On Wed, Feb 6, 2013 at 8:54 AM, Gabriel Wicke <[email protected]> wrote: > Local HTTP requests have pretty low overhead (1-2ms), but api.php > suffers from high start-up costs (35-40ms). This is more an issue with > api.php and the PHP execution model than with HTTP though, and might be > improved in the future.
I would vote against local http requests, if we can avoid it. They can certainly be done safely if you design them correctly, but for example, you write a write a lua template, that calls an api that uses the same lua template that calls the api,... single request DoS! We should definitely pick the design that makes the most sense, but keeping new attack vectors to a minimum would be good. _______________________________________________ Wikitech-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikitech-l
