4 * This file is part of the Symfony package.
6 * (c) Fabien Potencier <fabien@symfony.com>
8 * This code is partially based on the Rack-Cache library by Ryan Tomayko,
9 * which is released under the MIT license.
10 * (based on commit 02d2b48d75bcb63cf1c0c7149c077ad256542801)
12 * For the full copyright and license information, please view the LICENSE
13 * file that was distributed with this source code.
16 namespace Symfony\Component\HttpKernel\HttpCache;
18 use Symfony\Component\HttpKernel\HttpKernelInterface;
19 use Symfony\Component\HttpKernel\TerminableInterface;
20 use Symfony\Component\HttpFoundation\Request;
21 use Symfony\Component\HttpFoundation\Response;
24 * Cache provides HTTP caching.
26 * @author Fabien Potencier <fabien@symfony.com>
28 class HttpCache implements HttpKernelInterface, TerminableInterface
34 private $surrogateCacheStrategy;
35 private $options = array();
36 private $traces = array();
41 * The available options are:
43 * * debug: If true, the traces are added as a HTTP header to ease debugging
45 * * default_ttl The number of seconds that a cache entry should be considered
46 * fresh when no explicit freshness information is provided in
47 * a response. Explicit Cache-Control or Expires headers
48 * override this value. (default: 0)
50 * * private_headers Set of request headers that trigger "private" cache-control behavior
51 * on responses that don't explicitly state whether the response is
52 * public or private via a Cache-Control directive. (default: Authorization and Cookie)
54 * * allow_reload Specifies whether the client can force a cache reload by including a
55 * Cache-Control "no-cache" directive in the request. Set it to ``true``
56 * for compliance with RFC 2616. (default: false)
58 * * allow_revalidate Specifies whether the client can force a cache revalidate by including
59 * a Cache-Control "max-age=0" directive in the request. Set it to ``true``
60 * for compliance with RFC 2616. (default: false)
62 * * stale_while_revalidate Specifies the default number of seconds (the granularity is the second as the
63 * Response TTL precision is a second) during which the cache can immediately return
64 * a stale response while it revalidates it in the background (default: 2).
65 * This setting is overridden by the stale-while-revalidate HTTP Cache-Control
66 * extension (see RFC 5861).
68 * * stale_if_error Specifies the default number of seconds (the granularity is the second) during which
69 * the cache can serve a stale response when an error is encountered (default: 60).
70 * This setting is overridden by the stale-if-error HTTP Cache-Control extension
73 * @param HttpKernelInterface $kernel An HttpKernelInterface instance
74 * @param StoreInterface $store A Store instance
75 * @param SurrogateInterface $surrogate A SurrogateInterface instance
76 * @param array $options An array of options
78 public function __construct(HttpKernelInterface $kernel, StoreInterface $store, SurrogateInterface $surrogate = null, array $options = array())
80 $this->store = $store;
81 $this->kernel = $kernel;
82 $this->surrogate = $surrogate;
84 // needed in case there is a fatal error because the backend is too slow to respond
85 register_shutdown_function(array($this->store, 'cleanup'));
87 $this->options = array_merge(array(
90 'private_headers' => array('Authorization', 'Cookie'),
91 'allow_reload' => false,
92 'allow_revalidate' => false,
93 'stale_while_revalidate' => 2,
94 'stale_if_error' => 60,
99 * Gets the current store.
101 * @return StoreInterface $store A StoreInterface instance
103 public function getStore()
109 * Returns an array of events that took place during processing of the last request.
111 * @return array An array of events
113 public function getTraces()
115 return $this->traces;
119 * Returns a log message for the events of the last request processing.
121 * @return string A log message
123 public function getLog()
126 foreach ($this->traces as $request => $traces) {
127 $log[] = sprintf('%s: %s', $request, implode(', ', $traces));
130 return implode('; ', $log);
134 * Gets the Request instance associated with the master request.
136 * @return Request A Request instance
138 public function getRequest()
140 return $this->request;
144 * Gets the Kernel instance.
146 * @return HttpKernelInterface An HttpKernelInterface instance
148 public function getKernel()
150 return $this->kernel;
154 * Gets the Surrogate instance.
156 * @return SurrogateInterface A Surrogate instance
158 * @throws \LogicException
160 public function getSurrogate()
162 if (!$this->surrogate instanceof Esi) {
163 throw new \LogicException('This instance of HttpCache was not set up to use ESI as surrogate handler. You must overwrite and use createSurrogate');
166 return $this->surrogate;
170 * Gets the Esi instance.
