Anonymising and de timestamping cached data - App-vNext/Polly GitHub Wiki

Using serializers to anonymise cached data or remove timestamps

ℹī¸ This documentation describes the previous Polly v7 API. If you are using the new v8 API, please refer to pollydocs.org.

ICacheItemSerializer<TResult, TSerialized> was introduced into Polly to allow CachePolicy to serialize values to storage formats required by individual cache providers. However, serializers can also be used for manipulating data on the way in to and out of cache, without necessarily transforming the format.

This can be useful for anonymising content stored in the cache, and ensuring that content served from cache does not present incorrect timestamps if these aspects are important to you or if there is any danger of them leaking to the consumer.

Example: HttpResponseMessage

A typical example might be if using CachePolicy in a call returning HttpResponseMessage. You may in this case want to:

Personal data or any data varying with the requester

  • anonymize before caching: remove any header information you consider personal to or varying with the original requester (eg Cookie; User-Agent and others);
  • re-personalize (re-create corresponding headers relevant to the later requester) after retrieving the anonymised version from cache.

Timestamps

  • de-timestamp: remove timestamps before storing in the cache;
  • re-timestamp with current time when returning items from cache

Implementation

The simple implementation for this is to make an ICacheItemSerializer<HttpResponseMessage, HttpResponseMessage>:

  • the Serialize(...) method should anonymise and strip timestamps
  • the Deserialize(...) method should re-timestamp and re-personalize where possible (some re-personalisation may have to remain with calling code, which has access to further personal context from the HttpRequestMessage)