-
Notifications
You must be signed in to change notification settings - Fork 2.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Reconsider adding ob_end_clean() in remote.php for files app #16013
Comments
(that said webservers that respect the |
I´m not arguing that output buffering should be disabled. Possible that this is a good idea. @LukasReschke Can you check if this is possible to disable it with ini_set and only block if this is not possible? |
Well - the way to go as described in the ticket is that @DeepDiver1975 and @icewind1991 explain the changes they did to the OB handling in remote.php - if it is as simple as re-adding it we can just re-add this... |
The reason output buffering needs to be off is simple. The purpose of the feature is to put the entire HTTP response into memory before sending it to the client. So if your HTTP response is massive, the entire file goes into memory. This means if you have a big file, you can drag down an entire server. Frankly it's completely baffling to me why anyone would pick it as the default setting, like ubuntu does. It should be treated as a bug. |
@evert understood. Or we try to switch it off. |
|
✔️ unrelated ❓ |
This removes the hard-dependency on output buffering as requested at #16013 since a lot of distributions such as Debian and Ubuntu decided to use `4096` instead of the PHP recommended and documented default value of `off`. However, we still should encourage disabling this setting for improved performance and reliability thus the setting switches in `.user.ini` and `.htaccess` are remaining there. It is very likely that we in other cases also should disable the output buffering but aren't doing it everywhere and thus causing memory problems. Fixes #16013
Let's re-add this then and remove the check for now and hope it doesn't bite us at other places were we handle files stuff => #16042 |
This removes the hard-dependency on output buffering as requested at owncloud#16013 since a lot of distributions such as Debian and Ubuntu decided to use `4096` instead of the PHP recommended and documented default value of `off`. However, we still should encourage disabling this setting for improved performance and reliability thus the setting switches in `.user.ini` and `.htaccess` are remaining there. It is very likely that we in other cases also should disable the output buffering but aren't doing it everywhere and thus causing memory problems. Fixes owncloud#16013
@karlitschek has requested why we have an hard dependency on
output_buffering
set tooff
with ownCloud 8.1 – thus I investigated it a little bit.This check has been introduced since our documentation, the SabreDAV documentation as well as @evert in https://github.com/fruux/sabre-dav/pull/331#issuecomment-16945953 claim that
output_buffering
should be disabled, without this PHP will return memory-related errors and we might effectively risk data loss or integrity loss issues.This indeed makes sense to me but we should reconsider if there is another way to address this issue, I stumbled upon
ob_end_flush
andob_end_clean
which we could just add to our remote.php file of the files app.A little digging in our source showed me that @icewind1991 introduced this already once for stable45 in #576 and it was indeed there until ownCloud 7 where @DeepDiver1975 removed it with 79fc4f3, the commit message states:
This looks rather unrelated. @DeepDiver1975 do you remind why you removed it? I suspect you assumed that it was removed by mistake since the code was undocumented?
cc @evert I'd greatly appreciate if you can lend us your expertise once more on this. Just a short "yes that should work" or a "kittens will die – don't try it" would be a great guidance since you are obviously the SabreDAV expert 😄
cc @DeepDiver1975 @karlitschek
The text was updated successfully, but these errors were encountered: