* Chris Steipp wrote: >On Wed, Feb 6, 2013 at 8:54 AM, Gabriel Wicke <[email protected]> wrote: >> Local HTTP requests have pretty low overhead (1-2ms), but api.php >> suffers from high start-up costs (35-40ms). This is more an issue with >> api.php and the PHP execution model than with HTTP though, and might be >> improved in the future. > >I would vote against local http requests, if we can avoid it. They can >certainly be done safely if you design them correctly, but for >example, you write a write a lua template, that calls an api that uses >the same lua template that calls the api,... single request DoS!
(That's usually trivially addressed by, say, including a counter in some request header and refusing to serve requests where the recursion goes beyond some configured limit. And it is usually possible to do this at a very high level, so that should not be a major concern.) -- Björn Höhrmann · mailto:[email protected] · http://bjoern.hoehrmann.de Am Badedeich 7 · Telefon: +49(0)160/4415681 · http://www.bjoernsworld.de 25899 Dagebüll · PGP Pub. KeyID: 0xA4357E78 · http://www.websitedev.de/ _______________________________________________ Wikitech-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikitech-l
