Comments (6)
In addition:
- Tests need to explicitly check that a
*gzip.Writer
retrieved from the pool is correctlyReset()
. This is a potential security issue waiting to happen otherwise. - Use a base64 encoded PNG to test the "don't gzip" case - http://www.gorillatoolkit.org/static/images/gorilla-icon-64.png is a good candidate (drop the base64 bytes into a
var
, decode into bytes during the test) - Update the docs on
CompressHandler
to indicate the selective gzipping.
from handlers.
+1
from handlers.
#48 has likely made this much harder now due to the limitations around defining a global pool:
- If we create a global pool of gzip writers (we must if we want a pool) then we can't pass the "current" level to the pool per-instance of middleware:
var gzipPool = sync.Pool{
// Can't pass the level when we call New()
New: func() interface{} {
return gzip.NewWriter(nil)
},
}
- We could set a package global level, but that creates implicit behaviour (all CompressHandler instances would need to use it) and also causes race conditions when you have more than one
CompressHandlerLevel
middleware in play. Effectively a non-starter here. - The
level
field on*gzip.Writer
isn't exported and therefore you can't modify it after you type-assert the writer out of the pool.
Is there a solution here that I'm missing? I think this PR had more value as changing gzip levels should be done with caution in a HTTP context, but a pooled gzip writer nets everyone a performance gain, but unfortunately that's how things have shaken out.
@kisielk - would appreciate your feedback/input here.
from handlers.
How about a separate pool for every compression level? There's only 11 of them and the size overhead for a pool is not that large.
from handlers.
👍
from handlers.
This issue has been automatically marked as stale because it hasn't seen a recent update. It'll be automatically closed in a few days.
from handlers.
Related Issues (20)
- [feature] FileServer handler HOT 2
- [feature] add brotli encoding support in compress handler HOT 3
- [bug] ProxyHeaders breaks gorilla/csrf HOT 1
- [bug] websockets are logged with a status code of 200 instead of 101 HOT 1
- [bug] ProxyHeaders XFF parsing handles whitespace incorrectly
- [question] How to add X-Request-ID in access Log
- [question] Does handler add AllowedOrigins * header by default?
- [feature] Basic Auth handler
- [feature] improve the CPUUtilization and MemoryUtilization
- Incorrect regex in `forRegex`
- [question] upgrade httpsnoop HOT 1
- OPTIONS in Allow for MethodHandler
- The ProxyHeaders middleware is misleading and dangerous
- [BUG] CORS middleware sets `Vary: Origin` header only in some cases HOT 1
- [BUG] Listing Origin as an allowed request header is unnecessary
- [FEATURE] Allow users to disable caching of preflight responses
- [FEATURE] Support Private Network Access
- [BUG] Sometimes missing Vary: Origin header may lead to Web cache poisoning
- [BUG] Allowing methods that are not uppercase should be possible but isn't
- [BUG] Add "Vary" header only if value not already present HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from handlers.