Hi, This is my first post. I'm currently taking Symfony2 classes in Montreal with your company and the teacher suggested I post this.
I'm currently rewriting Youporn.com (obviously not safe for work) in Symfony2. This is a very high traffic site. On really high traffic sites sessions are not practical. They make pages uncacheable and add a lot of overhead to page generation. We have a strict rule, no sessions. However some Symfony tools need them even when they aren't strictly needed. For example the translation code uses sessions to store the user's locale. Parsing the headers can't be slower than a network hit for memcached. The forms coding also uses them by default to prevent mischief which is smart but but simple encrypted cookie would work just as well. We still couldn't cache the page but it would avoid a hit on memcached, redis, or whatever backend we are using. I've found work-arounds for both these issues but I figured I would throw it out to you guys that depending on sessions when not strictly needed reduces scalability. ~Eric Pickup -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups "symfony developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/symfony-devs?hl=en
