From: Sam Saffron <sam.saffron@gmail.com>
To: unicorn-public <unicorn-public@bogomips.org>
Subject: env reuse and hijack
Date: Wed, 29 Nov 2017 11:13:57 +1100 [thread overview]
Message-ID: <CAAtdryPG3nLuyo0jxfYW1YHu1Q+ZpkLkd4KdWC8vA46B5haZxw@mail.gmail.com> (raw)
I was reading through unicorn today and noticed that it uses
`HttpParser_clear` to clear up env between requests as opposed to
allocating a new `env` object.
This is generally fine, but if you hijack a request you may want to
still look at env after this is done leading to situations where you
are looking at the wrong env by the time you are dealing with the
hijacked request
I guess I have 2 questions
1. Should Rack specify that env must be "re-initialized" if for any
reason a request is hijacked?
2. Should unicorn allow you to opt for env "recycle" via a rack key?
I don't really have the answers here, my simplest course of action is
simple to clone all the key/value pairs in env on to a new hash when I
hijack, but it feels wasteful.
next reply other threads:[~2017-11-29 0:13 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-11-29 0:13 Sam Saffron [this message]
2017-11-29 1:03 ` Eric Wong
2017-12-05 1:53 ` Eric Wong
2017-12-16 1:49 ` [PATCH] avoid reusing env on hijack Eric Wong
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://yhbt.net/unicorn/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAAtdryPG3nLuyo0jxfYW1YHu1Q+ZpkLkd4KdWC8vA46B5haZxw@mail.gmail.com \
--to=sam.saffron@gmail.com \
--cc=unicorn-public@bogomips.org \
--subject='Re: env reuse and hijack' \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
unicorn Ruby/Rack server user+dev discussion/patches/pulls/bugs/help
This inbox may be cloned and mirrored by anyone:
git clone --mirror https://yhbt.net/unicorn-public
git clone --mirror http://ou63pmih66umazou.onion/unicorn-public
# If you have public-inbox 1.1+ installed, you may
# initialize and index your mirror using the following commands:
public-inbox-init -V1 unicorn-public unicorn-public/ https://yhbt.net/unicorn-public \
unicorn-public@yhbt.net unicorn-public@bogomips.org mongrel-unicorn@rubyforge.org mongrel-unicorn-GrnCvJ7WPxnNLxjTenLetw@public.gmane.org
public-inbox-index unicorn-public
Example config snippet for mirrors.
Newsgroups are available over NNTP:
nntp://news.public-inbox.org/inbox.comp.lang.ruby.unicorn
nntp://7fh6tueqddpjyxjmgtdiueylzoqt6pt7hec3pukyptlmohoowvhde4yd.onion/inbox.comp.lang.ruby.unicorn
note: .onion URLs require Tor: https://www.torproject.org/
code repositories for project(s) associated with this inbox:
../../unicorn.git
AGPL code for this site: git clone http://7fh6tueqddpjyxjmgtdiueylzoqt6pt7hec3pukyptlmohoowvhde4yd.onion/public-inbox.git