flush error - 429 Too many requests

[amolswnz]

SilverStripe 4.1.1

$ composer info --direct
cwp/agency-extensions               2.0.0
cwp/cwp-recipe-cms                  2.0.1
cwp/cwp-recipe-core                 2.0.1
cwp/cwp-recipe-search               2.0.1
cwp/starter-theme                   2.0.0
silverstripe/recipe-authoring-tools 1.0.0
silverstripe/recipe-blog            1.0.0
silverstripe/recipe-collaboration   1.0.0
silverstripe/recipe-form-building   1.0.0
silverstripe/recipe-plugin          1.2.0
silverstripe/recipe-reporting-tools 1.0.0
silverstripe/recipe-services        1.0.0
silverstripe/registry               2.0.1
silverstripe/subsites               2.0.2
squizlabs/php_codesniffer           3.3.2
tractorcow/silverstripe-fluent      4.0.2

When I do flush using https://mysite.com/?flush=1 on my website, I am getting error 429 - Too many requests.
The url flow in network tab is as follows -
https://mysite.com/Security/login?BackURL=%3Fflush%3D1
https://mysite.com/?flush=1
http://mysite.com/Security/login?BackURL=%3Fflush%3D1
and then repeat and after few seconds, I get new page with message 429 - Too many requests

I have also tried Keep me signed in admin and it did not gave me any error. The ?flush=1 was a very quick. The flush=1 usually takes around 4-5 seconds but this time it finished in less than 1 second.

This issue is not seen in local development environment, only in live site. I was not able to reproduce this issue.

[gingin77]

I just started seeing this same problem right after I added some JS functions within script tags at the end of 2 pages that use the Security class. However, the problem didn't persist, fortunately.

[chillu]

Did you try to reproduce the issue by switching your local dev environment into live mode?
Are there any differences in the .env settings between those environments?
Could you try to strip down the template and avoid including any JS on the page?
Could you please check if this still happens with the latest 4 development branches? composer create-project silverstripe/installer my-test-site 4.x-dev

[amolswnz]

The env file is all normal. The problem still persists after using the latest dev releases and even when any JS files are not included.

[robbieaverill]

@amolswnz do you have any <script> tag customisations in your templates that might match up with what @gingin77 is reporting?

[amolswnz]

No, I checked it there are no <script> tags inserted.

[villnavem]

I resolved this by having <% base_tag %> in the area of my template. I had forgotten to add it.

[chillu]

Flush redirects with a flushtoken, which gets stored on the filesystem. In multi server environments with round robin load balancing (random server on each request), this might more more than one redirect.

Server A gets ?flush=1, creates flushtoken on its filesystem. Redirects, which hits Server B, doesn't know about flushtoken. Redirects again, happens to hit Server A, which executes the flush.

That's a known issue in multi server setups unless you have sticky sessions, and something @dnsl48 is just working on fixing. I'm not sure it'll fix your issue here, but might sound related. Are there multiple servers in your environment @amolswnz?

[dnsl48]

Yes, multi-server setup might be one of the possible reasons. Another one could be if the application does not have access to write tokens to the filesystem - https://github.com/silverstripe/silverstripe-framework/blob/4/src/Core/Startup/AbstractConfirmationToken.php#L77
Then it may keep trying to generate new tokens and redirect infinitely.

This code is being worked on and the future fix may potentially solve the issue if it's one of the above.

[dnsl48]

The ?flush implementation has been changed in SS 4.4 and it's more robust now. I believe this issue should not happen on the latest versions of the framework.
On the other hand, I cannot reproduce the original issue and there's not enough details for me to track it down. There's nothing else we can do in the boundaries of this github card, so I'm closing this for now.
Please, feel free to reopen if you can give some more details or need assistance in debugging the issue.