Geekly articles weekly

Steam memiliki masalah caching karena pengguna dapat melihat informasi tentang akun orang lain

gambar
Steam hari ini memiliki masalah besar dengan caching halaman.

Semuanya dimulai pada awal hari ke-4 penjualan Tahun Baru di Steam. Banyak pengguna telah memperoleh akses ke alat admin di Steam.

gambar
Meskipun menekan tombol tidak menyebabkan efek, Anda dapat melihat log:
gambar
Jika tertarik, inilah log yang disimpan
Stats for default/
	Tracked requests: 24,758
	Average Time: 2.05
	Average PHP Time: 0.73
	Average WG Time: 1.32
	Average WG Bytes: 22,255.30
	Average WG Calls: 2.40
	(View All Controller Stats)

The following asserts fired while rendering this page:

----------------- FAILURE -----------------
PHP Notice: Memcache::get() [<a href='memcache.get'>memcache.get</a>]: Server 10.4.0.52 (tcp 11211) failed with: Connection timed out (110)
Occurred at: /valve/www/store.steampowered.com/bld3202303/common/memcached/objectcache.php : 208

Callstack:
0: get( a:1:{i:0;s:35:"betasub_1629313_2940_russian_public";} ) called at /valve/www/store.steampowered.com/bld3202303/common/memcached/objectcache.php : 208
1: GetMultipleObjects( a:1:{i:0;s:35:"betasub_1629313_2940_russian_public";} ) called at /valve/www/store.steampowered.com/bld3202303/store/includes/subscription.php : 1425
2: LoadSubsFromMemcachedIfNeeded( a:1:{i:0;i:2940;}, O:18:"CSharedObjectCache":6:{s:31:"?CSharedObjectCache?m_rgS ... , O:12:"CObjectCache":5:{s:13:"?*?m_Memcache";O:8:"Memcache":1 ...  ) called at /valve/www/store.steampowered.com/bld3202303/store/includes/subscription.php : 1460
3: PreloadMultipleSubs( a:1:{i:0;i:2940;} ) called at /valve/www/store.steampowered.com/bld3202303/store/includes/application.php : 3368
4: OnWGDataReady( ) called at /valve/www/store.steampowered.com/bld3202303/store/includes/application.php : 3354
5: {closure}( {unserializable}, {unserializable} ) called at unknown location...
6: call_user_func( {unserializable}, {unserializable}, {unserializable} ) called at /valve/www/store.steampowered.com/bld3202303/common/cwg.php : 9985

----------------- FAILURE -----------------
PHP Notice: Memcache::set() [<a href='memcache.set'>memcache.set</a>]: Server 10.4.0.54 (tcp 11211) failed with: Connection timed out (110)
Occurred at: /valve/www/store.steampowered.com/bld3202303/common/memcached/objectcache.php : 145

Callstack:
0: set( s:31:"betaapp_28_29900_russian_public";, O:12:"CApplication":130:{s:33:"?CApplication?m_strLoadedLang ... , i:0;, i:3956; ) called at /valve/www/store.steampowered.com/bld3202303/common/memcached/objectcache.php : 145
1: StoreObject( s:31:"betaapp_28_29900_russian_public";, O:12:"CApplication":130:{s:33:"?CApplication?m_strLoadedLang ... , i:3956; ) called at /valve/www/store.steampowered.com/bld3202303/store/includes/application.php : 3485
2: ConstructCApplication( s:5:"29900";, s:7:"russian";, b:1; ) called at /valve/www/store.steampowered.com/bld3202303/store/includes/application.php : 3663
3: PreloadMultipleApps( a:5:{i:0;s:5:"35140";i:1;s:5:"19680";i:2;s:5:"10150";i:3;s:5 ... , b:1;, b:1; ) called at /valve/www/store.steampowered.com/bld3202303/store/includes/application.php : 3868
4: PreloadMultipleAppLinks( a:5:{i:0;s:5:"35140";i:1;s:5:"19680";i:2;s:5:"10150";i:3;s:5 ...  ) called at /valve/www/store.steampowered.com/bld3202303/store/controllers/default.php : 1074
5: LoadComplete( ) called at /valve/www/store.steampowered.com/bld3202303/store/controllers/default.php : 1050
6: EnsureLoaded( ) called at /valve/www/store.steampowered.com/bld3202303/store/controllers/default.php : 1111

