From: Eric Wong <normalperson@yhbt.net>
To: mongrel-unicorn@rubyforge.org
Subject: [PATCH] KNOWN_ISSUES: document Rack gem issue w/Rails 2.3.2
Date: Fri, 16 Oct 2009 13:57:21 -0700 [thread overview]
Message-ID: <20091016205720.GA13223@dcvr.yhbt.net> (raw)
In-Reply-To: <20091014221552.GA30624@dcvr.yhbt.net>
In short: upgrade to Rails 2.3.4 (or later)
ref: http://mid.gmane.org/20091014221552.GA30624@dcvr.yhbt.net
Note: the workaround described in the article above only made
the issue more subtle and we didn't notice them immediately.
---
Eric Wong <normalperson@yhbt.net> wrote:
> Hi all,
>
> I just had a user on Rails v2.3.2 that had trouble[1] with the
> out-of-the-box unicorn_rails, but was worked around by using the
> following RAILS_ROOT/config.ru file with plain "unicorn" and
> manually setting RAILS_ENV in the shell environment
>
> require 'config/environment'
> use Rails::Rack::LogTailer
> map("/") do
> use Rails::Rack::Static
> run ActionController::Dispatcher.new
> end
>
> script/server + WEBrick worked out-of-the-box, as well.
>
> Oddly, the same config.ru file does not work with "unicorn_rails",
> either (even when the "config.ru" file is explicitly specified);
> only with "unicorn".
>
> So I'm a bit perplexed...
>
>
> [1] - by "trouble", I mean the app became very subtly broken. Query
> parameters (it was a GET request) appeared to be handled correctly, but
> the app was not returning the same results. I looked briefly at the
> app and noticed *something* was a bit suspicious:
>
> -------------- app/controllers/foo_controller.rb -------------
> class FooController < ApplicationController
> def index
> all_params = some_weird_params_generated
> results = BarController.new.action(all_params)
> end
> end
> -------------- app/controllers/bar_controller.rb -------------
> class BarController < ApplicationController
> def action(all_params)
> do_something
> end
> end
> --------------------------------------------------------------
>
> That is, it creates a new controller from within one controller inside
> one action. Note that I'm not 100% certain this responsible for the
> breakage we were seeing, but it certainly does look like suspicious
> Rails code to me.
>
>
> I haven't decided if I'll spend time to fix/debug this, but at least
> I'll document it here if somebody wants to look into it further.
KNOWN_ISSUES | 13 +++++++++++++
unicorn.gemspec | 4 ++++
2 files changed, 17 insertions(+), 0 deletions(-)
diff --git a/KNOWN_ISSUES b/KNOWN_ISSUES
index 436997d..979ac9d 100644
--- a/KNOWN_ISSUES
+++ b/KNOWN_ISSUES
@@ -1,5 +1,18 @@
= Known Issues
+* Rails 2.3.2 bundles its own version of Rack. This may cause subtle
+ bugs when simultaneously loaded with the system-wide Rack Rubygem
+ which Unicorn depends on. Upgrading to Rails 2.3.4 (or later) is
+ strongly recommended for all Rails 2.3.x users for this (and security
+ reasons). Rails 2.2.x series (or before) did not bundle Rack and are
+ should be unnaffected. If there is any reason which forces your
+ application to use Rails 2.3.2 and you have no other choice, then
+ you may edit your Unicorn gemspec and remove the Rack dependency.
+
+ ref: http://mid.gmane.org/20091014221552.GA30624@dcvr.yhbt.net
+ Note: the workaround described in the article above only made
+ the issue more subtle and we didn't notice them immediately.
+
* Installing "unicorn" as a system-wide Rubygem and using the
{isolate}[http://github.com/jbarnette/isolate] gem may cause issues if
you're using any of the bundled application-level libraries in
diff --git a/unicorn.gemspec b/unicorn.gemspec
index c5b4422..063b313 100644
--- a/unicorn.gemspec
+++ b/unicorn.gemspec
@@ -43,6 +43,10 @@ Gem::Specification.new do |s|
s.test_files = test_files
+ # for people that are absolutely stuck on Rails 2.3.2 and can't
+ # up/downgrade to any other version, the Rack dependency may be
+ # commented out. Nevertheless, upgrading to Rails 2.3.4 or later is
+ # *strongly* recommended for security reasons.
s.add_dependency(%q<rack>)
# s.licenses = %w(GPLv2 Ruby) # licenses= method is not in older Rubygems
--
Eric Wong
prev parent reply other threads:[~2009-10-16 20:57 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-10-14 22:15 weird unicorn_rails issue Eric Wong
2009-10-16 20:57 ` Eric Wong [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://yhbt.net/unicorn/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20091016205720.GA13223@dcvr.yhbt.net \
--to=normalperson@yhbt.net \
--cc=mongrel-unicorn@rubyforge.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://yhbt.net/unicorn.git/
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).