172 * @return Esi An Esi instance
174 * @throws \LogicException
176 * @deprecated since version 2.6, to be removed in 3.0. Use getSurrogate() instead
178 public function getEsi()
180 @trigger_error('The '.__METHOD__.' method is deprecated since version 2.6 and will be removed in 3.0. Use the getSurrogate() method instead.', E_USER_DEPRECATED);
182 return $this->getSurrogate();
188 public function handle(Request $request, $type = HttpKernelInterface::MASTER_REQUEST, $catch = true)
190 // FIXME: catch exceptions and implement a 500 error page here? -> in Varnish, there is a built-in error page mechanism
191 if (HttpKernelInterface::MASTER_REQUEST === $type) {
192 $this->traces = array();
193 $this->request = $request;
194 if (null !== $this->surrogate) {
195 $this->surrogateCacheStrategy = $this->surrogate->createCacheStrategy();
199 $path = $request->getPathInfo();
200 if ($qs = $request->getQueryString()) {
203 $this->traces[$request->getMethod().' '.$path] = array();
205 if (!$request->isMethodSafe(false)) {
206 $response = $this->invalidate($request, $catch);
207 } elseif ($request->headers->has('expect') || !$request->isMethodCacheable()) {
208 $response = $this->pass($request, $catch);
210 $response = $this->lookup($request, $catch);
213 $this->restoreResponseBody($request, $response);
215 $response->setDate(\DateTime::createFromFormat('U', time(), new \DateTimeZone('UTC')));
217 if (HttpKernelInterface::MASTER_REQUEST === $type && $this->options['debug']) {
218 $response->headers->set('X-Symfony-Cache', $this->getLog());
221 if (null !== $this->surrogate) {
222 if (HttpKernelInterface::MASTER_REQUEST === $type) {
223 $this->surrogateCacheStrategy->update($response);
225 $this->surrogateCacheStrategy->add($response);
229 $response->prepare($request);
231 $response->isNotModified($request);
239 public function terminate(Request $request, Response $response)
241 if ($this->getKernel() instanceof TerminableInterface) {
242 $this->getKernel()->terminate($request, $response);
247 * Forwards the Request to the backend without storing the Response in the cache.
249 * @param Request $request A Request instance
250 * @param bool $catch Whether to process exceptions
252 * @return Response A Response instance
254 protected function pass(Request $request, $catch = false)
256 $this->record($request, 'pass');
258 return $this->forward($request, $catch);
262 * Invalidates non-safe methods (like POST, PUT, and DELETE).
264 * @param Request $request A Request instance
265 * @param bool $catch Whether to process exceptions
267 * @return Response A Response instance
273 protected function invalidate(Request $request, $catch = false)
275 $response = $this->pass($request, $catch);
277 // invalidate only when the response is successful
278 if ($response->isSuccessful() || $response->isRedirect()) {
280 $this->store->invalidate($request);
282 // As per the RFC, invalidate Location and Content-Location URLs if present
283 foreach (array('Location', 'Content-Location') as $header) {
284 if ($uri = $response->headers->get($header)) {
285 $subRequest = Request::create($uri, 'get', array(), array(), array(), $request->server->all());
287 $this->store->invalidate($subRequest);
291 $this->record($request, 'invalidate');
292 } catch (\Exception $e) {
293 $this->record($request, 'invalidate-failed');
295 if ($this->options['debug']) {
305 * Lookups a Response from the cache for the given Request.
307 * When a matching cache entry is found and is fresh, it uses it as the
308 * response without forwarding any request to the backend. When a matching
309 * cache entry is found but is stale, it attempts to "validate" the entry with
310 * the backend using conditional GET. When no matching cache entry is found,
311 * it triggers "miss" processing.
313 * @param Request $request A Request instance
314 * @param bool $catch whether to process exceptions
316 * @return Response A Response instance
320 protected function lookup(Request $request, $catch = false)
322 // if allow_reload and no-cache Cache-Control, allow a cache reload
323 if ($this->options['allow_reload'] && $request->isNoCache()) {
324 $this->record($request, 'reload');
326 return $this->fetch($request, $catch);
330 $entry = $this->store->lookup($request);
331 } catch (\Exception $e) {
332 $this->record($request, 'lookup-failed');
334 if ($this->options['debug']) {
338 return $this->pass($request, $catch);
341 if (null === $entry) {
342 $this->record($request, 'miss');
344 return $this->fetch($request, $catch);
347 if (!$this->isFreshEnough($request, $entry)) {
348 $this->record($request, 'stale');
350 return $this->validate($request, $entry, $catch);
353 $this->record($request, 'fresh');
355 $entry->headers->set('Age', $entry->getAge());
361 * Validates that a cache entry is fresh.
363 * The original request is used as a template for a conditional
364 * GET request with the backend.