Performance Data
Memcached get called 157 times (50.20 milliseconds)
Memcached set called 217 times (2699.43 milliseconds)
Shared memcached server 10.4.0.51:11211 status 2
Shared memcached server 10.4.0.52:11211 status 0
Shared memcached server 10.4.0.53:11211 status 2
Shared memcached server 10.4.0.54:11211 status 0
Shared memcached get called 170 times (1454.42 milliseconds)
Shared memcached set called 91 times (1512.70 milliseconds)
Execution Time: 14058.346987 milliseconds

Memory Usage: 42,729,472 bytes

MySQL queries run against 127.0.0.1:storefront3 : 0
MySQL queries run against 127.0.0.1:mordor : 0
Application factory loaded 53 apps, 101 applinks
Subscription factory loaded 380 subs

Time spent in WG calls: 7.82 seconds
	Request BatchedRequest #0          1 calls, 0.12 seconds,       456 bytes 
	Trigger: ValidateUserToken
	  Batch: IPToLocation(0.01), **ValidateUserToken**(0.05)
	Request BatchedRequest #1          1 calls, 0.38 seconds,    12,626 bytes 
	  Batch: GetWalletDetails(0.14), GetPlayerLinkDetails(0.14), GetWishlistItemCount(0.14),
		 Player.GetOwnedApps(0.14), Store.GetDiscoveryQueue(0.14), GetWishlist(0.14), QuerySolr[DLC
		 on sale](0.30), GetPendingNotificationCounts(0.14)
	Request ExperimentService.ReportProductImpression  1 calls, 0.00 seconds,         1 bytes 
	Request BatchedRequest #2          1 calls, 1.21 seconds,    43,456 bytes 
	Trigger: StoreCatalog.GetPackageRevision
	  Batch: QuerySolr[CUserWishlistOnSaleLoader::OnWishlistReady](0.96), StoreCatalog.GetApp(0.12),
		 StoreCatalog.GetAppRevision(0.16), StoreCatalog.GetPackage(0.13),
		 **StoreCatalog.GetPackageRevision**(0.14), StoreCatalog.GetPackage(0.12),
		 StoreCatalog.GetPackageRevision(0.16), StoreCatalog.GetPackage(0.12),
		 StoreCatalog.GetPackageRevision(0.16)
	Request BatchedRequest #3          1 calls, 0.51 seconds,     1,366 bytes 
	Trigger: StoreCatalog.GetPackageRevision
	  Batch: StoreCatalog.GetPackage(0.25), **StoreCatalog.GetPackageRevision**(0.28)
	Request BatchedRequest #4          1 calls, 0.43 seconds,     2,711 bytes 
	Trigger: Store.GetAppTags
	  Batch: **Store.GetAppTags**(0.08)
	Request BatchedRequest #5          1 calls, 0.54 seconds,    33,329 bytes 
	Trigger: StoreCatalog.GetPackageRevision
	  Batch: StoreCatalog.GetPackage(0.26), **StoreCatalog.GetPackageRevision**(0.27),
		 StoreCatalog.GetPackage(0.26), StoreCatalog.GetPackageRevision(0.28),
		 StoreCatalog.GetPackage(0.26), StoreCatalog.GetPackageRevision(0.28),
		 StoreCatalog.GetPackage(0.26), StoreCatalog.GetPackageRevision(0.28),
