');
    620. 

  620. 

  621.             if ($this->options['debug']) {
    622. 

  622.                 throw $e;
    623. 

  623.             }
    624. 

  624.         }
    625. 

  625. 

  626.         // now that the response is cached, release the lock
    627. 

  627.         $this->store->unlock($request);
    628. 

  628.     }
    629. 

  629. 

  630.     /**
    631. 

  631.      * Restores the Response body.
    632. 

  632.      */
    633. 

  633.     private function restoreResponseBody(Request $request, Response $response)
    634. 

  634.     {
    635. 

  635.         if ($response->headers->has('X-Body-Eval')) {
    636. 

  636.             \assert(self::BODY_EVAL_BOUNDARY_LENGTH === 24);
    637. 

  637. 

  638.             ob_start();
    639. 

  639. 

  640.             $content = $response->getContent();
    641. 

  641.             $boundary = substr($content, 0, 24);
    642. 

  642.             $j = strpos($content, $boundary, 24);
    643. 

  643.             echo substr($content, 24, $j - 24);
    644. 

  644.             $i = $j + 24;
    645. 

  645. 

  646.             while (false !== $j = strpos($content, $boundary, $i)) {
    647. 

  647.                 [$uri, $alt, $ignoreErrors, $part] = explode("\n", substr($content, $i, $j - $i), 4);
    648. 

  648.                 $i = $j + 24;
    649. 

  649. 

  650.                 echo $this->surrogate->handle($this, $uri, $alt, $ignoreErrors);
    651. 

  651.                 echo $part;
    652. 

  652.             }
    653. 

  653. 

  654.             $response->setContent(ob_get_clean());
    655. 

  655.             $response->headers->remove('X-Body-Eval');
    656. 

  656.             if (!$response->headers->has('Transfer-Encoding')) {
    657. 

  657.                 $response->headers->set('Content-Length', \strlen($response->getContent()));
    658. 

  658.             }
    659. 

  659.         } elseif ($response->headers->has('X-Body-File')) {
    660. 

  660.             // Response does not include possibly dynamic content (ESI, SSI), so we need
    661. 

  661.             // not handle the content for HEAD requests
    662. 

  662.             if (!$request->isMethod('HEAD')) {
    663. 

  663.                 $response->setContent(file_get_contents($response->headers->get('X-Body-File')));
    664. 

  664.             }
    665. 

  665.         } else {
    666. 

  666.             return;
    667. 

  667.         }
    668. 

  668. 

  669.         $response->headers->remove('X-Body-File');
    670. 

  670.     }
    671. 

  671. 

  672.     protected function processResponseBody(Request $request, Response $response)
    673. 

  673.     {
    674. 

  674.         if (null !== $this->surrogate && $this->surrogate->needsParsing($response)) {
    675. 

  675.             $this->surrogate->process($request, $response);
    676. 

  676.         }
    677. 

  677.     }
    678. 

  678. 

  679.     /**
    680. 

  680.      * Checks if the Request includes authorization or other sensitive information
    681. 

  681.      * that should cause the Response to be considered private by default.
    682. 

  682.      */
    683. 

  683.     private function isPrivateRequest(Request $request): bool
    684. 

  684.     {
    685. 

  685.         foreach ($this->options['private_headers'] as $key) {
    686. 

  686.             $key = strtolower(str_replace('HTTP_', '', $key));
    687. 

  687. 

  688.             if ('cookie' === $key) {
    689. 

  689.                 if (\count($request->cookies->all())) {
    690. 

  690.                     return true;
    691. 

  691.                 }
    692. 

  692.             } elseif ($request->headers->has($key)) {
    693. 

  693.                 return true;
    694. 

  694.             }
    695. 

  695.         }
    696. 

  696. 

  697.         return false;
    698. 

  698.     }
    699. 

  699. 

  700.     /**
    701. 

  701.      * Records that an event took place.
    702. 

  702.      */
    703. 

  703.     private function record(Request $request, string $event)
    704. 

  704.     {
    705. 

  705.         $this->traces[$this->getTraceKey($request)][] = $event;
    706. 

  706.     }
    707. 

  707. 

  708.     /**
    709. 

  709.      * Calculates the key we use in the "trace" array for a given request.
    710. 

  710.      */
    711. 

  711.     private function getTraceKey(Request $request): string
    712. 

  712.     {
    713. 

  713.         $path = $request->getPathInfo();
    714. 

  714.         if ($qs = $request->getQueryString()) {
    715. 

  715.             $path .= '?'.$qs;
    716. 

  716.         }
    717. 

  717. 

  718.         return $request->getMethod().' '.$path;
    719. 

  719.     }
    720. 

  720. 

  721.     /**
    722. 

  722.      * Checks whether the given (cached) response may be served as "stale" when a revalidation
    723. 

  723.      * is currently in progress.
    724. 

  724.      */
    725. 

  725.     private function mayServeStaleWhileRevalidate(Response $entry): bool
    726. 

  726.     {
    727. 

  727.         $timeout = $entry->headers->getCacheControlDirective('stale-while-revalidate');
    728. 

  728. 

  729.         if (null === $timeout) {
    730. 

  730.             $timeout = $this->options['stale_while_revalidate'];
    731. 

  731.         }
    732. 

  732. 

  733.         $age = $entry->getAge();
    734. 

  734.         $maxAge = $entry->getMaxAge() ?? 0;
    735. 

  735.         $ttl = $maxAge - $age;
    736. 

  736. 

  737.         return abs($ttl) < $timeout;
    738. 

  738.     }
    739. 

  739. 

  740.     /**
    741. 

  741.      * Waits for the store to release a locked entry.
    742. 

  742.      */
    743. 

  743.     private function waitForLock(Request $request): bool
    744. 

  744.     {
    745. 

  745.         $wait = 0;
    746. 

  746.         while ($this->store->isLocked($request) && $wait < 100) {
    747. 

  747.             usleep(50000);
    748. 

  748.             ++$wait;
    749. 

  749.         }
    750. 

  750. 

  751.         return $wait < 100;
    752. 

  752.     }
    753. 

  753. }
    754.