discourse/lib/hijack.rb

# frozen_string_literal: true

require_dependency 'method_profiler'

# This module allows us to hijack a request and send it to the client in the deferred job queue
# For cases where we are making remote calls like onebox or proxying files and so on this helps
# free up a unicorn worker while the remote IO is happening
module Hijack

  def hijack(&blk)
    controller_class = self.class

    if hijack = request.env['rack.hijack']

      request.env['discourse.request_tracker.skip'] = true
      request_tracker = request.env['discourse.request_tracker']

      # in the past unicorn would recycle env, this is not longer the case
      env = request.env
      request_copy = ActionDispatch::Request.new(env)

      transfer_timings = MethodProfiler.transfer

      io = hijack.call

      original_headers = response.headers

      Scheduler::Defer.later("hijack #{params["controller"]} #{params["action"]}") do

        MethodProfiler.start(transfer_timings)
        begin
          Thread.current[Logster::Logger::LOGSTER_ENV] = env
          # do this first to confirm we have a working connection
          # before doing any work
          io.write "HTTP/1.1 "

          # this trick avoids double render, also avoids any litter that the controller hooks
          # place on the response
          instance = controller_class.new
          response = ActionDispatch::Response.new
          instance.response = response

          instance.request = request_copy
          original_headers&.each do |k, v|
            # hash special handling so skip
            if k != "Cache-Control"
              instance.response.headers[k] = v
            end
          end

          begin
            instance.instance_eval(&blk)
          rescue => e
            # TODO we need to reuse our exception handling in ApplicationController
            Discourse.warn_exception(e, message: "Failed to process hijacked response correctly", env: env)
          end

          unless instance.response_body || response.committed?
            instance.status = 500
          end

          response.commit!

          body = response.body

          headers = response.headers
          # add cors if needed
          if cors_origins = env[Discourse::Cors::ORIGINS_ENV]
            Discourse::Cors.apply_headers(cors_origins, env, headers)
          end

          headers['Content-Length'] = body.bytesize
          headers['Content-Type'] = response.content_type || "text/plain"
          headers['Connection'] = "close"

          status_string = Rack::Utils::HTTP_STATUS_CODES[response.status.to_i] || "Unknown"
          io.write "#{response.status} #{status_string}\r\n"

          timings = MethodProfiler.stop
          if timings && duration = timings[:total_duration]
            headers["X-Runtime"] = "#{"%0.6f" % duration}"
          end

          headers.each do |name, val|
            io.write "#{name}: #{val}\r\n"
          end

          io.write "\r\n"
          io.write body
        rescue Errno::EPIPE, IOError
          # happens if client terminated before we responded, ignore
          io = nil
        ensure
          MethodProfiler.clear
          Thread.current[Logster::Logger::LOGSTER_ENV] = nil

          io.close if io rescue nil

          if request_tracker
            status = response.status rescue 500
            request_tracker.log_request_info(env, [status, headers || {}, []], timings)
          end
        end
      end
      # not leaked out, we use 418 ... I am a teapot to denote that we are hijacked
      render plain: "", status: 418
    else
      blk.call
    end
  end
end
PERF: hijack onebox requests so they do not use up a unicorn worker 2017-11-23 23:31:23 -05:00			`# frozen_string_literal: true`

PERF: run post timings in background This means that if a very large amount of registered users hit a single topic we will handle it gracefully, even if db gets slow. 2018-01-18 16:26:18 -05:00			`require_dependency 'method_profiler'`

PERF: hijack onebox requests so they do not use up a unicorn worker 2017-11-23 23:31:23 -05:00			`# This module allows us to hijack a request and send it to the client in the deferred job queue`
			`# For cases where we are making remote calls like onebox or proxying files and so on this helps`
			`# free up a unicorn worker while the remote IO is happening`
			`module Hijack`
favicon proxy now uses hijack 2017-11-26 22:50:57 -05:00
PERF: hijack onebox requests so they do not use up a unicorn worker 2017-11-23 23:31:23 -05:00			`def hijack(&blk)`
FEATURE: avatar proxy happens in background This ensures that even if it is slow to download avatars site will continue to work Also simplifies hijack pattern 2017-11-27 01:43:24 -05:00			`controller_class = self.class`
FIX: displaying wrong avatar and letter avatar correct regression where params and env is reused in production 2017-11-27 17:28:40 -05:00
PERF: hijack onebox requests so they do not use up a unicorn worker 2017-11-23 23:31:23 -05:00			`if hijack = request.env['rack.hijack']`

Correctly track hijacked requests 2017-11-28 00:47:20 -05:00			`request.env['discourse.request_tracker.skip'] = true`
			`request_tracker = request.env['discourse.request_tracker']`

