Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Cache responses in Cloudfront #2077

Open
wants to merge 4 commits into
base: main
Choose a base branch
from
Open

Cache responses in Cloudfront #2077

wants to merge 4 commits into from

Conversation

dannymidnight
Copy link
Contributor

@dannymidnight dannymidnight commented Apr 24, 2023
edited
Loading

Cloudfront CDN now sits between the client and our application which means we can start thinking about caching HTTP responses for a snappier user experience.

This PR does a few things to enable HTTP caching.

  • Render Login + Signup for all users regardless of them having a session. This one might be contentious! By removing the probably_authenticated check we can serve up the same cached response for all HTTP requests. A user can still access their dashboard by clicking either of those links once they're logged in.
  • Set Cache-Control headers:
    • public – this one lets Cloudfront know it's allowed to cache it
    • max-age - controls how long to cache content. I've set this to 5 minutes whilst testing.
    • must-revalidated - check origin server (our app) to see if content is still fresh using etag
  • Remove Rails CSP nonce generation 😬
    • this change removes nonce generation which was causing the Etag header to regenerate for every request - effectively preventing a page from being cached.
    • Since our CSP isn't currently being enforced this is pretty harmless but it would be nice to eventually lock down our CSP.

@dannymidnight
Remove probably_authenticated
d65a3e0
@dannymidnight
Cache for 5 minutes
d81b0d7
@dannymidnight
Replace script nonce with unsafe-inline
69224c9 
Our CSP is currently in reporting mode so not blocking anything at the
moment meaning this won't change the current behaviour. By removing our
nonce hash we can effectively start caching pages that use inline scripts
since the content won't change between requests.
@dannymidnight
Remove "Dashboard" button
f6ebed4 
Signup / Login both redirect to the Dashboard
@dannymidnight dannymidnight requested a review from a team April 24, 2023 05:40
@render
Copy link

render bot commented Apr 24, 2023

Your Render PR Server URL is https://bk-docs-pr-2077.onrender.com.

Follow its progress at https://dashboard.render.com/web/srv-ch31cnpmbg57g9rkt97g.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@dannymidnight