Check cache from domain_whitelist_callback? #90
Comments
DoobleD
changed the title
|
@DoobleD yes you can access |
|
@DoobleD yes that will definitely be possible |
|
Thank you @fffonion! Is that in the works already? If not, I'll be happy to try a PR. :) |
|
There isn't a WIP, but I'm curious on how to make this generic (not 100% sure about what you trying to do yet :) ). That being |
|
I'll try one then. :) To give some explanation, what I'm trying to do is improve performance for our use case. What's costly/slow for us is querying our "is domain whitelisted" HTTP endpoint everytime in One way to avoid that as much as possible is to rely on the LRU cache internally used by the plugin. If the cert is in cache, it means the domain was allowed less than 1h ago (the LRU cache TTL is 1h). That's good enough, no need for us to call our endpoint. We could alternatively look up the storage, but our storage type is file, and that's more costly too than looking up in the LRU cache. The only downside is that if the domain is no longer allowed, its cert is still being served for 1h, until the cert is removed from cache. But that's ok for us. And that's another reason to not look up in storage instead, as file storage is permanent. 1h of wrongly continuing to serve the cert is fine, but continuing forever would be very bad. |
|
Hanlded with #96. Thanks for merging! |
Hi folks,
Thank you for this awesome package! I have a quick question: is it possible to check for the existence in the domain certs in the cache from within the domain_whitelist_callback function?
The idea is that we'd query our domain whitelist endpoint only if certs can't be found in cache, to improve performance.
Since certs are cached for 1h, it means a domain previously whitelisted but no longer whitelisted will still get its certs served for 1h, but that's acceptable compared to the performance gain.
The text was updated successfully, but these errors were encountered: