launchpad-dev team mailing list archive

[Robert Collins <robert.collins@xxxxxxxxxxxxx>]

On Fri, Jun 3, 2011 at 1:56 AM, Gary Poster <gary.poster@xxxxxxxxxxxxx> wrote:
> Alternatively or in addition, perhaps there's a clever feature flag tweak we can do, like looking for a browser cookie that we insert manually in our browsers, or something.

Exactly!

One of the unrealised intentions of flags was allowing soft-launches
including anonymous users. There are two problems:
 - our caching story is probably too aggressive
 - we don't have glue to define stuff yet.

(sketch)
1) Teach apache to let requests with a cookie like LP_FEATURES through
squid - that is, only treat *other* cookies as needing to bypass
squid.
2)
Have a scope 'fraction' which takes a %:
advancedsubscriptions.enabled fraction 0 5%

This would:
 - when evaluated, add a Vary: Cookie
 - look for LP_FEATURES and if found use that to return True or False
 - otherwise grab a random number, if higher than the % given set the
flag to False in the cookie, otherwise set the flag to be true in the
cookie.
 - the cookie would be base64 encoded json of {flagname: True|False}.

Security wise this is fine because we would only consult the cookie
for flags which we had decided to use a % base for inclusion.

-Rob