		 StoreCatalog.GetPackage(0.26), StoreCatalog.GetPackageRevision(0.27),
		 StoreCatalog.GetPackage(0.26), StoreCatalog.GetPackageRevision(0.27),
		 StoreCatalog.GetPackage(0.26), StoreCatalog.GetPackageRevision(0.28),
		 StoreCatalog.GetPackage(0.26), StoreCatalog.GetPackageRevision(0.28),
		 StoreCatalog.GetPackage(0.26), StoreCatalog.GetPackageRevision(0.27),
		 StoreCatalog.GetPackage(0.26), StoreCatalog.GetPackageRevision(0.28),
		 StoreCatalog.GetPackage(0.26), StoreCatalog.GetPackageRevision(0.28),
		 StoreCatalog.GetPackage(0.26), StoreCatalog.GetPackageRevision(0.27)
	Request BatchedRequest #6          1 calls, 0.34 seconds,    96,188 bytes 
	Trigger: StoreCatalog.GetPackageRevision
	  Batch: StoreCatalog.GetApp(0.06), StoreCatalog.GetAppRevision(0.26),
		 StoreCatalog.GetPackage(0.06), **StoreCatalog.GetPackageRevision**(0.26),
		 StoreCatalog.GetPackage(0.06), StoreCatalog.GetPackageRevision(0.26)
	Request BatchedRequest #7          1 calls, 0.83 seconds,    72,521 bytes 
	Trigger: StoreCatalog.GetAppRevision
	  Batch: StoreCatalog.GetApp(0.06), **StoreCatalog.GetAppRevision**(0.43), Store.GetAppTags(0.06),
		 StoreCatalog.GetApp(0.06), StoreCatalog.GetAppRevision(0.43), Store.GetAppTags(0.06)
	Request BatchedRequest #8          1 calls, 1.63 seconds,     2,932 bytes 
	Trigger: StoreCatalog.GetPackageRevision
	  Batch: StoreCatalog.GetPackage(0.63), **StoreCatalog.GetPackageRevision**(1.01),
		 StoreCatalog.GetPackage(0.54), StoreCatalog.GetPackageRevision(1.00)
	Request BatchedRequest #9          1 calls, 0.23 seconds,     1,256 bytes 
	Trigger: StoreCatalog.GetPackageRevision
	  Batch: StoreCatalog.GetPackage(0.09), **StoreCatalog.GetPackageRevision**(0.13)
	Request BatchedRequest #10         1 calls, 0.29 seconds,    10,773 bytes 
	Trigger: QuerySolr
	  Batch: **QuerySolr**[tab:TopSellers][cache: hit,up-to-date], QuerySolr[tab:Discounts][cache:
		 hit,up-to-date], QuerySolr[tab:ComingSoon][cache: hit,up-to-date],
		 QuerySolr[tab:PopularNewReleasesHome][cache: hit,up-to-date],
		 QuerySolr[tab:top_games_under_30000min15000][cache: hit,up-to-date],
		 QuerySolr[tab:top_games_under_15000min0][cache: hit,up-to-date]
	Request BatchedRequest #11         1 calls, 0.54 seconds,   133,255 bytes 
	Trigger: StoreCatalog.GetAppRevision
	  Batch: StoreCatalog.GetApp(0.29), **StoreCatalog.GetAppRevision**(0.30)
	Request BatchedRequest #12         1 calls, 0.77 seconds,     7,236 bytes 
	Trigger: Store.GetAppTags
	  Batch: **Store.GetAppTags**(0.38), Store.GetAppTags(0.49), Store.GetAppTags(0.49),
		 Store.GetAppTags(0.38)
Total calls: 14 [WG: 14, Memcache: 0]

