These are require-dev.

Not sure if that's the best way to document but basically you just have to provide TaggableStore instead of having Symfony calling createStore().

I've unified here so it matches the PurgeListener options.

I would like to escape , and maybe also new line but we need to unescape again in the PurgeListener so I'm not sure if using the same method as Varnish does is a good idea. Especially because Varnish just escapes by replacing both with a _ which makes it impossible to unescape again. To be honest, I find tags containing a , strange anyway so I'd prohibit this in the ResponseTagger upfront so it cannot happen at all but I guess that would be a BC break. Wdyt?

as far as i remember the logic with escaping was that we don't care about unescaping. the worst case would be that foo,bar and foo_bar collide, which would mean we invalidate too many things. its an edge case and one we decided we can live with, as its semantically correct (invalidating more then necessary is ok, the opposite would be a problem)

this works as long as escaping is done both when setting the tags and when creating invalidation requests.

I see. So I'll just escape and don't care about unescaping, right? It's an edge case anyway, I really don't know why I would ever use a comma in a tag.
We could, however, also use the same header multiple times. There's nothing wrong in using

X-Cache-Tags: foobar
X-Cache-Tags: other tag

But I don't know if http-plug supports this?

i'd replace all , with _ but then collapse the tags into one header with , separation. in the listener, you can then still split by ,.

if i remember correctly, the varnish client even splits this into multiple requests if the list of tags is getting too long, to avoid problems with too long headers.

Implemented in b452710. Sorry, I'm too used to phpunit, I never used mockery so it was way faster for me to use the "native" mock stuff for consecutive argument assertions :)

Ah, and I implemented it so it's a more general solution. I thought that might be needed by other proxies too in the future. I did not adjust Varnish though because there's some regex stuff going on there and I figured that's maybe too specific.

See my comment about unescaping in Symfony.

Basically this is only needed for unit tests but it doesn't harm either.

i would use reflection in the unit test rather than expose this. we don't want people to interact with the tag cache from outside.

I agree. Fixed in d56f6a4.

Do you like that name? I wanted it to remain simple. The one the Symfony core provides is called Store so I just simply went for TaggableStore. Note that there's quite some stuff going on here. Proof that it works is a pretty extensive unit test suite for that class 😄

why not trying to acquire this lock ?

Basically, I checked the implementation of Store (see https://github.com/symfony/symfony/blob/master/src/Symfony/Component/HttpKernel/HttpCache/Store.php#L69) so that's why it's the way it is. How should that whole method look like in your opinion?

So if you lock then release. You'll never be able to lock again... Is it the expected behavior?

I guess not :) You mean either we drop the isset() there or if we keep it as is, we need to unset($this->locks[$cacheKey]); in unlock()? :)

Yep, either unset in the release method. Or try to acquire it here. As you want

Fixed and covered by unit test in 5f7a1ea.

you should wrap in a try/catch block

True, will add!

Added in 2f4b534.

The issue with Flock, is that we need to create an empty file for each key, and don't delete theme (for race condition).

Given we will create a lot of keys here, it will consume a lot of inode. I suggest tu use semaphore here and fallback to flock if semaphore is not supported. See https://github.com/symfony/symfony/blob/3ff0ff02accafaeb6f35eca5323bcb6be0f3311e/src/Symfony/Component/Console/Command/LockableTrait.php#L46-L50

Yeah, that's a general problem that is not specific to this implementation (it's the same in the default Store of HttpCache). I'll add semaphore though, thanks for the hint!

Fixed in 486008e.

what's about TagAwareAdapterInterface

See my comment in __construct(). We use a hardcoded implementation because we don't want other adapters to be used :)

Adapter could be injected instead of built (if you inject it, you should inject the lock too, because the injected cache can be a shared cache like redis, and the Lock should be shared too)

Both are not injectable on purpose. Otherwise it would be a fully PSR-6 compatible Store which was rejected in Symfony core as no other adapter except for file makes sense and might be dangerous using because of concurrency. See the discussion in #286 and the referenced PR in Symfony.

You can TypeHint with TagAwareInterface ? What if someone want to use redis tombe share cache between multiple front?

I guess you did not really understand: The users must not use any other adapter like redis etc. It must be forbidden. That's why it's hardcoded to the adapters that make sense.

The point of Fabien is to not use PSR6 and simply use $cached = include(...). (His comment give 3 good reasons).
As soon as you include cache component and use PSR6, I don't understand why adapters MUST be the Filesystem?

Here's the comment: symfony/symfony#20061 (comment)

Quote:

The cache contains some PHP (when using ESI for instance) and storing PHP in anything else than a filesystem would mean eval()ing strings coming from Redis/Memcache/...,

So why would you allow anything else than Filesystem?

Because here you use a cache adapter on top of filesystem and you must deal with the same issue.

