So one thing we will need to do is raise an exception if we try to generate a secure url as an anonymous user. This is a safety net, as I don't think we are doing this at the moment. It will stop accidentally ending up with stale URLs in the Squid caches.
I think I understand why the session store was (ab)used here - it runs in autocommit mode and we rollback the database connections on GET requests to ensure they are idempotent. I still don't like it but can't really offer a better solution with our existing infrastructure except perhaps using memcached. Certainly session.sql should not be modified though, with all the new stuff going into launchpad_session.sql (session.sql is what should have been sent upstream a few years ago). -- https://code.launchpad.net/~lifeless/launchpad/private-librarian/+merge/31020 Your team Launchpad code reviewers is requested to review the proposed merge of lp:~lifeless/launchpad/private-librarian into lp:launchpad. _______________________________________________ Mailing list: https://launchpad.net/~launchpad-reviewers Post to : [email protected] Unsubscribe : https://launchpad.net/~launchpad-reviewers More help : https://help.launchpad.net/ListHelp