CPackageInfo status: Not Fetched
Localization version is 20.
Using native localization extension.

Host: sfweb-029.cde.rack
Profiler:
	Init: 0.000s
	End controller time: 2.987s
	Template templates/partials/header_admin_options.php render time: 0.000s
	End controller time: 0.001s
	End controller time: 0.003s
	Template templates/partials/menu_store.php render time: 0.003s
	Template templates/partials/home_header_winter2014.php render time: 6.133s
	End controller time: 0.598s
	Template templates/default_winter_2014.php render time: 4.302s
	Total: 14.037s

HOMEPAGE STATS
	Cache key: "homepage_sale_3202303_1451068605_win_menu_RU_beta_russian__store.steampowered.com_6fb30244387417fb0a8b3dc0_Europe/Moscow"
	Homepage rendered without cache.
	Next homepage cluster/spotlight/dailydeal update: 26   10:00 ( 40,965 seconds from now )
	Homepage cache lifetime: 300 seconds
Build: 3202303 2015-12-24 21:45:42 MSK
Disable Log (Refreshes page!)
0.000s  WG: BatchedRequest  Making request. Expect response: 1. Use SSL: 0. Max retries:
0.121s  WG: BatchedRequest  Succeeded. Read 456 bytes in 0.121s
0.126s  WG: BatchedRequest  Making request. Expect response: 1. Use SSL: 0. Max retries:
0.505s  WG: BatchedRequest  Succeeded. Read 12626 bytes in 0.379s
0.514s  WG: ExperimentService.ReportProductImpression  Making request. Expect response: 0. Use SSL: 0. Max retries:
0.516s  WG: ExperimentService.ReportProductImpression  Failed, but was not expecting response. Read 1 bytes in 0.002s
0.678s  WG: BatchedRequest  Making request. Expect response: 1. Use SSL: 0. Max retries:
1.890s  WG: BatchedRequest  Succeeded. Read 43456 bytes in 1.212s
1.941s  WG: BatchedRequest  Making request. Expect response: 1. Use SSL: 0. Max retries:
2.450s  WG: BatchedRequest  Succeeded. Read 1366 bytes in 0.509s
2.539s  WG: BatchedRequest  Making request. Expect response: 1. Use SSL: 0. Max retries:
2.966s  WG: BatchedRequest  Succeeded. Read 2711 bytes in 0.427s
3.019s  WG: BatchedRequest  Making request. Expect response: 1. Use SSL: 0. Max retries:
3.555s  WG: BatchedRequest  Succeeded. Read 33329 bytes in 0.536s
3.672s  WG: BatchedRequest  Making request. Expect response: 1. Use SSL: 0. Max retries:
4.011s  WG: BatchedRequest  Succeeded. Read 96188 bytes in 0.339s
4.069s  WG: BatchedRequest  Making request. Expect response: 1. Use SSL: 0. Max retries:
4.901s  WG: BatchedRequest  Succeeded. Read 72521 bytes in 0.832s
4.947s  WG: BatchedRequest  Making request. Expect response: 1. Use SSL: 0. Max retries:
6.575s  WG: BatchedRequest  Succeeded. Read 2932 bytes in 1.628s
7.630s  WG: BatchedRequest  Making request. Expect response: 1. Use SSL: 0. Max retries:
7.856s  WG: BatchedRequest  Succeeded. Read 1256 bytes in 0.226s
9.742s  WG: BatchedRequest  Making request. Expect response: 1. Use SSL: 0. Max retries:
10.036s  WG: BatchedRequest  Succeeded. Read 10773 bytes in 0.295s
10.227s  WG: BatchedRequest  Making request. Expect response: 1. Use SSL: 0. Max retries:
10.770s  WG: BatchedRequest  Succeeded. Read 133255 bytes in 0.543s
12.500s  WG: BatchedRequest  Making request. Expect response: 1. Use SSL: 0. Max retries:
13.270s  WG: BatchedRequest  Succeeded. Read 7236 bytes in 0.770s



Saat Anda menelusuri halaman-halaman toko, pengguna memasukkan profil orang lain secara acak.
Tautan akun Anda menampilkan data orang lain, misalnya, ini:
store.steampowered.com/account
store.steampowered.com/steamaccount/addfunds
Detail Akun berisi informasi yang paling penting, termasuk daftar transaksi terakhir, jumlah uang dalam akun elektronik, alamat email , nomor telepon (empat digit terakhir), alamat rumah dan nomor kartu kredit (empat digit terakhir).
Jika mau, Anda dapat membuat basis email pengguna Steam.
Di toko, Anda dapat menambahkan barang ke keranjang orang lain. Tetapi pembelian tidak akan berhasil.