366 * @param Request $request A Request instance
367 * @param Response $entry A Response instance to validate
368 * @param bool $catch Whether to process exceptions
370 * @return Response A Response instance
372 protected function validate(Request $request, Response $entry, $catch = false)
374 $subRequest = clone $request;
376 // send no head requests because we want content
377 if ('HEAD' === $request->getMethod()) {
378 $subRequest->setMethod('GET');
381 // add our cached last-modified validator
382 $subRequest->headers->set('if_modified_since', $entry->headers->get('Last-Modified'));
384 // Add our cached etag validator to the environment.
385 // We keep the etags from the client to handle the case when the client
386 // has a different private valid entry which is not cached here.
387 $cachedEtags = $entry->getEtag() ? array($entry->getEtag()) : array();
388 $requestEtags = $request->getETags();
389 if ($etags = array_unique(array_merge($cachedEtags, $requestEtags))) {
390 $subRequest->headers->set('if_none_match', implode(', ', $etags));
393 $response = $this->forward($subRequest, $catch, $entry);
395 if (304 == $response->getStatusCode()) {
396 $this->record($request, 'valid');
398 // return the response and not the cache entry if the response is valid but not cached
399 $etag = $response->getEtag();
400 if ($etag && in_array($etag, $requestEtags) && !in_array($etag, $cachedEtags)) {
404 $entry = clone $entry;
405 $entry->headers->remove('Date');
407 foreach (array('Date', 'Expires', 'Cache-Control', 'ETag', 'Last-Modified') as $name) {
408 if ($response->headers->has($name)) {
409 $entry->headers->set($name, $response->headers->get($name));
415 $this->record($request, 'invalid');
418 if ($response->isCacheable()) {
419 $this->store($request, $response);
426 * Forwards the Request to the backend and determines whether the response should be stored.
428 * This methods is triggered when the cache missed or a reload is required.
430 * @param Request $request A Request instance
431 * @param bool $catch whether to process exceptions
433 * @return Response A Response instance
435 protected function fetch(Request $request, $catch = false)
437 $subRequest = clone $request;
439 // send no head requests because we want content
440 if ('HEAD' === $request->getMethod()) {
441 $subRequest->setMethod('GET');
444 // avoid that the backend sends no content
445 $subRequest->headers->remove('if_modified_since');
446 $subRequest->headers->remove('if_none_match');
448 $response = $this->forward($subRequest, $catch);
450 if ($response->isCacheable()) {
451 $this->store($request, $response);
458 * Forwards the Request to the backend and returns the Response.
460 * @param Request $request A Request instance
461 * @param bool $catch Whether to catch exceptions or not
462 * @param Response $entry A Response instance (the stale entry if present, null otherwise)
464 * @return Response A Response instance
466 protected function forward(Request $request, $catch = false, Response $entry = null)
468 if ($this->surrogate) {
469 $this->surrogate->addSurrogateCapability($request);
472 // modify the X-Forwarded-For header if needed
473 $forwardedFor = $request->headers->get('X-Forwarded-For');
475 $request->headers->set('X-Forwarded-For', $forwardedFor.', '.$request->server->get('REMOTE_ADDR'));
477 $request->headers->set('X-Forwarded-For', $request->server->get('REMOTE_ADDR'));
480 // fix the client IP address by setting it to 127.0.0.1 as HttpCache
481 // is always called from the same process as the backend.
482 $request->server->set('REMOTE_ADDR', '127.0.0.1');
484 // make sure HttpCache is a trusted proxy
485 if (!in_array('127.0.0.1', $trustedProxies = Request::getTrustedProxies())) {
486 $trustedProxies[] = '127.0.0.1';
487 Request::setTrustedProxies($trustedProxies);
490 // always a "master" request (as the real master request can be in cache)
491 $response = $this->kernel->handle($request, HttpKernelInterface::MASTER_REQUEST, $catch);
492 // FIXME: we probably need to also catch exceptions if raw === true
494 // we don't implement the stale-if-error on Requests, which is nonetheless part of the RFC
495 if (null !== $entry && in_array($response->getStatusCode(), array(500, 502, 503, 504))) {
496 if (null === $age = $entry->headers->getCacheControlDirective('stale-if-error')) {
497 $age = $this->options['stale_if_error'];
500 if (abs($entry->getTtl()) < $age) {
501 $this->record($request, 'stale-if-error');
507 $this->processResponseBody($request, $response);
509 if ($this->isPrivateRequest($request) && !$response->headers->hasCacheControlDirective('public')) {
510 $response->setPrivate();
511 } elseif ($this->options['default_ttl'] > 0 && null === $response->getTtl() && !$response->headers->getCacheControlDirective('must-revalidate')) {
512 $response->setTtl($this->options['default_ttl']);
519 * Checks whether the cache entry is "fresh enough" to satisfy the Request.
