Steam сегодня испытывает большие проблемы с кешированием страниц.
Началось все при старте 4го дня новогодней распродажи в Steam. Многие пользователи получили доступ к инструментам администратора в Steam.
Хотя нажатия кнопок эффекта не вызывают, но можно увидеть лог:
Stats for default/ Tracked requests: 24,758 Average Time: 2.05 Average PHP Time: 0.73 Average WG Time: 1.32 Average WG Bytes: 22,255.30 Average WG Calls: 2.40 (View All Controller Stats) The following asserts fired while rendering this page: ----------------- FAILURE ----------------- PHP Notice: Memcache::get() [<a href='memcache.get'>memcache.get</a>]: Server 10.4.0.52 (tcp 11211) failed with: Connection timed out (110) Occurred at: /valve/www/store.steampowered.com/bld3202303/common/memcached/objectcache.php : 208 Callstack: 0: get( a:1:{i:0;s:35:"betasub_1629313_2940_russian_public";} ) called at /valve/www/store.steampowered.com/bld3202303/common/memcached/objectcache.php : 208 1: GetMultipleObjects( a:1:{i:0;s:35:"betasub_1629313_2940_russian_public";} ) called at /valve/www/store.steampowered.com/bld3202303/store/includes/subscription.php : 1425 2: LoadSubsFromMemcachedIfNeeded( a:1:{i:0;i:2940;}, O:18:"CSharedObjectCache":6:{s:31:"?CSharedObjectCache?m_rgS ... , O:12:"CObjectCache":5:{s:13:"?*?m_Memcache";O:8:"Memcache":1 ... ) called at /valve/www/store.steampowered.com/bld3202303/store/includes/subscription.php : 1460 3: PreloadMultipleSubs( a:1:{i:0;i:2940;} ) called at /valve/www/store.steampowered.com/bld3202303/store/includes/application.php : 3368 4: OnWGDataReady( ) called at /valve/www/store.steampowered.com/bld3202303/store/includes/application.php : 3354 5: {closure}( {unserializable}, {unserializable} ) called at unknown location... 6: call_user_func( {unserializable}, {unserializable}, {unserializable} ) called at /valve/www/store.steampowered.com/bld3202303/common/cwg.php : 9985 ----------------- FAILURE ----------------- PHP Notice: Memcache::set() [<a href='memcache.set'>memcache.set</a>]: Server 10.4.0.54 (tcp 11211) failed with: Connection timed out (110) Occurred at: /valve/www/store.steampowered.com/bld3202303/common/memcached/objectcache.php : 145 Callstack: 0: set( s:31:"betaapp_28_29900_russian_public";, O:12:"CApplication":130:{s:33:"?CApplication?m_strLoadedLang ... , i:0;, i:3956; ) called at /valve/www/store.steampowered.com/bld3202303/common/memcached/objectcache.php : 145 1: StoreObject( s:31:"betaapp_28_29900_russian_public";, O:12:"CApplication":130:{s:33:"?CApplication?m_strLoadedLang ... , i:3956; ) called at /valve/www/store.steampowered.com/bld3202303/store/includes/application.php : 3485 2: ConstructCApplication( s:5:"29900";, s:7:"russian";, b:1; ) called at /valve/www/store.steampowered.com/bld3202303/store/includes/application.php : 3663 3: PreloadMultipleApps( a:5:{i:0;s:5:"35140";i:1;s:5:"19680";i:2;s:5:"10150";i:3;s:5 ... , b:1;, b:1; ) called at /valve/www/store.steampowered.com/bld3202303/store/includes/application.php : 3868 4: PreloadMultipleAppLinks( a:5:{i:0;s:5:"35140";i:1;s:5:"19680";i:2;s:5:"10150";i:3;s:5 ... ) called at /valve/www/store.steampowered.com/bld3202303/store/controllers/default.php : 1074 5: LoadComplete( ) called at /valve/www/store.steampowered.com/bld3202303/store/controllers/default.php : 1050 6: EnsureLoaded( ) called at /valve/www/store.steampowered.com/bld3202303/store/controllers/default.php : 1111 Performance Data Memcached get called 157 times (50.20 milliseconds) Memcached set called 217 times (2699.43 milliseconds) Shared memcached server 10.4.0.51:11211 status 2 Shared memcached server 10.4.0.52:11211 status 0 Shared memcached server 10.4.0.53:11211 status 2 Shared memcached server 10.4.0.54:11211 status 0 Shared memcached get called 170 times (1454.42 milliseconds) Shared memcached set called 91 times (1512.70 milliseconds) Execution Time: 14058.346987 milliseconds Memory Usage: 42,729,472 bytes MySQL queries run against 127.0.0.1:storefront3 : 0 MySQL queries run against 127.0.0.1:mordor : 0 Application factory loaded 53 apps, 101 applinks Subscription factory loaded 380 subs Time spent in WG calls: 7.82 seconds Request BatchedRequest #0 1 calls, 0.12 seconds, 456 bytes Trigger: ValidateUserToken Batch: IPToLocation(0.01), **ValidateUserToken**(0.05) Request BatchedRequest #1 1 calls, 0.38 seconds, 12,626 bytes Batch: GetWalletDetails(0.14), GetPlayerLinkDetails(0.14), GetWishlistItemCount(0.14), Player.GetOwnedApps(0.14), Store.GetDiscoveryQueue(0.14), GetWishlist(0.14), QuerySolr[DLC on sale](0.30), GetPendingNotificationCounts(0.14) Request ExperimentService.ReportProductImpression 1 calls, 0.00 seconds, 1 bytes Request BatchedRequest #2 1 calls, 1.21 seconds, 43,456 bytes Trigger: StoreCatalog.GetPackageRevision Batch: QuerySolr[CUserWishlistOnSaleLoader::OnWishlistReady](0.96), StoreCatalog.GetApp(0.12), StoreCatalog.GetAppRevision(0.16), StoreCatalog.GetPackage(0.13), **StoreCatalog.GetPackageRevision**(0.14), StoreCatalog.GetPackage(0.12), StoreCatalog.GetPackageRevision(0.16), StoreCatalog.GetPackage(0.12), StoreCatalog.GetPackageRevision(0.16) Request BatchedRequest #3 1 calls, 0.51 seconds, 1,366 bytes Trigger: StoreCatalog.GetPackageRevision Batch: StoreCatalog.GetPackage(0.25), **StoreCatalog.GetPackageRevision**(0.28) Request BatchedRequest #4 1 calls, 0.43 seconds, 2,711 bytes Trigger: Store.GetAppTags Batch: **Store.GetAppTags**(0.08) Request BatchedRequest #5 1 calls, 0.54 seconds, 33,329 bytes Trigger: StoreCatalog.GetPackageRevision Batch: StoreCatalog.GetPackage(0.26), **StoreCatalog.GetPackageRevision**(0.27), StoreCatalog.GetPackage(0.26), StoreCatalog.GetPackageRevision(0.28), StoreCatalog.GetPackage(0.26), StoreCatalog.GetPackageRevision(0.28), StoreCatalog.GetPackage(0.26), StoreCatalog.GetPackageRevision(0.28), StoreCatalog.GetPackage(0.26), StoreCatalog.GetPackageRevision(0.27), StoreCatalog.GetPackage(0.26), StoreCatalog.GetPackageRevision(0.27), StoreCatalog.GetPackage(0.26), StoreCatalog.GetPackageRevision(0.28), StoreCatalog.GetPackage(0.26), StoreCatalog.GetPackageRevision(0.28), StoreCatalog.GetPackage(0.26), StoreCatalog.GetPackageRevision(0.27), StoreCatalog.GetPackage(0.26), StoreCatalog.GetPackageRevision(0.28), StoreCatalog.GetPackage(0.26), StoreCatalog.GetPackageRevision(0.28), StoreCatalog.GetPackage(0.26), StoreCatalog.GetPackageRevision(0.27) Request BatchedRequest #6 1 calls, 0.34 seconds, 96,188 bytes Trigger: StoreCatalog.GetPackageRevision Batch: StoreCatalog.GetApp(0.06), StoreCatalog.GetAppRevision(0.26), StoreCatalog.GetPackage(0.06), **StoreCatalog.GetPackageRevision**(0.26), StoreCatalog.GetPackage(0.06), StoreCatalog.GetPackageRevision(0.26) Request BatchedRequest #7 1 calls, 0.83 seconds, 72,521 bytes Trigger: StoreCatalog.GetAppRevision Batch: StoreCatalog.GetApp(0.06), **StoreCatalog.GetAppRevision**(0.43), Store.GetAppTags(0.06), StoreCatalog.GetApp(0.06), StoreCatalog.GetAppRevision(0.43), Store.GetAppTags(0.06) Request BatchedRequest #8 1 calls, 1.63 seconds, 2,932 bytes Trigger: StoreCatalog.GetPackageRevision Batch: StoreCatalog.GetPackage(0.63), **StoreCatalog.GetPackageRevision**(1.01), StoreCatalog.GetPackage(0.54), StoreCatalog.GetPackageRevision(1.00) Request BatchedRequest #9 1 calls, 0.23 seconds, 1,256 bytes Trigger: StoreCatalog.GetPackageRevision Batch: StoreCatalog.GetPackage(0.09), **StoreCatalog.GetPackageRevision**(0.13) Request BatchedRequest #10 1 calls, 0.29 seconds, 10,773 bytes Trigger: QuerySolr Batch: **QuerySolr**[tab:TopSellers][cache: hit,up-to-date], QuerySolr[tab:Discounts][cache: hit,up-to-date], QuerySolr[tab:ComingSoon][cache: hit,up-to-date], QuerySolr[tab:PopularNewReleasesHome][cache: hit,up-to-date], QuerySolr[tab:top_games_under_30000min15000][cache: hit,up-to-date], QuerySolr[tab:top_games_under_15000min0][cache: hit,up-to-date] Request BatchedRequest #11 1 calls, 0.54 seconds, 133,255 bytes Trigger: StoreCatalog.GetAppRevision Batch: StoreCatalog.GetApp(0.29), **StoreCatalog.GetAppRevision**(0.30) Request BatchedRequest #12 1 calls, 0.77 seconds, 7,236 bytes Trigger: Store.GetAppTags Batch: **Store.GetAppTags**(0.38), Store.GetAppTags(0.49), Store.GetAppTags(0.49), Store.GetAppTags(0.38) Total calls: 14 [WG: 14, Memcache: 0] CPackageInfo status: Not Fetched Localization version is 20. Using native localization extension. Host: sfweb-029.cde.rack Profiler: Init: 0.000s End controller time: 2.987s Template templates/partials/header_admin_options.php render time: 0.000s End controller time: 0.001s End controller time: 0.003s Template templates/partials/menu_store.php render time: 0.003s Template templates/partials/home_header_winter2014.php render time: 6.133s End controller time: 0.598s Template templates/default_winter_2014.php render time: 4.302s Total: 14.037s HOMEPAGE STATS Cache key: "homepage_sale_3202303_1451068605_win_menu_RU_beta_russian__store.steampowered.com_6fb30244387417fb0a8b3dc0_Europe/Moscow" Homepage rendered without cache. Next homepage cluster/spotlight/dailydeal update: 26 дек в 10:00 ( 40,965 seconds from now ) Homepage cache lifetime: 300 seconds Build: 3202303 2015-12-24 21:45:42 MSK Disable Log (Refreshes page!) 0.000s WG: BatchedRequest Making request. Expect response: 1. Use SSL: 0. Max retries: 0.121s WG: BatchedRequest Succeeded. Read 456 bytes in 0.121s 0.126s WG: BatchedRequest Making request. Expect response: 1. Use SSL: 0. Max retries: 0.505s WG: BatchedRequest Succeeded. Read 12626 bytes in 0.379s 0.514s WG: ExperimentService.ReportProductImpression Making request. Expect response: 0. Use SSL: 0. Max retries: 0.516s WG: ExperimentService.ReportProductImpression Failed, but was not expecting response. Read 1 bytes in 0.002s 0.678s WG: BatchedRequest Making request. Expect response: 1. Use SSL: 0. Max retries: 1.890s WG: BatchedRequest Succeeded. Read 43456 bytes in 1.212s 1.941s WG: BatchedRequest Making request. Expect response: 1. Use SSL: 0. Max retries: 2.450s WG: BatchedRequest Succeeded. Read 1366 bytes in 0.509s 2.539s WG: BatchedRequest Making request. Expect response: 1. Use