As soon as you start using PSR6, you are dealing with the same interface (same output, same evaluate things...) The only difference between adapter are performance vs scalability

Hmm, I still don't get your point, sorry 😄 So trying to sum up: There was a pull request for Symfony core allowing to use any PSR-6 cache back end. It was rejected because it would allow to use Redis, Memcache etc. as cache back ends. Ergo: everything except for a filesystem cache does not make sense. However, for me this does not mean we cannot use the cache component. We just have to make sure nobody can use anything else than the Filesystem adapter.

seems to be not used

What do you mean? It's part of the StoreInterface.

Oops.. nevermind

can you add a comment that specifies the filename? i guess // app/AppCache.php?

There are 2-3 examples before that all talk about the AppCache, I think it's redundant information :)

ah ok, the section above does the same. i find it still useful, but am ok with consistency here for now. might go over that doc at some point again.

please have the class AppCache extends HttpCache line here

Same here, I guess the people know about app/AppCache.php but I added a hint in 0e3d337 anyway (for the first example to not mess up with all other examples).

where do these parameters come from?

I took the very same example as already used in the Cache event listeners section.

if we would use the one from FrameworkBundle, we could just overwrite the createStore method. i guess the reason is that here we are in the library and not the symfony bundle, so we don't want any extra dependencies. so this makes sense (apart from the $store parameter)

can we remove this parameter? its never used as you then create the store manually.

Yeah well, these parameters depend on whether you use the HttpCache of the FrameworkBundle or HttpKernel directly. Not sure what to do here best but I mean, it's kind of obvious what you have to do there, isn't it? 😄

$store makes sense for normal constructor but not for this class, because its unused as you define $store below in the constructor code.

as far as i remember the logic with escaping was that we don't care about unescaping. the worst case would be that foo,bar and foo_bar collide, which would mean we invalidate too many things. its an edge case and one we decided we can live with, as its semantically correct (invalidating more then necessary is ok, the opposite would be a problem)

this works as long as escaping is done both when setting the tags and when creating invalidation requests.

should we not fail if there is a request to purge tags but we don't have a store supporting purge?

Matter of preference. I thought about that too. Either fail or ignore silently. You prefer failing?

its a basic setup error, not a runtime error that could occasionally happen, so yes i would explode loudly.

Implemented with the new listener now.

why do we do tag invalidation in the same listener as purging? i feel like it should be a separate listener. in varnish, its glued into the ban handling because its a ban operation. for httpcache it seems to make sense to consider it not a BAN because its not a blacklist but a direct action onto the cache store. but purge sounds wrong to me too, because the path of the tag invalidation request does not matter. could we use a separate HTTP method like PURGETAGS? (this is an open question, i am not convinced it would be the best. but the mixup looks odd to me here)

Well, I can just tell what my idea behind this was: PURGE is not an official HTTP method by specification. If I was to pick one that exists, I would've probably gone with DELETE. Anyway, the spec allows to invent custom ones so yeah, we could use PURGETAGS. But then again, to purge, means to clean and so I checked the docs of Varnish (which I personally consider to be somewhat a market leader here) and it says:

A purge is what happens when you pick out an object from the cache and discard it along with its variants. Usually a purge is invoked through HTTP with the method PURGE.

And "tagging" to me is an object from the cache so imho it's perfectly fine. Also having it in the same listener is simple, doesn't change any behavior at all if you don't send that header, keeps things in place. I really like it where it is to be honest.

my problem is that just depending on the tags header, this either uses the url to purge a specific page, or it uses the header to purge all tagged things, and ignores the url. so basically the two things have no code in common. it shows in the nested if/elseif/else. i would prefer a separate listener for that reason.

for the naming i agree that the term purge is correct. but as the semantics of the purge payload is completely different, i'd rather use a separate http method name.

Okay, it's now in it's own PurgeTagsListener and the docs are updated accordingly.

i would use reflection in the unit test rather than expose this. we don't want people to interact with the tag cache from outside.

should we still unset if we get an exception here?

i am a bit confused by the name of the method, and this non-telling phpdoc. but just noticed that its the same on the interface. lets do {@inheritDoc} and then add a line Release all locks.

lets not say that we repeat here - it feels unfriendly ;-)

Done.

lets not add "again".

maybe "provide your own TagHeaderFormatter instance"? does not need to be a custom implementation of the interface, like in the example below. (i know, that is just reformatting, but while we touch it...)

Done.

extra blank line, please remove

Done.

please add a .. versionadded:: 2.1.0 that says that cache tagging for AppCache has been added in FOSHttpCache 2.1.0

Done.

i think this is not strictly correct. you need symfony/lock and symfony/cache at 3.4, but afaik you can use symfony 3.3 together with those components, or am i wrong?

we should tell the composer require line for those two components, because they are optional dependencies.