521 * @param Request $request A Request instance
522 * @param Response $entry A Response instance
524 * @return bool true if the cache entry if fresh enough, false otherwise
526 protected function isFreshEnough(Request $request, Response $entry)
528 if (!$entry->isFresh()) {
529 return $this->lock($request, $entry);
532 if ($this->options['allow_revalidate'] && null !== $maxAge = $request->headers->getCacheControlDirective('max-age')) {
533 return $maxAge > 0 && $maxAge >= $entry->getAge();
540 * Locks a Request during the call to the backend.
542 * @param Request $request A Request instance
543 * @param Response $entry A Response instance
545 * @return bool true if the cache entry can be returned even if it is staled, false otherwise
547 protected function lock(Request $request, Response $entry)
549 // try to acquire a lock to call the backend
550 $lock = $this->store->lock($request);
552 // there is already another process calling the backend
553 if (true !== $lock) {
554 // check if we can serve the stale entry
555 if (null === $age = $entry->headers->getCacheControlDirective('stale-while-revalidate')) {
556 $age = $this->options['stale_while_revalidate'];
559 if (abs($entry->getTtl()) < $age) {
560 $this->record($request, 'stale-while-revalidate');
562 // server the stale response while there is a revalidation
566 // wait for the lock to be released
568 while ($this->store->isLocked($request) && $wait < 5000000) {
573 if ($wait < 5000000) {
574 // replace the current entry with the fresh one
575 $new = $this->lookup($request);
576 $entry->headers = $new->headers;
577 $entry->setContent($new->getContent());
578 $entry->setStatusCode($new->getStatusCode());
579 $entry->setProtocolVersion($new->getProtocolVersion());
580 foreach ($new->headers->getCookies() as $cookie) {
581 $entry->headers->setCookie($cookie);
584 // backend is slow as hell, send a 503 response (to avoid the dog pile effect)
585 $entry->setStatusCode(503);
586 $entry->setContent('503 Service Unavailable');
587 $entry->headers->set('Retry-After', 10);
593 // we have the lock, call the backend
598 * Writes the Response to the cache.
600 * @param Request $request A Request instance
601 * @param Response $response A Response instance
605 protected function store(Request $request, Response $response)
607 if (!$response->headers->has('Date')) {
608 $response->setDate(\DateTime::createFromFormat('U', time()));
611 $this->store->write($request, $response);
613 $this->record($request, 'store');
615 $response->headers->set('Age', $response->getAge());
616 } catch (\Exception $e) {
617 $this->record($request, 'store-failed');
619 if ($this->options['debug']) {
624 // now that the response is cached, release the lock
625 $this->store->unlock($request);
629 * Restores the Response body.
631 * @param Request $request A Request instance
632 * @param Response $response A Response instance
634 private function restoreResponseBody(Request $request, Response $response)
636 if ($request->isMethod('HEAD') || 304 === $response->getStatusCode()) {
637 $response->setContent(null);
638 $response->headers->remove('X-Body-Eval');
639 $response->headers->remove('X-Body-File');
644 if ($response->headers->has('X-Body-Eval')) {
647 if ($response->headers->has('X-Body-File')) {
648 include $response->headers->get('X-Body-File');
650 eval('; ?>'.$response->getContent().'<?php ;');
653 $response->setContent(ob_get_clean());
654 $response->headers->remove('X-Body-Eval');
655 if (!$response->headers->has('Transfer-Encoding')) {
656 $response->headers->set('Content-Length', strlen($response->getContent()));
658 } elseif ($response->headers->has('X-Body-File')) {
659 $response->setContent(file_get_contents($response->headers->get('X-Body-File')));
664 $response->headers->remove('X-Body-File');
667 protected function processResponseBody(Request $request, Response $response)
669 if (null !== $this->surrogate && $this->surrogate->needsParsing($response)) {
670 $this->surrogate->process($request, $response);
675 * Checks if the Request includes authorization or other sensitive information
676 * that should cause the Response to be considered private by default.
678 * @param Request $request A Request instance
680 * @return bool true if the Request is private, false otherwise
682 private function isPrivateRequest(Request $request)
684 foreach ($this->options['private_headers'] as $key) {
685 $key = strtolower(str_replace('HTTP_', '', $key));
687 if ('cookie' === $key) {
688 if (count($request->cookies->all())) {
691 } elseif ($request->headers->has($key)) {
700 * Records that an event took place.
702 * @param Request $request A Request instance
703 * @param string $event The event name
705 private function record(Request $request, $event)
707 $path = $request->getPathInfo();
708 if ($qs = $request->getQueryString()) {
711 $this->traces[$request->getMethod().' '.$path][] = $event;