Page MenuHomePhabricator

Dedicated post-edit cache busting cookie to prevent stale reads (session consistency)
Open, LowPublic

Description

With things like ChronologyProtector, we try to avoid having users make edits and then not see their own changes (often happening in redirects on the order of a few 100ms). This works well if no CDN caching applies to the URLs. When it does, the purges can suffer race conditions, such as:
a) The purge didn't make it in time (this should be rare with the udp htcp system, but you never know)
b) The purge made it but a read from a lagged slave by *another* user replaced the cache will a stale one

These are accidentally mitigated by things like SubmitAction setting a session on post, so that anons bypass CDN cache (for months). Logged in users already bypass CDN cache. However, the documented point of that was to make talk pages notices show, and it lasts for way too long just to avoid race conditions for purges. We should use an explicit cookie for that purpose. At the moment, it would be set exactly when the UseDC: cookie is set (maybe we can co-opt that one, but that seems sloppy IMO).

See also: T91820: Create HTTP verb and sticky cookie DC routing in VCL

Event Timeline

aaron created this task.Dec 14 2015, 8:25 PM
aaron raised the priority of this task from to Needs Triage.
aaron updated the task description. (Show Details)
aaron added subscribers: ori, Aklapper, aaron.
Restricted Application added a subscriber: StudiesWorld. · View Herald TranscriptDec 14 2015, 8:25 PM
ori triaged this task as Low priority.Dec 21 2015, 7:57 PM
ori added a project: Availability.
ori set Security to None.
ori removed a subscriber: StudiesWorld.
aaron claimed this task.Dec 23 2015, 7:12 PM

Change 260797 had a related patch set uploaded (by Aaron Schulz):
Use dedicated cookie for skipping CDN cache after initiating DB changes

https://gerrit.wikimedia.org/r/260797

Change 260797 merged by jenkins-bot:
Use dedicated cookie for skipping CDN cache after initiating DB changes

https://gerrit.wikimedia.org/r/260797

aaron added a comment.Aug 11 2016, 5:16 PM

The next part is to add VCL for this cookie.

aaron removed aaron as the assignee of this task.Feb 18 2017, 1:41 AM
aaron removed a subscriber: aaron.
aaron added a subscriber: aaron.
Krinkle updated the task description. (Show Details)May 5 2017, 3:31 AM

@BBlack Is this something that Traffic could take on? (Specifically, the VCL part -- the rest is already done.)