Avatar are recurrent elements in the Tuleap UI so caching them at nginx level can save quite a lot of work to the PHP FPM worker. Note: for instances that do not allow anonymous users to browse, seeing the avatars require to be logged in. With this cache if you know the full URL of the avatar you want to see you might get access to it even if you are not logged in if someone else accessed it already. This is an expected trade-off. Knowing the full URL means you know the SHA-256 of the avatar content, it cannot be guessed unless you already know the avatar. To test, redeploy nginx configuration. After the deployment, after the first display loading the same avatar multiple times should not trigger a call to the PHP code (the easiest way to see that is to add a log trace somewhere early in the process). You might want to disable your browser cache since the avatars are also cached at the client level. Note this change was reverted in b74ebc71397791b2701ffacae2153af04ae025bb. The reason of the revert was caused by the non activation the PHP session when processing the avatars. The first avatar that was not in cache caused a force logout of the Dynamic user session because the user ended up being considered as a Deleted user. This version of the change does not bring this change, we now only close the session as soon as possible to avoid the session locks when dealing with a lot of avatars. Change-Id: Iea8c0e5cd1c2ccac18e5d441169e37101bbf1e79

+18 −0

Author

Thomas Gerbet (tgerbet) 2024-10-17 14:05

Committer

Thomas Gerbet (tgerbet) 2024-11-05 17:53

Hash 0d5040bdcee02406e8c21ce97f2e9a89c11ab60b

Parent 90d3bb9c92feaee0ddfa9a9c672cf0fc81beb34d

Reference git #tuleap/stable/0d5040bdcee02406e8c21ce97f2e9a89c11ab60b