SSL: 0. Max retries: 2.966s WG: BatchedRequest Succeeded. Read 2711 bytes in 0.427s 3.019s WG: BatchedRequest Making request. Expect response: 1. Use SSL: 0. Max retries: 3.555s WG: BatchedRequest Succeeded. Read 33329 bytes in 0.536s 3.672s WG: BatchedRequest Making request. Expect response: 1. Use SSL: 0. Max retries: 4.011s WG: BatchedRequest Succeeded. Read 96188 bytes in 0.339s 4.069s WG: BatchedRequest Making request. Expect response: 1. Use SSL: 0. Max retries: 4.901s WG: BatchedRequest Succeeded. Read 72521 bytes in 0.832s 4.947s WG: BatchedRequest Making request. Expect response: 1. Use SSL: 0. Max retries: 6.575s WG: BatchedRequest Succeeded. Read 2932 bytes in 1.628s 7.630s WG: BatchedRequest Making request. Expect response: 1. Use SSL: 0. Max retries: 7.856s WG: BatchedRequest Succeeded. Read 1256 bytes in 0.226s 9.742s WG: BatchedRequest Making request. Expect response: 1. Use SSL: 0. Max retries: 10.036s WG: BatchedRequest Succeeded. Read 10773 bytes in 0.295s 10.227s WG: BatchedRequest Making request. Expect response: 1. Use SSL: 0. Max retries: 10.770s WG: BatchedRequest Succeeded. Read 133255 bytes in 0.543s 12.500s WG: BatchedRequest Making request. Expect response: 1. Use SSL: 0. Max retries: 13.270s WG: BatchedRequest Succeeded. Read 7236 bytes in 0.770s
При переходе по страницам магазина пользователя кидает в рандомные чужие профили.
По ссылкам вашего аккаунта отображаются чужие данные, например по этим:
store.steampowered.com/account
store.steampowered.com/steamaccount/addfunds
В Account Details находится наиболее важная информация, включая список последних транзакций, сумму денег на электронном счете, адрес электронной почты, номер телефона (последние четыре цифры), домашний адрес и номер кредитной карты (последние четыре цифры).
При желании можно составить базу E-mail пользователей Steam.
В магазине можно добавить товары в чужую корзину. Но покупку совершить не выйдет.
В коде страницы можно увидеть комментарий:
<!-- note this javascript file is intentionally served locally instead of over CDN because it is valveip-only -->
и рядом ссылку на скрипт для администраторов:
store.steampowered.com//public/javascript/internal_tools.js?v=YfxbUueIZPfu
function FlushHomepage()
{
HideMenu( 'admin_pulldown', 'admin_dropdown' );
var $CurrentStatus = $J('<div/>');
var $Message = $J('<div/>').text('Please wait, flushing homepage...' );
var Modal = ShowBlockingWaitDialog( 'Flush Homepage', $Message.append( $CurrentStatus ) );
var fnFail = function() { Modal.Dismiss(); ShowAlertDialog( 'Flush Homepage', 'Something went wrong' ); };
$J.post('http://store.steampowered.com/api/prepareupdateglobalcacheversion' )
.done( function( data ) {
var global_cache_version = data.global_cache_version;
var rgLocales = data.rgLocales;
var fnDoLocale = function ( rgLocale )
{
return $J.post( 'http://store.steampowered.com/api/primehomepage', {
global_cache_version: global_cache_version,
l: rgLocale[0],
cc: rgLocale[1]
});
};
var fnFinalize = function()
{
$CurrentStatus.text( 'Finalizing...' );
$J.post( 'http://store.steampowered.com/api/updateglobalcacheversion', {
global_cache_version: global_cache_version
}).done( function() {
$CurrentStatus.text( 'Reloading...' );
window.location.reload();
}).fail( fnFail );
};
if ( !data.allow_simultaneous )
{
var iLocale = 0;
var fnDoNextLocale = function()
