Page MenuHomePhabricator
Create Task
Maniphest T92545

thumb.php should not return HTTP 200 when streaming the file fails
Closed, ResolvedPublic0 Estimated Story Points
Actions

Description

thumb.php ignores the return status of MediaTransformOutput::streamFile() and/or FileRepo::streamFile() and returns a normal HTTP status even if the file could not be streamed, which results in Varnish caching the error. It should return 503 instead.

Details

ProjectBranchLines +/-Subject
mediawiki/coremaster+9 -2Return HTTP 500 not 200 from thumb.php when streaming fails
Customize query in gerrit

Related Objects

Event Timeline

Tgr created this task.Mar 12 2015, 7:08 PM
Tgr claimed this task.
Tgr raised the priority of this task from to Needs Triage.
Tgr updated the task description. (Show Details)
Tgr added a project: MediaWiki-File-management.
Tgr added a subscriber: Tgr.
Restricted Application added a project: Multimedia. · View Herald TranscriptMar 12 2015, 7:08 PM
Restricted Application added a subscriber: Aklapper. · View Herald Transcript
Tgr triaged this task as High priority.Mar 12 2015, 7:08 PM
Tgr mentioned this in T92529: http://commons.wikimedia.org/wiki/File:Trie_example.svg causes 503 Service Unavailable.
Tgr added a project: Incident-20150312-whitespace.Mar 12 2015, 7:13 PM
Tgr added a project: Multimedia-Sprint-2015-03-11.Mar 12 2015, 9:26 PM
Tgr set Security to None.
Tgr edited a custom field.
gerritbot added a subscriber: gerritbot.Mar 12 2015, 10:53 PM

Change 196469 had a related patch set uploaded (by Gergő Tisza):
Return HTTP 500 not 200 from thumb.php when streaming fails

https://gerrit.wikimedia.org/r/196469

gerritbot added a project: Patch-For-Review.Mar 12 2015, 10:53 PM
Tgr moved this task from Backlog to Needs code review on the Multimedia-Sprint-2015-03-11 board.Mar 13 2015, 12:27 AM
Tgr added a comment.EditedMar 13 2015, 12:53 AM

Per Timo's comment on the patchset, the streamFile calls in img_auth.php, SpecialUndelete#showFile, SpecialRevisiondelete#tryShowFile and SpecialUploadStash#outputLocalFile should be handled similarly. (Also, if we are going to touch all streamFile calls, it should probably be changed to return the Status object so the error messages can be more informative.) Less of a priority though, those can't get cached.

update: split to T92903

MZMcBride added a subscriber: MZMcBride.Mar 13 2015, 1:07 AM
gerritbot added a comment.Mar 13 2015, 8:44 AM

Change 196469 merged by jenkins-bot:
Return HTTP 500 not 200 from thumb.php when streaming fails

https://gerrit.wikimedia.org/r/196469

Tgr mentioned this in rMW9859521e78c5: Return HTTP 500 not 200 from thumb.php when streaming fails.Mar 13 2015, 8:44 AM
Tgr moved this task from Needs code review to Needs backport on the Multimedia-Sprint-2015-03-11 board.Mar 16 2015, 7:50 PM
Tgr mentioned this in T92903: Return status from streamFile.Mar 16 2015, 9:08 PM
Tgr moved this task from Needs backport to Ready for testing on the Multimedia-Sprint-2015-03-11 board.Mar 17 2015, 9:04 PM
Gilles added a subscriber: Gilles.Mar 18 2015, 9:10 AM

Any idea how we could test this?

Gilles edited projects, added Multimedia-Sprint-2015-03-18; removed Multimedia-Sprint-2015-03-11.Mar 18 2015, 4:14 PM
Gilles moved this task from Backlog to Ready for testing on the Multimedia-Sprint-2015-03-18 board.Mar 18 2015, 4:17 PM
Tgr added a comment.Mar 18 2015, 10:02 PM

Just break MediaTransformOutput::streamFile() and/or FileRepo::streamFile() and make them return false. The first should affect newly created thumbnails (on a wiki using a 404 handler)- The second, I am not sure; I think it only happens on Swift (or similard shared-storage backends), but you can simulate it by calling thumb.php directly for an existing non-thumbnail file (/w/thumb.php?f=<title> should do it).

Gilles closed this task as Resolved.Mar 25 2015, 3:12 PM

I meant testing in production, but that seems a bit far-fetched seeing that locally modifying the code is needed.

Content licensed under Creative Commons Attribution-ShareAlike 3.0 (CC-BY-SA) unless otherwise noted; code licensed under GNU General Public License (GPL) or other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL