-
Notifications
You must be signed in to change notification settings - Fork 322
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Feature proposal: Signal client disconnect using Request.signal
#3033
Comments
FWIW, I agree this is the right API. (But I don't currently know when we'll be able to implement it.) |
I'd be open to contributing this. But I wouldn't want to get started until the proposal has been through the appropriate reviews etc? Let me know. |
👍 to this feature, cloudflare should support abort requests in the meantime, anyone have any workaround in mind? |
@mikenomitch @irvinebroque thoughts? |
We want to support Defer to others on if we think this is a viable thing for someone externally to contribute but in principle really appreciate that you're interested in contributing @brettwillis. @jasnell FYI re: standards |
To be clear, we already support One key question to determine is under what conditions would the And just to make sure we're on the same page, this is what we're talking about, correct? export default {
fetch(request) {
request.signal.addEventListener('abort', () => {
// If this is called, it means the incoming request was canceled and we should stop trying to do stuff for it.
});
}
} |
Yes correct. I'd add that the work in that callback may be async, and therefore involve export default {
fetch(request, env, ctx) {
request.signal.addEventListener('abort', () => {
// Do some logging or async work to signal other parts of the system
const promise = ...;
ctx.waitUntil(promise);
});
// Response may be a long-running readable stream
const readable = ...;
return readable;
}
}
Good point, needs some careful consideration. Here's a train of thought from my side: Is it correct to say that there are currently two ways for a request to end: (1) end "naturally" by emptying the event loop, or (2) "aborted" by the runtime by cancelling any pending callbacks in the event loop. We could then say that While this sounds clean, it may break down a little when reasoning about (3) and (4) below... Conditions I can think of where the runtime currently aborts a request (cancelling event loop callbacks) are:
In the cases of (3) and (4), the script has already reached it's limits and therefore you might not want to give it more life with the There's also another case: I think "dangling" timers and async callbacks are cancelled from the event loop if they were not wrapped in |
I think only case 1 makes sense to support via this API. AFAIK the platform does reliably detect client disconnects, so that's not an issue. It should be straightforward to implement. I think cases 2-4 raise a lot more questions and concerns. I'm not sure we can really support them at all, but if we did, I don't think One gotcha regarding I think we might have to say: If the |
I think this potentially becomes a bit wonky in deferred proxy cases. Specifically, if I have a case like...
In this case, because of deferred proxying, if the client disconnects after we've returned the response but before the response has been fully completed, would we expect the abort handler to be called? Do we care at this point? |
I would say no, don't deliver any notification at that point. It would break the optimization, and I can't see why any app would need it. |
We'll need to document that carefully then to avoid confusion. It would mean that the handler would be called in some cases after a response is sent but not called in others, depending on whether the deferred proxy optimization is in use or not... for instance, in a case like the following I would still expect the abort handler to be called since we're still running JavaScript after the response is returned. It just might be a bit confusing for folks if they aren't aware of when we apply the optimization or not.
To be clear, I'm not disagreeing with you, just pointing out that we'll need to document this bit carefully. |
Maybe, but the same issue already exists today. Like if you use |
That's fair. And fwiw, this is what I meant earlier when I said, "we likely cannot guarantee that it will fire in every case." Specifically, there will be some cases (like deferred proxy) where we say that the abort listener will not be invoked even if the request has not been fully processed... simply because we might have passed the point at which we're actually running JavaScript. As long as that's understood this should be fairly straightforward to implement. |
Hey, any progress on this? We need to able to cancel requests in CF |
That's a really good point I hadn't thought of. It feels like most people would find it pretty unexpected for their subrequest to be cancelled because of the incoming requests And personally it also feels a little convoluted that All that to say that of those two options my vote would be to implicitly ignore the same signal instance on subrequests. Either that or a non-standard API that lives beside
Would we want |
A benefit of
No I don't think so. I doubt most people would actually want this to prevent deferred proxying. We just won't deliver the abort event to JS if we've already gone into deferred proxying before the client disconnects. That's probably fine because this implies the JS context is already over and so all resources it was holding open have been closed implicitly (except for the proxy stream), so what else would it care to do? |
Why not
+1 to this. |
Good point, that also makes it easy to pass on the signal to other APIs expecting an AbortSignal. And it limits bikeshedding. :) |
Great idea, I like it too. |
What's the next step here? |
Really comes down to prioritizing and scheduling the change here. It's on our roadmap. Difficult to say at the moment exactly when we'll be able to work on this. |
Absolutely. Sorry I wasn't meaning "when", I was more asking, because I've offered to contribute to this, are there more reviews that need to take place, or is this a feature you'd prefer to keep in house? |
Certainly open to a contribution here. I just know there's likely some internal testing and possible an internal PR that would also be needed before we could pick this up in production so I think it at least warrants making sure we have someone on the runtime team engaged to work on this also. |
Ok sounds great, then I'll wait to hear back before doing anything. Thanks 🙏🏼 |
As I understand it, when a client disconnects, the context/"thread" for a request is aborted as is. And if
ctx.waitUntil()
was called, then those promises are allowed some time to resolve.When you are running async callbacks using
ctx.waitUntil(promise)
, there is no easy way to know that the client has disconnected.Conceptually, if you responded with a
ReadableStream
, then controller.enqueue(chunk) should throw orwriter.write(chunk)
of the writable side should reject on the next write. This would require keeping the context alive withctx.waitUntil(writable.closed)
or something like that, otherwise the context would just die immediately anyway. However I've found that these don't seem to reliably throw/reject when the client disconnects. Perhaps that is a separate issue.Much of what I'm describing above is from experience/testing or examining
workerd
rather than documentation, so feel free to correct me.Proposal
The
Request.signal
API is an existing standard API which reflects theAbortSignal
passed when constructing the request. However thesignal
property of the incoming request currently does nothing.I propose that the Workers runtime utilise this existing API by "aborting" the
signal
of the incoming request when a client disconnects. Any scripts that are interested in reacting when the client has disconnected can utilise this signal.If an abort listener has been registered using
request.signal.addEventListener('abort', ...)
then the runtime will call those handler(s) when the client disconnects, before aborting the context. If the handler(s) synchronously callctx.waitUntil(promise)
then that will keep the context alive for a further period of time.Credit to uri2 here for this inspiration of this idea, as other proposals I had entertained were new non-standard APIs such as
ctx.addEventListener('end', ...)
etc.I'm happy to contribute if this proposal makes it through.
Use cases
The use-cases I require this for are scenarios when the Worker is generating a long-running response stream on the fly, for example Server-sent events.
When the client disconnects from the stream, it is useful to react to perform logging, or do cleanup such as signalling user presence in a database.
Currently the request will either die immediately, or if
ctx.waitUntil(writable.closed)
was called then it will continue running unknowingly until it gets terminated anyway 30s or so later.The text was updated successfully, but these errors were encountered: