$trxProfiler = Profiler::instance()->getTransactionProfiler();
if ( $request->wasPosted() && !$action->doesWrites() ) {
$trxProfiler->setExpectations( $trxLimits['POST-nonwrite'], __METHOD__ );
+ $request->markAsSafeRequest();
}
# Let CDN cache things if we can purge them.
$request->response()->header( "X-Database-Lagged: true" );
wfDebugLog( 'replication', "Lagged DB used; CDN cache TTL limited to $maxAge seconds" );
}
+
+ // Avoid long-term cache pollution due to message cache rebuild timeouts (T133069)
+ if ( MessageCache::singleton()->isDisabled() ) {
+ $maxAge = $config->get( 'CdnMaxageSubstitute' );
+ $context->getOutput()->lowerCdnMaxage( $maxAge );
+ $request->response()->header( "X-Response-Substitute: true" );
+ }
}
/**
$trxLimits = $this->config->get( 'TrxProfilerLimits' );
$trxProfiler = Profiler::instance()->getTransactionProfiler();
$trxProfiler->setLogger( LoggerFactory::getInstance( 'DBPerformance' ) );
- if ( $request->wasPosted() ) {
- $trxProfiler->setExpectations( $trxLimits['POST'], __METHOD__ );
- } else {
+ if ( $request->hasSafeMethod() ) {
$trxProfiler->setExpectations( $trxLimits['GET'], __METHOD__ );
+ } else {
+ $trxProfiler->setExpectations( $trxLimits['POST'], __METHOD__ );
}
// If the user has forceHTTPS set to true, or if the user
// isLoggedIn() will do all sorts of weird stuff.
if (
$request->getProtocol() == 'http' &&
+ // switch to HTTPS only when supported by the server
+ preg_match( '#^https://#', wfExpandUrl( $request->getRequestURL(), PROTO_HTTPS ) ) &&
(
$request->getSession()->shouldForceHTTPS() ||
// Check the cookie manually, for paranoia
dépôts / lhc / web / wiklou.git / blobdiff