{
if ( iLocale < rgLocales.length )
{
var rgLocale = rgLocales[iLocale];
$CurrentStatus.text( 'Priming homepage for ' + rgLocale[0] + ' language in ' + rgLocale[1] + '...');
fnDoLocale( rgLocale ).always( fnDoNextLocale );
iLocale++;
}
else
{
// finish
fnFinalize();
}
};
fnDoNextLocale();
}
else
{
$CurrentStatus.text( 'Priming homepage for ' + rgLocales.length + ' common locales...' );
var rgDeferred = [];
for ( var iLocale = 0; iLocale < rgLocales.length; iLocale++ )
{
rgDeferred.push( fnDoLocale( rgLocales[iLocale] ) );
}
// jQuery.when() does not accept an array, because that would be too easy
// so we use apply to pass the arguments in
$J.when.apply( window, rgDeferred ).always( fnFinalize );
}
} )
.fail( fnFail );
}
function FlushApp(appid)
{
HideMenu( 'admin_pulldown', 'admin_dropdown' );
var Modal = ShowBlockingWaitDialog( 'Flush App', 'Please wait, flushing app information and updating search index...' );
$J.post('http://store.steampowered.com/api/flushcluster', { 'apps[]': appid } )
.done( function( data ) { window.location.reload(); } )
.fail( function() { Modal.Dismiss(); ShowAlertDialog( 'Flush App', 'Something went wrong.' ); } )
}
function FlushSub(subscriptionid)
{
HideMenu( 'admin_pulldown', 'admin_dropdown' );
var Modal = ShowBlockingWaitDialog( 'Flush Package', 'Please wait, flushing package information and updating search index...' );
$J.post('http://store.steampowered.com/api/flushcluster', { 'subs[]': subscriptionid } )
.done( function( data ) { window.location.reload(); } )
.fail( function() { Modal.Dismiss(); ShowAlertDialog( 'Flush Package', 'Something went wrong.' ); } )
}
Пока никаких комментариев от Valve по поводу этого инцидента не поступило.
Ранее хакерская группировка Phantom Squad грозилась в Twitter на праздники вывести из строя PlayStation Network и Xbox Live.
twitter.com/RealPhantomRaid/status/680503376631742464
Так же группа SkidNP обещала утроить атаку на сервера Valve:
www.techworm.net/2015/12/hacking-group-skidnp-vows-target-steam-minecraft-servers-christmas.html
У некоторых пользователей увели крупные суммы денег в привязанной кредитки:
UPD (00:20 MSK): В данный момент Valve уже отключили магазин, он успел проработать (с багом) около 4 часов.
UPD2 (02:00 MSK): Спустя полтора часа после отключения Valve снова включили магазин.
-
—
-
3,3k
-
10
function show_inner_banner_block300(name, url){
if( typeof(name) !== 'undefined'){
$('#adriver_banner_290126206').html('
')
}
}
$(function(){
var check_scroll_position = function() {
var height = $(window).height();
var scrollTop = $(window).scrollTop();
var scrollBottom = $(window).scrollTop() + height;
if($('#adriver_banner_290126206').length){
var blockTop = $('#adriver_banner_290126206').position().top;
}
var show = scrollTop < blockTop && blockTop < scrollBottom;
if( show ){
$( window ).off('scroll', check_scroll_position);
$( window ).trigger('show_bn3');
}
};
$( window ).on('show_bn3', function(){
var keyword = '';
if (typeof crtg_content !== 'undefined' && crtg_content) { keyword = crtg_content; }
var custom = { 4:ar_duo1 };
custom[1] = 'infosecurity';
custom[2] = 'games';
if ( typeof(adriver) !== 'undefined' ) {
new adriver("adriver_banner_290126206", {sid:202254, bt:52, bn:13, custom: custom, keyword: keyword});
}
});
$( window ).on('scroll', check_scroll_position);
});
Похожие публикации
Автор: Haoose