Prevent ActionDispatch::ServerTiming from overwriting existing header value #45615
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
ghiculescu
reviewed
Jul 18, 2022
This comment was marked as resolved.
This comment was marked as resolved.
jtmalinowski
force-pushed
the
fix-server-timing-overwrites
branch
from
f1b7b37
to
dee65a3
Compare
|
Done, and, not sure if there can ever be no ActiveSupport Notification events in a response, but I changed the code slightly to handle that too. |
This comment was marked as resolved.
This comment was marked as resolved.
| @@ -22,10 +22,12 @@ def call(env) | |||
| ActiveSupport::Notifications.unsubscribe(subscriber) | |||
| end | |||
|
|
|||
| header_info = events.group_by(&:name).map do |event_name, events_collection| | |||
| our_server_timings = events.group_by(&:name).map do |event_name, events_collection| | |||
There was a problem hiding this comment.
Let's keep this name.
Suggested change
| our_server_timings = events.group_by(&:name).map do |event_name, events_collection| | |
| header_info = events.group_by(&:name).map do |event_name, events_collection| |
Comment on lines
29
to
30
| headers[SERVER_TIMING_HEADER] = | ||
| [headers[SERVER_TIMING_HEADER]].concat(our_server_timings).map(&:to_s).map(&:strip).reject(&:empty?).join(", ") |
There was a problem hiding this comment.
This seems to be doing a bit more work than before. Would the following also work?
Suggested change
| headers[SERVER_TIMING_HEADER] = | |
| [headers[SERVER_TIMING_HEADER]].concat(our_server_timings).map(&:to_s).map(&:strip).reject(&:empty?).join(", ") | |
| header_info.prepend(headers[SERVER_TIMING_HEADER]) if headers[SERVER_TIMING_HEADER].present? | |
| headers[SERVER_TIMING_HEADER] = header_info.join(", ") |
|
|
||
| def call(env) | ||
| status, headers, body = @app.call(env) | ||
| headers["Server-Timing"] = [headers["Server-Timing"], %w(entry;desc="description")].compact.join(", ") |
There was a problem hiding this comment.
%w() creates an array, whereas %() quotes a string.
Suggested change
| headers["Server-Timing"] = [headers["Server-Timing"], %w(entry;desc="description")].compact.join(", ") | |
| headers["Server-Timing"] = [headers["Server-Timing"], %(entry;desc="description")].compact.join(", ") |
| @@ -52,7 +72,7 @@ def create | |||
| end | |||
|
|
|||
| private | |||
| def with_test_route_set | |||
| def with_test_route_set(later_middlewares: []) | |||
There was a problem hiding this comment.
This kwarg feels somewhat out of place to me. What do you think about setting up a @middlewares array (which matches @app), and appending to that?
index bb581e51e0..ada355be38 100644
--- a/actionpack/test/dispatch/server_timing_test.rb
+++ b/actionpack/test/dispatch/server_timing_test.rb
@@ -22,6 +22,10 @@ def create
end
end
+ setup do
+ @middlewares = [ActionDispatch::ServerTiming]
+ end
+
test "server timing header is included in the response" do
with_test_route_set do
get "/"
@@ -45,7 +49,7 @@ def create
end
test "does not overwrite existing header values" do
- class DummyServerTiming
+ @middlewares << Class.new do
def initialize(app)
@app = app
end
@@ -57,7 +61,7 @@ def call(env)
end
end
- with_test_route_set(later_middlewares: [DummyServerTiming]) do
+ with_test_route_set do
get "/"
assert_match(/entry;desc="description"/, @response.headers["Server-Timing"])
assert_match(/start_processing.action_controller;dur=\w+/, @response.headers["Server-Timing"])
@@ -72,7 +76,7 @@ def call(env)
end
private
- def with_test_route_set(later_middlewares: [])
+ def with_test_route_set
with_routing do |set|
set.draw do
get "/", to: ::ServerTimingTest::TestController.action(:index)
@@ -81,8 +85,7 @@ def with_test_route_set(later_middlewares: [])
end
@app = self.class.build_app(set) do |middleware|
- middleware.use ActionDispatch::ServerTiming
- later_middlewares.each(&middleware.method(:use))
+ @middlewares.each { |m| middleware.use m }
end
yield
jtmalinowski
force-pushed
the
fix-server-timing-overwrites
branch
from
dee65a3
to
f075e0c
Compare
|
@jonathanhefner All the suggestions were great, thanks for reviewing. |
jonathanhefner
approved these changes
Jul 19, 2022
|
Thank you, @jtmalinowski! 😃 (Backported to |
jonathanhefner
added a commit
that referenced
this pull request
Jul 24, 2022
Prevent ActionDispatch::ServerTiming from overwriting existing header value (cherry picked from commit 9e0fe8e)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
Fixes #45607
Tiny fix, if a middleware adds anything to the
Server-Timingheader, and is down the chain fromActionDispatch::ServerTiming, the value it set will be overwritten, this PR changes this behaviour, so thatActionDispatch::ServerTimingappends its entries instead.