diff options
author | Eric Wong <normalperson@yhbt.net> | 2013-08-17 01:09:46 +0000 |
---|---|---|
committer | Eric Wong <normalperson@yhbt.net> | 2013-08-17 01:09:46 +0000 |
commit | 24b9f66dcdda44378b4053645333ce9ce336b413 (patch) | |
tree | 735325b7b820e9476296016cd8ec3bdfc20db301 | |
parent | 2f5174d4ca9764313d6be4c092e9e6c2e4f9d1e1 (diff) | |
download | unicorn-24b9f66dcdda44378b4053645333ce9ce336b413.tar.gz |
We do not attempt to write HTTP responses for socket errors if clients disconnect from us unexpectedly. Additionally, we do not hide backtraces EINVAL/EBADF errors, since they are indicative of real bugs which must be fixed. We do continue to hide hide EOF, ECONNRESET, ENOTCONN, and EPIPE because clients (even "friendly") ones will break connections due to client crashes or network failure (which is common for me :P), and the backtraces from those will cause excessive logging and even become a DoS vector.
-rw-r--r-- | lib/unicorn/http_server.rb | 9 |
1 files changed, 5 insertions, 4 deletions
diff --git a/lib/unicorn/http_server.rb b/lib/unicorn/http_server.rb index cc0a705..bed24d0 100644 --- a/lib/unicorn/http_server.rb +++ b/lib/unicorn/http_server.rb @@ -520,9 +520,8 @@ class Unicorn::HttpServer # the socket is closed at the end of this function def handle_error(client, e) code = case e - when EOFError,Errno::ECONNRESET,Errno::EPIPE,Errno::EINVAL,Errno::EBADF, - Errno::ENOTCONN - 500 + when EOFError,Errno::ECONNRESET,Errno::EPIPE,Errno::ENOTCONN + # client disconnected on us and there's nothing we can do when Unicorn::RequestURITooLongError 414 when Unicorn::RequestEntityTooLargeError @@ -533,7 +532,9 @@ class Unicorn::HttpServer Unicorn.log_error(@logger, "app error", e) 500 end - client.kgio_trywrite(err_response(code, @request.response_start_sent)) + if code + client.kgio_trywrite(err_response(code, @request.response_start_sent)) + end client.close rescue end |