Comments (5)
Why we need to write request id to response header?
from salvo.
There are two ids I'm interested in the client request id (x-client-request-id) and the server request id (x-server-request-id).
If a client doesn't send the x-client-request-id or is invalid such as too long or too short or doesn't match certain patterns such as guid, the server may decide to generate the generate a new client request. In this case server might want to generate the id the x-client-request-id.
https://devcenter.heroku.com/articles/http-request-id#how-it-works
curl https://api.heroku.com/schema -H "Accept: application/vnd.heroku+json; version=3" -v 1> /dev/null
Because the x-client-request-id is provided by the client and it can't be trusted, the server may wish to always generate another id.
from salvo.
- When we get request, we try to parse requestid.
- validate requestid, if it is not exists or invalid, generate a new one.
I just puzzled why we write it to response header, do we need to generate a new request id and send it back to client?
.hoop(ResponseIdHandler::new()
.with_response_header("x-server-request-id")
.with_id_generator(some_fn))
from salvo.
There are two different ids - x-client-request-id
used by RequestIdHandler
and x-server-request-id
use by the ResponseIdHandler
.
x-client-request-id
is sent by the client and cannot be trusted. Clients may not pass this at all or reuse the same id. Most of the time this is enough. Server should always generate another id independent of x-client-request id so it never conflicts.
Here are some examples:
request a: curl -vv http://localhost:8080
response a:
x-client-request-id: c1 // auto generate by server since it wasn't in request
x-server-request-id: s1 // always auto generated
request b: curl -vv http://localhost:8080 -H 'x-client-request-id: c1'
response b:
x-client-request-id: c1 // reuse the request header since this was passed by client
x-server-request-id: s1 // always auto generate
// assume after a second the same request was replayed
request c: curl -vv http://localhost:8080 -H 'x-client-request-id: c1'
response c:
x-client-request-id: c1 // reuse the request header since this was passed by client (this id c1 is the same as the previous request b)
x-server-request-id: s2 // always auto generate (even though the request was the same as previous we autogenerate a new id)
It is for the 2nd case when debugging request b and c that the server needs to generate and send the id.
Confusion might be due to the fact that most servers just use one x-request-id
and treat it as x-client-request-id
while in my case I want both x-client-request-id
and x-server-request-id
.
x-server-request-id
could also contain other interesting data such as location of datacenter/nodes which could look like westus:node1:78ecd68e4b4040eea00292189337cd4c
or could be broken down in to different headers such as x-location: westus
and so on.
from salvo.
I'm afraid I will not implement it in salvo repository,
It looks the core feature of it just read and write HeaderMap.
Then common id generator may just a uuid generator, but you need to define you custom generator in most situation.
Some guys may just care about client request id, and some guys may care both client and server id. I haven't been able to find an elegant and general implementation of it.
You can create your customed request id crate if you like.
from salvo.
Related Issues (20)
- oapi 的 QueryParam 不支持 struct类型 HOT 2
- Can we make the `SendTarget` a public trait? HOT 2
- Why is `Service::handle` dose not pass the request local and remote addr to `Service::hyper_handler`?
- could not compile `salvo_core` (lib) - impl Trait` only allowed in function and inherent method return types, not in trait method return types HOT 1
- Cannot override non-schema type HOT 2
- 支持随机端口/support random port
- The https (using rustls or openssl) tls handshake is not 100% successful at high concurrency. HOT 2
- I noticed a massive use of unwrap() in Salvo source code (670 unwrap ) HOT 5
- Consider adding `fastwebsockets` as an option HOT 2
- Rustls backend loads only the first certificate from file HOT 2
- Enhancement Request: More Flexibility in Modifying Responses After Proxying
- 防御慢速HTTP攻击 HOT 2
- [FEATURE] Add default security values HOT 13
- sse stream时,客户端只返回最后的值 HOT 1
- Impossible to import TestClient and ResponseText HOT 3
- Cors on sub routers not working, also with middleware, works manually implemeting options request HOT 6
- The `endpoint` macros documentation should point to the module `endpoint`
- [FEATURE] Easy print of error body
- How to add a header to proxy? HOT 1
- Redirect a PUT HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from salvo.