I just wanted to clarify something... is there any protection in place in the thumbnail generator to prevent denial of service attacks? For instance if someone wanted to they could run a script which uploaded photos then fired off requests for thumbnails of it of size 20px,21px,22px...1024px
I'm guessing the servers wouldn't like that. This is why I'd be keen to limit the sizes.
May I suggest someone analyses the sizes currently used on wikipedia and we limit to those as an initial step and then review the less frequently used ones and standardise on some sizes? On Sep 5, 2012 9:15 AM, "Roan Kattouw" roan.kattouw@gmail.com wrote:
On Sun, Sep 2, 2012 at 5:59 PM, Tim Starling tstarling@wikimedia.org wrote:
The other reason for the existence of the backend thumbnail store is to transport images from the thumbnail scalers to the 404 handler. For that purpose, the image only needs to exist in the backend for a few seconds. It could be replaced by a better 404 handler, that sends thumbnails directly by HTTP. Maybe the Swift one does that already.
My understanding is that thumb.php already streamed the thumbnail back to the 404 handler via HTTP and has done so for at least the past two years or so.
Roan
Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l