This means that stylesheets can have all the advantages of other static
files, such as not having session cookies in the request. In addition,
it also means that subreddit objects are drastically smaller in memcache
which saves internal bandwidth and increases cache capacity.
If a specific link has ridiculous traffic, we can inform the
apps (via ZK live config) that votes on it should be sent to a
separate, dedicated, queue to avoid overwhelming the rest of the
system.
Note that pylons.wsgiapp uses pylons.i18n's get_lang()
and friends, instead of our modified versions in
r2.lib.translation. This means that setting 'lang' in the
conf causes it to try and 'help' us by looking up PO files
in r2/i18n. Changing the ini files to use 'site_lang' as the
key gets around that.
The dynamic configuration system has two components: the app, which
reads, and the writer script. The latter is meant for use by humans, and
converts a [live_config] section of the INI file into JSON for storage
in ZooKeeper. The app will read this data on startup and place a watch
on the node to be notified, by ZooKeeper, of changes. This means that
running the writer script with new data will automatically propagate the
changes to every app very quickly, without restart.
The writer script relies on a human-entered password to authenticate
with ZooKeeper. The reddit app uses a different set of credentials
(specified in the INI file) to obtain read-only access to the
configuration data.
Also adds a new "live_config" spec to reddit and plugins. This spec is
parsed at write-time only and the parsed values are stored as JSON in
ZooKeeper.
This will allow us to collect information about how users found
subreddits that they subscribe to. We can use this information to test
the effectiveness of new ways of discovering and subscribing to
subreddits.
Specifically, when the subscribe button is clicked, for the current page
and previous page: the URL, referrer URL, and the type of UI element
clicked are sent. We'll use this to answer questions like:
* "did clicking on gizmo A lead to users subscribing to subreddit B?"
* "why did we see a spike in subscriptions to subreddit X today?"
This provides a system for two-factor authentication, using a compliant
OTP-generator such as Google Authenticator. The framework includes a
validator for use on API calls needing authentication as well as a UI
for provisioning/resetting your secret key. A secure cookie may be
generated to effectively turn the user's browser into a temporary
authentication factor.
This feature is currently limited to admins only until full-site SSL is
available.
If the config variable profile_directory is set, ProfilingMiddleware
will be added to the WSGI stack. The middleware will generate a file in
the specified directory on each request containing the contents of that
request's profile.
