On Sat, Mar 15, 2008 at 12:22 PM, Chris Chabot <[EMAIL PROTECTED]> wrote:
> Did a quick experiment using yuicompressor, and compressing the
> javascript in the JsLibrary class (since the PHP version caches the
> entire JsFeatureFactory, for performance reasons, so this ends up being
> the most logical place).
>
> Results are:
> - Initial first request is terribly slow, 7 to 10 seconds wait just
> about, this is a huge downside
Given that, and since you'd just be executing an external script anyway,
pre-processing is probably still your best bet. One big unfortunate downside
here is that you'll not be able to leverage this for gadget minification.
Hopefully caja can close that gap. Maybe you could deploy a shell script for
doing this?
> - Every next request is as fast as it was before, since the results were
> cached
> - Gadget file size (using google's horoscope as example) went from 55k
> to 18k, so a very nice gain
>
>
> As far as security risks go i'm not to concerned since its isolated from
> user input (the only thing that's input here is a feature name, which
> loads a feature.xml, which then requests .js files, which then are
> compressed ... so the user input part happens at the
> <feature_name>/feature.xml part, and not in anything that's parsed to
> the command line.
>
> However the initial page load worries me of course, a quick wget on a
> empty gadget that requires everything would fix this, but it's far from
> ideal... However lacking any type of build system it's hard to integrate
> into the deployment process, it still seems a viable option.
>
> What do you guys recon about this all?
>
> -- Chris
>
> On Thu, 2008-03-13 at 11:09 -0700, Kevin Brown wrote:
>
> > On Thu, Mar 13, 2008 at 11:02 AM, Brian Eaton <[EMAIL PROTECTED]> wrote:
> >
> > > On Thu, Mar 13, 2008 at 10:18 AM, Chris Chabot <[EMAIL PROTECTED]>
> wrote:
> > > > Basicly (in semi-pseudo code) it would mean doing something like:
> > > >
> > > > $out = tempnam('/tmp','compressout');
> > > > if (!$config['debug']) {
> > > > if (we can't retrieve the cached compressed version) {
> > > > @exec("java -jar {$path_to}/yuicompressor-2.2.5.jar-o
> > > $out --type js
> > > > $feature_js_file");
> > > > if (($contents = file_get_contents($out))) {
> > > > // store in cache so we don't have to keep
> > > compressing each
> > > > request
> > > > }
> > > > }
> > > > }
> > >
> > > Is exec as expensive in PHP as it is in most other web programming
> > > frameworks?
> >
> >
> > It's about as expensive as in perl or python.
> >
> >
> > > In general calling exec() in the context of a web server
> > > is a bad idea. It usually leads to both performance and security
> > > problems.
> >
> >
> > Performance is the main issue; I added escapeshellargs to prevent
> arbitrary
> > input (although the files themselves would never be user input), and
> php's
> > safe_mode ensures that only files in a specific location can be
> executed.
> >
> >
> > > Caching the output will reduce the problem a bit, but in
> > > general this seems like a suspicious coding practice.
> >
> >
> > Normally I'd agree, but unfortunately trying to implement on the fly
> > compression in PHP any other way would be unreasonably slow. You could
> write
> > a PHP extension for such a task, but that imposes a significantly higher
> > barrier to entry.
> >
>
--
~Kevin
