Add Retry-After header to HTML maintenance mode responses

Created on 13 March 2023, almost 2 years ago
Updated 15 September 2023, over 1 year ago

Problem/Motivation

Since πŸ› Invalid JSON:API responses when maintenance mode is on Fixed JSONAPI responses has a Retry-After header. That header would be also beneficial for HTML responses too when maintenance mode is set to help CDNs to differentiate ANY 5xx error from planned maintenance mode. This would allow CDNs to differentiate planned maintenance and optimize their behaviors accordingly.

When sent with a 503 (Service Unavailable) response, this indicates how long the service is expected to be unavailable.

Source: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Retry-After

Steps to reproduce

Proposed resolution

Remaining tasks

User interface changes

API changes

Data model changes

Release notes snippet

✨ Feature request
Status

Active

Version

11.0 πŸ”₯

Component
BaseΒ  β†’

Last updated about 10 hours ago

Created by

πŸ‡­πŸ‡ΊHungary mxr576 Hungary

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Comments & Activities

Not all content is available!

It's likely this issue predates Contrib.social: some issue and comment data are missing.

  • Issue created by @mxr576
  • πŸ‡­πŸ‡ΊHungary mxr576 Hungary

    As πŸ“Œ Stop using a 5xx error code for maintenance mode Closed: works as designed did not go through a long time ago, but πŸ› Invalid JSON:API responses when maintenance mode is on Fixed get merged recently, I hope this idea is welcomed.

    This would allow CDNs to differentiate planned maintenance and optimize their behaviors accordingly.

    Our hosting provider uses Fastly as CDN and there is an issue that currently Drupal's maintenance page is never visible to end users because Fastly cannot differentiate scheduled maintenance from other fatal errors on a site - which case it displays its own error screen.

  • πŸ‡­πŸ‡ΊHungary mxr576 Hungary
  • πŸ‡­πŸ‡ΊHungary mxr576 Hungary
  • πŸ‡¬πŸ‡§United Kingdom alexpott πŸ‡ͺπŸ‡ΊπŸŒ

    How about we add an X-DRUPAL-MAINTENANCE-PAGE for this? We could do something like:

          if (!$this->maintenanceMode->exempt($this->account)) {
            // When the account is not exempt, other subscribers handle request.
            $this->eventDispatcher->dispatch($event, MaintenanceModeEvents::MAINTENANCE_MODE_REQUEST);
            // Set a header so CDNs can determine that this 503 is caused by the
            // maintenance page.
            $event->getResponse()->headers->set('X-DRUPAL-MAINTENANCE-PAGE', 1);
          }
    

    in \Drupal\Core\EventSubscriber\MaintenanceModeSubscriber::onKernelRequestMaintenance()

  • πŸ‡¬πŸ‡§United Kingdom alexpott πŸ‡ͺπŸ‡ΊπŸŒ

    The reason I feel this is better than retry-after is that it is explicit rather than implied.

  • πŸ‡ΊπŸ‡ΈUnited States tedfordgif

    I like the idea of having both the explicit x-drupal-maintenance-[something] and the retry-after header, the latter having a random range and no-UI min/max settings like for JSON:API. However, perhaps for BC reasons retry-after should not be added to the response until a dev adds the settings (or makes them > 0)? The behavior is then different than JSON:API, but that could be harmonized in D11.

  • πŸ‡«πŸ‡·France O'Briat Nantes

    Is a more generic header exists? This Drupal one could be considered as a (small) "leak" by security review.

    It's not all about CDN, the "Retry-After" header was original a google/seo recommandation (as pointed in https://www.drupal.org/project/drupal/issues/3049048 πŸ› Invalid JSON:API responses when maintenance mode is on Fixed )

Production build 0.71.5 2024