Skip to content
This repository has been archived by the owner on Apr 21, 2023. It is now read-only.

Sites with HTTPS users and no HTTPS mod_pagespeed configuration get log spew #356

Closed
GoogleCodeExporter opened this issue Apr 6, 2015 · 4 comments
Closed

Sites with HTTPS users and no HTTPS mod_pagespeed configuration get log spew #356

GoogleCodeExporter opened this issue Apr 6, 2015 · 4 comments
Labels
auto-migrated Priority-Medium release-note Type-Defect

Comments

@GoogleCodeExporter
Copy link 

Prior to 0.10.19.*, mod_pagespeed would never initiate a rewrite for HTTPS 
resource because CreateInputResource would return NULL based on the scheme of 
the resource.

Now it will go through the entire rewriting flow until the fetch.  The fetcher 
will fail reasonably fast, but at a minimum it will log the failure in 
error.log, which causes system load.

I think we can get back to a situation where there's a pretty fast failure 
earlier in the flow, if we do something like this:

1. Add "bool UrlAsyncFetcher::SupportsHttps(), base-class returns false.  
Existing fetchers will not override.  Alternatively, have "bool 
UrlAsyncFetcher::PrevalidateUrl(const GoogleUrl&)", base-class checks 
.scheme=="http".  It could also check the syntax of the domain & the req 
headers or something; not sure what's best here.  The idea here is that this is 
a syntax check: no system-calls should be made or threads should be spawned.

2. CreateInputResource will do an origin-map / lookup in LoadFromFile map, and 
determine whether we'd ever be able to fetch such a resource using 
PrevalidateUrl or SupportsHttps.

Original issue reported on code.google.com by jmara...@google.com on 5 Dec 2011 at 2:12
@GoogleCodeExporter
Copy link
Author 

I repro'd this as follows:
* Use local Apache installation
* Disable any https -> http mapping in pagespeed.conf
* Add "ModPagespeedDomain https://*/" to pagespeed.conf [authorizes https 
resource URLs]
* Create /usr/local/apache2/htdocs/mod_pagespeed_test/https.html:

<html>
  <head>
    <title>HTTPS test</title>
    <link rel="stylesheet" type="text/css" href="https://localhost:8443/mod_pagespeed_test/invalid.css">
  </head>
  <body>
    Try fetching a resource using https.
  </body>
</html>
* Run Apache (in gdb if desired)
* wget --no-check-certificate 
http://localhost:8080/mod_pagespeed_test/https.html

You get an error in /usr/local/apache2/logs/error_log when 
serf_url_fetcher_async.cc FINALLY gets around to NAKing the request.

Now working on short-circuiting this. Either as above or in Domain Lawyer logic.
Domain Lawyer is really only used by Apache and this issue is really Apache 
specific (AFAIK), so it's a possible place to do it, though the problem 
actually lies in the fetcher being used and once the SERF fetcher is changed to 
support https this would stop it from working so it's not the correct place to 
do it. Investigating.

Original comment by matterb...@google.com on 5 Dec 2011 at 3:42

@GoogleCodeExporter
Copy link
Author 

This issue was resolved in 0.10.19.5

Original comment by jmara...@google.com on 24 Dec 2011 at 5:32

  • Changed state: Fixed

@GoogleCodeExporter
Copy link
Author 

Issue 353 has been merged into this issue.

Original comment by jmara...@google.com on 24 Dec 2011 at 5:34

@GoogleCodeExporter
Copy link
Author

Original comment by matterb...@google.com on 26 Jan 2012 at 3:05

  • Added labels: release-note

@GoogleCodeExporter GoogleCodeExporter mentioned this issue Apr 6, 2015
Closed
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
auto-migrated Priority-Medium release-note Type-Defect
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@GoogleCodeExporter