PERF: run post timings in background This means that if a very large amount of registered users hit a single topic we will handle it gracefully, even if db gets slow. 2018-01-18 16:26:18 -05:00			`# in the past unicorn would recycle env, this is not longer the case`
			`env = request.env`
			`request_copy = ActionDispatch::Request.new(env)`
Correctly track hijacked requests 2017-11-28 00:47:20 -05:00
PERF: run post timings in background This means that if a very large amount of registered users hit a single topic we will handle it gracefully, even if db gets slow. 2018-01-18 16:26:18 -05:00			`transfer_timings = MethodProfiler.transfer`
Correctly track hijacked requests 2017-11-28 00:47:20 -05:00
improve instrumentation and defer hijacking till last moment 2017-11-28 02:21:45 -05:00			`io = hijack.call`

FIX: ensure proper header transfer (except for cache control) allows discourse special headers to be visible on hijacked reqs 2018-01-20 22:26:42 -05:00			`original_headers = response.headers`

improve instrumentation and defer hijacking till last moment 2017-11-28 02:21:45 -05:00			`Scheduler::Defer.later("hijack #{params["controller"]} #{params["action"]}") do`
PERF: hijack onebox requests so they do not use up a unicorn worker 2017-11-23 23:31:23 -05:00
PERF: run post timings in background This means that if a very large amount of registered users hit a single topic we will handle it gracefully, even if db gets slow. 2018-01-18 16:26:18 -05:00			`MethodProfiler.start(transfer_timings)`
PERF: hijack onebox requests so they do not use up a unicorn worker 2017-11-23 23:31:23 -05:00			`begin`
PERF: run post timings in background This means that if a very large amount of registered users hit a single topic we will handle it gracefully, even if db gets slow. 2018-01-18 16:26:18 -05:00			`Thread.current[Logster::Logger::LOGSTER_ENV] = env`
PERF: hijack onebox requests so they do not use up a unicorn worker 2017-11-23 23:31:23 -05:00			`# do this first to confirm we have a working connection`
			`# before doing any work`
			`io.write "HTTP/1.1 "`

FEATURE: avatar proxy happens in background This ensures that even if it is slow to download avatars site will continue to work Also simplifies hijack pattern 2017-11-27 01:43:24 -05:00			`# this trick avoids double render, also avoids any litter that the controller hooks`
			`# place on the response`
			`instance = controller_class.new`
			`response = ActionDispatch::Response.new`
			`instance.response = response`
FIX: Handle more cases where HTTP status is not correct HTTP status was not correct with send_file which uses streaming 2017-11-27 18:59:53 -05:00
FIX: displaying wrong avatar and letter avatar correct regression where params and env is reused in production 2017-11-27 17:28:40 -05:00			`instance.request = request_copy`
FIX: ensure proper header transfer (except for cache control) allows discourse special headers to be visible on hijacked reqs 2018-01-20 22:26:42 -05:00			`original_headers&.each do \|k, v\|`
			`# hash special handling so skip`
			`if k != "Cache-Control"`
			`instance.response.headers[k] = v`
			`end`
			`end`
FEATURE: avatar proxy happens in background This ensures that even if it is slow to download avatars site will continue to work Also simplifies hijack pattern 2017-11-27 01:43:24 -05:00
PERF: hijack onebox requests so they do not use up a unicorn worker 2017-11-23 23:31:23 -05:00			`begin`
FEATURE: avatar proxy happens in background This ensures that even if it is slow to download avatars site will continue to work Also simplifies hijack pattern 2017-11-27 01:43:24 -05:00			`instance.instance_eval(&blk)`
PERF: hijack onebox requests so they do not use up a unicorn worker 2017-11-23 23:31:23 -05:00			`rescue => e`
Improve error handling in hijacked code 2017-12-01 00:23:21 -05:00			`# TODO we need to reuse our exception handling in ApplicationController`
PERF: run post timings in background This means that if a very large amount of registered users hit a single topic we will handle it gracefully, even if db gets slow. 2018-01-18 16:26:18 -05:00			`Discourse.warn_exception(e, message: "Failed to process hijacked response correctly", env: env)`
PERF: hijack onebox requests so they do not use up a unicorn worker 2017-11-23 23:31:23 -05:00			`end`

FIX: Handle more cases where HTTP status is not correct HTTP status was not correct with send_file which uses streaming 2017-11-27 18:59:53 -05:00			`unless instance.response_body \|\| response.committed?`
FEATURE: avatar proxy happens in background This ensures that even if it is slow to download avatars site will continue to work Also simplifies hijack pattern 2017-11-27 01:43:24 -05:00			`instance.status = 500`
			`end`

