New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Advanced ETag Comparison now supported #3015
Conversation
sha-256 digest set when file is written to system
Introduced new streamFile method which allows for advancedETag comparison. Deprecated the old one.
Updates to remove deprecated warnings by using the new streamFile() method. Also removed some other deprecation warnings.
The pipeline indicates an API breakage, however, I don't really see one since the newly added parameter to |
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## main #3015 +/- ##
==========================================
+ Coverage 76.86% 77.45% +0.58%
==========================================
Files 211 211
Lines 8119 7802 -317
==========================================
- Hits 6241 6043 -198
+ Misses 1878 1759 -119
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for this! Here are my initial review comments
@0xTim one of the pipelines fails because some of the sendable stuff that was recently added |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ok this looks good once #3000 lands. I'll do a final review before merging
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sorry for the delay in reviewing this! I have a few questions now I've looked at this with a fresh set of eyes, but I think we're almost there
I will look at this as soon as I can. Pretty covered up in work now, but I'll get there! |
- adjusted faulty comment - access storage directly to avoid concurrent overwrites of the entire storage
@0xTim applied your feedback - please have a look. I've noticed that the now deprecated Cheer for the review 🎉 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
One query then good to go I think
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM - @gwynne any last thoughts?
Guys, did I not understand something? We use The new version of the So our Of course, I understand that in order to take a hash from the contents of a file, it needs to be read into memory, but I am afraid that this innovation “slightly” changes the default behavior of the I also understand that Vapor must be able to generate It seems to me that it would be worth doing two things:
|
In addition, one more point needs to be mentioned. The new
It is quite obvious that with the new Therefore, I would not say that deprecation of the old method is generally possible. The new method is not an equivalent improved replacement, it has its own area of use, it cannot replace the old one. |
Well, we can probably also mention that the new method imposes on me, as a developer, the use of a specific method of generating ETag, namely In my opinion, using the strong cryptographic function SHA256 for this purpose is redundant. I would use some non-cryptographic function (after all, we don’t need cryptographic strength here), for example, I am not going to argue that it is necessary to use To summarize the above, I would say this: if I personally ever need to generate an ETag for the content being streamed, I will not use the new method for this because it does not suit me. I will write my own implementation of ETag generation, my own storage location, choose a convenient moment when the ETag will be generated and stored somewhere, create my own HTTP headers. And for this I, among other things, will need an old method that is prematurely marked as deprecated. |
You are right in that the file is loaded into memory - however, just once. After the hash is generated, it is cached and future requests for that file will not load the entire file into memory. I agree with you though that this is different to the original Additionally, could you please elaborate on the issue with the response headers? I believe you can still use That being said, @0xTim what's your opinion on this? I'm happy to go over it again :) |
Well, my server with 2GB of memory will not benefit from the fact that a 10GB file will be loaded into memory only once. To be honest, I am somewhat shocked by the “you can’t do this, but if you only do it once, then you can” approach. Nope. I disagree. If we can't, then we can't. I would like to draw your attention to the most important and obvious point among everything: we use the We use it when we have reasons to do so. We intentionally use the Your edit negates the difference between the two. If you need a more detailed explanation of my thoughts, here it is: There may be cases where we can neglect the fact that the entire file is loaded into memory. When can we neglect it? In cases where the file is small. But in these cases, most likely, we will not use the But when the And when it comes to really large files that we would not like to give to the client twice without any need, then in this case we would take some special actions to generate the ETag in advance, in the background or by a separate service values and place it in some store. I assure you that even if my server has 128GB of RAM, I will never want to load a 10GB file into memory like this, on the fly, at the time of processing a request. This is completely unacceptable. To be honest, I don't understand in what cases the new The new version of the |
Most likely not, but I'll check it a bit later, re-installing Xcode right now. :) |
@linus-hologram You are right, I checked, we can "stack" multiple |
@linus-hologram I think that release 4.93.2 is optimal, providing a default solution, but at the same time leaving the developer the freedom to choose his own implementation option. Thanks! |
* main: Patch configuration and log actual port on startup (vapor#3160) Update provider tests to 5.10 (vapor#3178) Migrate to Async NIOFileIO APIs (vapor#3167) Removed streamFile deprecation + deactivated advancedETagComparison by default (vapor#3177) Remove HeadResponder (vapor#3147) Advanced ETag Comparison now supported (vapor#3015) Enabled Request Decompression By Default (vapor#3175) HTTP2 Response Compression/Request Decompression (vapor#3126) Don't set ignore status for SIGTERM and SIGINT on Linux (vapor#3174) Fix typos across the codebase (vapor#3162) Fix some Sendable warnings on 5.10 (vapor#3158) Allow `HTTPServer`'s configuration to be dynamically updatable (vapor#3132) Fix issue when client disconnects midway through a stream (vapor#3102) Fix handling of "flag" URL query params (vapor#3151) Bump the dependencies group with 1 update (vapor#3148) Merge Async Tests (vapor#3141) Fix URI handling with multiple slashes and variable components. (vapor#3143) Fix broken URI behaviors (vapor#3140) # Conflicts: # Package.swift
These changes are now available in 4.93.0
Vapor now supports strong (byte-by-byte) ETag validation and caches ETags for rapid responses. This provides a stronger alternative to the current weak comparison, which only guarantees semantic file equivalence. This new strong comparison is enabled by default and can be deactivated during
FileMiddleware
initialization if needed. This PR closes #2948.streamFile
method was deprecated and replaced by an alternative returning anEventLoopFuture