You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@shindig.apache.org by be...@apache.org on 2008/07/29 21:05:07 UTC
svn commit: r680804 - in /incubator/shindig/trunk/java/gadgets/src:
main/java/org/apache/shindig/gadgets/http/HttpResponse.java
main/java/org/apache/shindig/gadgets/oauth/OAuthFetcher.java
test/java/org/apache/shindig/gadgets/http/HttpResponseTest.java
Author: beaton
Date: Tue Jul 29 12:05:06 2008
New Revision: 680804
URL: http://svn.apache.org/viewvc?rev=680804&view=rev
Log:
Ignore cache-control headers for most error responses (e.g. 404s, 500s), but
accept them for error responses that are likely to have sane cache-control
headers (e.g. 401s, 403s.)
Modified:
incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/http/HttpResponse.java
incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/OAuthFetcher.java
incubator/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/http/HttpResponseTest.java
Modified: incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/http/HttpResponse.java
URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/http/HttpResponse.java?rev=680804&r1=680803&r2=680804&view=diff
==============================================================================
--- incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/http/HttpResponse.java (original)
+++ incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/http/HttpResponse.java Tue Jul 29 12:05:06 2008
@@ -49,12 +49,17 @@
public class HttpResponse {
// Replicate HTTP status codes here.
public final static int SC_OK = 200;
+ public final static int SC_UNAUTHORIZED = 401;
+ public final static int SC_FORBIDDEN = 403;
public final static int SC_NOT_FOUND = 404;
public final static int SC_INTERNAL_SERVER_ERROR = 500;
public final static int SC_TIMEOUT = 504;
private final static Set<String> BINARY_CONTENT_TYPES = new HashSet<String>(Arrays.asList(
"image/jpeg", "image/png", "image/gif", "image/jpg", "application/x-shockwave-flash"
));
+
+ private final static Set<Integer> CACHE_CONTROL_OK_STATUS_CODES = new HashSet<Integer>(
+ Arrays.asList(SC_OK, SC_UNAUTHORIZED, SC_FORBIDDEN));
// TTL to use when an error response is fetched. This should be non-zero to
// avoid high rates of requests to bad urls in high-traffic situations.
@@ -345,12 +350,16 @@
* @return consolidated cache expiration time or -1
*/
public long getCacheExpiration() {
+ // We intentionally ignore cache-control headers for most HTTP error responses, because if
+ // we don't we end up hammering sites that have gone down with lots of requests. Proper
+ // support for caching of OAuth responses is more complex, for that we have to respect
+ // cache-control headers for 401s and 403s.
+ if (!CACHE_CONTROL_OK_STATUS_CODES.contains(httpStatusCode)) {
+ return getDate() + negativeCacheTtl;
+ }
if (isStrictNoCache()) {
return -1;
}
- if (httpStatusCode != SC_OK) {
- return getDate() + negativeCacheTtl;
- }
long maxAge = getCacheControlMaxAge();
if (maxAge != -1) {
return getDate() + maxAge;
Modified: incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/OAuthFetcher.java
URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/OAuthFetcher.java?rev=680804&r1=680803&r2=680804&view=diff
==============================================================================
--- incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/OAuthFetcher.java (original)
+++ incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/OAuthFetcher.java Tue Jul 29 12:05:06 2008
@@ -306,7 +306,7 @@
e.printStackTrace(printer);
printer.flush();
errorText = errorBuf.toString();
- return buildNonDataResponse();
+ return buildNonDataResponse(403);
}
private boolean handleProtocolException(
@@ -589,11 +589,11 @@
}
private HttpResponse buildOAuthApprovalResponse() {
- return buildNonDataResponse();
+ return buildNonDataResponse(200);
}
- private HttpResponse buildNonDataResponse() {
- HttpResponse response = new HttpResponse(0, null, null);
+ private HttpResponse buildNonDataResponse(int status) {
+ HttpResponse response = new HttpResponse(status, null, null);
addResponseMetadata(response);
response.setNoCache();
return response;
Modified: incubator/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/http/HttpResponseTest.java
URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/http/HttpResponseTest.java?rev=680804&r1=680803&r2=680804&view=diff
==============================================================================
--- incubator/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/http/HttpResponseTest.java (original)
+++ incubator/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/http/HttpResponseTest.java Tue Jul 29 12:05:06 2008
@@ -254,6 +254,29 @@
HttpResponse response = new HttpResponse(401, UTF8_DATA, null);
response.setNoCache();
assertEquals(-1, response.getCacheTtl());
+
+ response = new HttpResponse(403, UTF8_DATA, null);
+ response.setNoCache();
+ assertEquals(-1, response.getCacheTtl());
+
+ response = new HttpResponse(200, UTF8_DATA, null);
+ response.setNoCache();
+ assertEquals(-1, response.getCacheTtl());
+
+ response = new HttpResponse(302, UTF8_DATA, null);
+ response.setNoCache();
+ long ttl = response.getCacheTtl();
+ assertTrue(ttl <= HttpResponse.DEFAULT_TTL && ttl > 0);
+
+ response = new HttpResponse(404, UTF8_DATA, null);
+ response.setNoCache();
+ ttl = response.getCacheTtl();
+ assertTrue(ttl <= HttpResponse.DEFAULT_TTL && ttl > 0);
+
+ response = new HttpResponse(500, UTF8_DATA, null);
+ response.setNoCache();
+ ttl = response.getCacheTtl();
+ assertTrue(ttl <= HttpResponse.DEFAULT_TTL && ttl > 0);
}
public void testSetNoCache() {