			`response.commit!`

			`body = response.body`

			`headers = response.headers`
FIX: handle CORS in hijacked requests 2017-12-06 18:30:50 -05:00			`# add cors if needed`
PERF: run post timings in background This means that if a very large amount of registered users hit a single topic we will handle it gracefully, even if db gets slow. 2018-01-18 16:26:18 -05:00			`if cors_origins = env[Discourse::Cors::ORIGINS_ENV]`
			`Discourse::Cors.apply_headers(cors_origins, env, headers)`
FIX: handle CORS in hijacked requests 2017-12-06 18:30:50 -05:00			`end`

FEATURE: avatar proxy happens in background This ensures that even if it is slow to download avatars site will continue to work Also simplifies hijack pattern 2017-11-27 01:43:24 -05:00			`headers['Content-Length'] = body.bytesize`
			`headers['Content-Type'] = response.content_type \|\| "text/plain"`
favicon proxy now uses hijack 2017-11-26 22:50:57 -05:00			`headers['Connection'] = "close"`

PERF: run post timings in background This means that if a very large amount of registered users hit a single topic we will handle it gracefully, even if db gets slow. 2018-01-18 16:26:18 -05:00			`status_string = Rack::Utils::HTTP_STATUS_CODES[response.status.to_i] \|\| "Unknown"`
			`io.write "#{response.status} #{status_string}\r\n"`
favicon proxy now uses hijack 2017-11-26 22:50:57 -05:00
PERF: run post timings in background This means that if a very large amount of registered users hit a single topic we will handle it gracefully, even if db gets slow. 2018-01-18 16:26:18 -05:00			`timings = MethodProfiler.stop`
			`if timings && duration = timings[:total_duration]`
FIX: ensure proper header transfer (except for cache control) allows discourse special headers to be visible on hijacked reqs 2018-01-20 22:26:42 -05:00			`headers["X-Runtime"] = "#{"%0.6f" % duration}"`
			`end`

			`headers.each do \|name, val\|`
			`io.write "#{name}: #{val}\r\n"`
PERF: run post timings in background This means that if a very large amount of registered users hit a single topic we will handle it gracefully, even if db gets slow. 2018-01-18 16:26:18 -05:00			`end`

PERF: hijack onebox requests so they do not use up a unicorn worker 2017-11-23 23:31:23 -05:00			`io.write "\r\n"`
FEATURE: avatar proxy happens in background This ensures that even if it is slow to download avatars site will continue to work Also simplifies hijack pattern 2017-11-27 01:43:24 -05:00			`io.write body`
PERF: hijack onebox requests so they do not use up a unicorn worker 2017-11-23 23:31:23 -05:00			`rescue Errno::EPIPE, IOError`
			`# happens if client terminated before we responded, ignore`
Simplify hijack code 2017-11-28 19:54:20 -05:00			`io = nil`
Correctly track hijacked requests 2017-11-28 00:47:20 -05:00			`ensure`
PERF: run post timings in background This means that if a very large amount of registered users hit a single topic we will handle it gracefully, even if db gets slow. 2018-01-18 16:26:18 -05:00			`MethodProfiler.clear`
Improve error handling in hijacked code 2017-12-01 00:23:21 -05:00			`Thread.current[Logster::Logger::LOGSTER_ENV] = nil`

Simplify hijack code 2017-11-28 19:54:20 -05:00			`io.close if io rescue nil`

Correctly track hijacked requests 2017-11-28 00:47:20 -05:00			`if request_tracker`
FIX: correctly log topic timings as background 2018-01-18 18:37:27 -05:00			`status = response.status rescue 500`
PERF: run post timings in background This means that if a very large amount of registered users hit a single topic we will handle it gracefully, even if db gets slow. 2018-01-18 16:26:18 -05:00			`request_tracker.log_request_info(env, [status, headers \|\| {}, []], timings)`
Correctly track hijacked requests 2017-11-28 00:47:20 -05:00			`end`
PERF: hijack onebox requests so they do not use up a unicorn worker 2017-11-23 23:31:23 -05:00			`end`
			`end`
			`# not leaked out, we use 418 ... I am a teapot to denote that we are hijacked`
			`render plain: "", status: 418`
			`else`
FEATURE: avatar proxy happens in background This ensures that even if it is slow to download avatars site will continue to work Also simplifies hijack pattern 2017-11-27 01:43:24 -05:00			`blk.call`
PERF: hijack onebox requests so they do not use up a unicorn worker 2017-11-23 23:31:23 -05:00			`end`
			`end`
			`end`