Welcome! » Log In » Create A New Profile

Cache in /tmp directory

Posted by jsuggs 
Cache in /tmp directory
December 17, 2008 01:28PM

Is there any downside to setting the cache directory to /tmp?

My reasoning for asking is twofold. First, I'm keeping the htmlpurifier directory out of my webservers document root (usr/local/src), and I just don't like the idea of having anything under that directory writable. Second, it is a stable directory that will always be available across all of my server installations (dev, production, etc) so its one less thing to keep track of.

So I guess I'm asking if having it in a (semi) volatile directory be an issue?

Thanks in advance!

FYI, I've been looking at this library for quite a while and after I've played around with it for a bit I'm throughly impressed at its flexibility and documentation! Once I get a little more time I'm going to give you guys a little write up about how I've integrated it into my new project.

Re: Cache in /tmp directory
December 17, 2008 04:57PM

There shouldn't be any problems keeping the files in tmp. One consideration, though, is that if someone is able to modify the files in tmp, you could end up with a security hole. Other than that, it's a great idea.

Re: Cache in /tmp directory
December 19, 2008 01:37PM

sorry to jump in Ambush.

with regards to the /tmp folder, wouldn't there be an issue if say 2 or 3 sites were setup, and purifier was configured to use the /tmp directory for all those sites, what if all 3 had different configs, but had identical definitionID names and CSS definition ID names etc? would that mean they would be sharing the same cached files?

i'm probably thinking too hard.

Re: Cache in /tmp directory
December 19, 2008 01:48PM

Good point. You would be running the chance that another application/instance could (over)write a file since it would be a common directory. What is the method used for determining the filename?

I'm not too concerned as for me right now I'm only running a single site on my servers...but other applications could still cause a collision, so it is definitely something to consider.

Re: Cache in /tmp directory
December 19, 2008 05:20PM

well it stores the filename from an md5 serialized string. so the filename should be ok, it's just in how html purifier reads them, does it store the filename somewhere (i don't think so) or does it just read the entire contents of the directory.

here's where the filename is produced (standalone version)

    /**
     * Returns a md5 signature for the entire configuration object
     * that uniquely identifies that particular configuration
     */
    public function getSerial() {
        if (empty($this->serial)) {
            $this->serial = md5(serialize($this->getAll()));
        }
        return $this->serial;
    }

    }

what would it do if it read the cached files of one of the other sites cached config files?

Re: Cache in /tmp directory
December 19, 2008 07:06PM

The only case when multiple sites would conflict is if you have exactly the same configuration options set (including DefinitionId and DefinitionRev), and then you went ahead and edited the raw configuration differently for each site. You should have distinct IDs for each website in such a case.

For all other cases, HTML Purifier will transparently determine a unique cache name with the md5 function. And cache files with the same id can and should be reused. :-)

Sorry, you do not have permission to post/reply in this forum.