Anda dapat melihat komentar di kode halaman:
<!-- note this javascript file is intentionally served locally instead of over CDN because it is valveip-only -->

dan selanjutnya adalah tautan ke skrip untuk administrator:
store.steampowered.com//public/javascript/internal_tools.js?v=YfxbUueIZPfu
Kode skrip

function FlushHomepage()
{
	HideMenu( 'admin_pulldown', 'admin_dropdown' );
	var $CurrentStatus = $J('<div/>');
	var $Message = $J('<div/>').text('Please wait, flushing homepage...' );
	var Modal = ShowBlockingWaitDialog( 'Flush Homepage', $Message.append( $CurrentStatus ) );

	var fnFail = function() { Modal.Dismiss(); ShowAlertDialog( 'Flush Homepage', 'Something went wrong' ); };
	$J.post('http://store.steampowered.com/api/prepareupdateglobalcacheversion' )
		.done( function( data ) {
			var global_cache_version = data.global_cache_version;
			var rgLocales = data.rgLocales;
			var fnDoLocale = function ( rgLocale )
			{
				return $J.post( 'http://store.steampowered.com/api/primehomepage', {
					global_cache_version: global_cache_version,
					l: rgLocale[0],
					cc: rgLocale[1]
				});
			};
			var fnFinalize = function()
			{
				$CurrentStatus.text( 'Finalizing...' );
				$J.post( 'http://store.steampowered.com/api/updateglobalcacheversion', {
					global_cache_version: global_cache_version
				}).done( function() {
					$CurrentStatus.text( 'Reloading...' );
					window.location.reload();
				}).fail( fnFail );
			};

			if ( !data.allow_simultaneous )
			{
				var iLocale = 0;
				var fnDoNextLocale = function()
				{
					if ( iLocale < rgLocales.length )
					{
						var rgLocale = rgLocales[iLocale];
						$CurrentStatus.text( 'Priming homepage for ' + rgLocale[0] + ' language in ' + rgLocale[1] + '...');
						fnDoLocale( rgLocale ).always( fnDoNextLocale );
						iLocale++;
					}
					else
					{
						// finish
						fnFinalize();
					}
				};
				fnDoNextLocale();
			}
			else
			{
				$CurrentStatus.text( 'Priming homepage for ' + rgLocales.length + ' common locales...' );
				var rgDeferred = [];
				for ( var iLocale = 0; iLocale < rgLocales.length; iLocale++ )
				{
					rgDeferred.push( fnDoLocale( rgLocales[iLocale] ) );
				}
				// jQuery.when() does not accept an array, because that would be too easy
				//	so we use apply to pass the arguments in
				$J.when.apply( window, rgDeferred ).always( fnFinalize );
			}
		} )
		.fail( fnFail );
}

function FlushApp(appid)
{
	HideMenu( 'admin_pulldown', 'admin_dropdown' );
	var Modal = ShowBlockingWaitDialog( 'Flush App', 'Please wait, flushing app information and updating search index...' );
	$J.post('http://store.steampowered.com/api/flushcluster', { 'apps[]': appid } )
		.done( function( data ) { window.location.reload(); } )
		.fail( function() { Modal.Dismiss(); ShowAlertDialog( 'Flush App', 'Something went wrong.' ); } )
}

function FlushSub(subscriptionid)
{
	HideMenu( 'admin_pulldown', 'admin_dropdown' );
	var Modal = ShowBlockingWaitDialog( 'Flush Package', 'Please wait, flushing package information and updating search index...' );
	$J.post('http://store.steampowered.com/api/flushcluster', { 'subs[]': subscriptionid } )
		.done( function( data ) { window.location.reload(); } )
		.fail( function() { Modal.Dismiss(); ShowAlertDialog( 'Flush Package', 'Something went wrong.' ); } )
}



Sejauh ini, tidak ada komentar yang diterima dari Valve mengenai insiden ini.

Sebelumnya, kelompok peretas Phantom Squad mengancam akan menonaktifkan PlayStation Network dan Xbox Live di Twitter pada hari libur.
twitter.com/RealPhantomRaid/status/680503376631742464
kelompok Hanya SkidNP berjanji untuk serangan triple on Valve Server:
www.techworm.net/2015/12/hacking-group-skidnp-vows-target-steam-minecraft-servers-christmas.html

Do beberapa pengguna dicuri oleh sejumlah besar uang dalam kartu kredit yang diikat:
gambar
gambar

UPD (00:20 MSK) : Valve telah mematikan toko saat ini, ia berhasil bekerja (dengan bug) selama sekitar 4 jam.
UPD2 (02:00 MSK) : Satu setengah jam setelah mematikan, Valve menyalakan toko lagi.

Source: https://habr.com/ru/post/id388475/

More articles:


All Articles