Date | Commit message (Collapse) |
|
HTTPS adds some level of privacy protection and helps marketing
(because we care soooo much about good marketing! :P).
Performance-wise, this reduces subjectAltName bloat when
negotiating connections and will also speed up occasional
certificate renewals when/if we drop the old name.
Also, not occupying the document root of a domain will make it
easier to add alternative site locations in the future, because
centralization sucks and I don't like the idea of anybody paying
ICANN or similar entities for domain names.
|
|
Bad clients may set the Proxy: header in the response and
cause any CGI programs we execute to use the value of that
header as the HTTP proxy. This affects folks calling code
which respects the HTTP_PROXY environment variable in CGI
programs.
ref: https://httpoxy.org/
|
|
rack 2.x has some incompatible changes an deprecations; support
it but remain compatible with rack 1.x for the next few years.
|
|
This is mainly to benefit curl(1) users who forget to use '-f'
to show failures. Not sure if I want to keep this change, it
seems like bloat; but Rack::ShowStatus pages are totally
overkill...
|
|
Static gzip files may not exist for symlinks, but they
could resolve to a file for which a pre-gzipped file
exists.
|
|
On ENAMETOOLONG and perhaps other system errors which we can do
nothing about, we should not spew a giant backtrace which could
be used as an easy DoS vector.
|
|
Apparently this can be useful to some people.
|
|
Switch option initialization to using a keyword hash
since yet-another boolean is too much.
Using kwargs won't work under Ruby 1.9.3 which we still
support (for now).
Note: being a part of extras/, there's no API stability
guarantees but this should've maintained it.
|
|
Oops, we need to duplicate our buffer in case the CGI executable
returns just the header :x
|
|
Using the 'update-copyright' script from gnulib[1]:
git ls-files | UPDATE_COPYRIGHT_HOLDER='all contributors' \
UPDATE_COPYRIGHT_USE_INTERVALS=2 \
xargs /path/to/gnulib/build-aux/update-copyright
We're also switching to 'GPL-3.0+' as recommended by SPDX
to be consistent with our gemspec and other metadata
(as opposed to the longer but equivalent "GPLv3 or later").
[1] git://git.savannah.gnu.org/gnulib.git
|
|
There are likely yet-to-be-discovered bugs in here.
Also, keeping explicit #freeze calls for 2.2 users, since most
users have not migrated to 2.3, yet.
|
|
Future updates may use the update-copyright script in gnulib:
git ls-files | UPDATE_COPYRIGHT_HOLDER='all contributors' \
UPDATE_COPYRIGHT_USE_INTERVALS=2 \
xargs /path/to/gnulib/build-aux/update-copyright
|
|
Files may exist and be stat-able, but not readable. Return
a 403 response for non-readable files.
|
|
We'll have to support both, it seems.
|
|
Arrays are less verbose, but they have more bytecode overhead
which actually matters at runtime.
|
|
Since yahns/proxy_pass is not a drop-in replacement, reinstate
the old, synchronous version to avoid breaking existing setups
which require Rack middleware support.
|
|
This will rely on rack.hijack in the future to support
asynchronous execution without tying up a thread when waiting
for upstreams. For now, this allows simpler code with fewer
checks and the use of monotonic time on newer versions of Ruby.
|
|
Of course, some users will prefer to bind HTTP application
servers to Unix domain sockets for better isolation and (maybe)
better performance.
|
|
This is slightly more nginx-style behavior and allows simpler
configuration.
|
|
No point in bloating our bytecode for single-use variables.
|
|
Some middlewares may attempt to modify the response body in
place, so sharing this is not a good idea. We shouldn't
really care about rare 502 error paths, either.
|
|
It was never used.
|
|
This module will probably become an official part of yahns
soon, so finally add tests for this module.
|
|
It may be useful for us to track down potential errors in
our code or log when an upstream misbehaves.
|
|
"ruby -w" warns on it.
|
|
This saves over 400 bytes of memory in a cold code path.
|
|
We only want to strip one ".gz" suffix to check for the
original, so avoid a needless use of gsub! and use sub!
instead.
While we're at it, note the use of "dup.sub!" (vs plain "sub")
to ensure we only handle files with a .gz suffix.
|
|
This keeps autoindex-generated indices from being cluttered with
redundant .gz files while still showing stuff like tar.gz files
without a plain .tar companion.
|
|
Oops.
|
|
No need to waste space on this (and trigger "Bad partial
reference!" warnings on lynx)
|
|
Using the full, filesystem path name to our script is wrong
and not according to RFC 3875.
|
|
Sometimes a CGI script wants to run with some environment
variables set or overridden. Allow it.
|
|
Proper POSIX filesystems are encoding-agnostic.
|
|
We will override it internally regardless of middlewares.
|
|
This was causing zombies on the bogomips.org cgit instance.
|
|
The body may contain extra repeated newlines, of course
|
|
This allows yahns to continue using sendfile when clients
request gzipped/bzipped tarballs on my server.
|
|
Clients may be requesting gzipped files through Rack::Deflater,
which will attempt to further compress files.
|
|
This is mainly needed for the regexp in extras/try_gzip_static.rb
(POSIX filesystem paths have no encoding, it's just a bag of bytes).
Since we host apps of all types and for all (human)
languages/encodings, all of our internals must be encoding-agnostic.
|
|
Leave that up to Rack::Chunked/Rack::ContentLength.
Chunking ourselves interacts badly with Rack::Deflater, since
Deflater will blindly deflate already-chunked portions.
|
|
In case we have bugs, this can help us find bugs in our code.
|
|
Some attackers may try /path/to/file/foo where /path/to/file
is actually a valid path to a regular file. Of course, requests
like this work on dynamic websites, but not static file mappings
because Unix directories and files cannot be the same thing.
|
|
Following our own advice in
commit a79a6d8775171ad5cceda9bb3a77946ba60e26ce
(doc: recommend worker_processes if the app uses SIGCHLD)
|
|
We don't want to leave extra resources lying around when slow
clients read from us and yahns is forced to buffer.
yahns delays the close of the request body until the request is
fully written so response loggers can have an accurate time of
how long it takes.
|
|
We can use the wbuf_close return value instead to ensure we close
tmpio properly and follow the same code path as a normal
(:wait_writable-triggering) buffered response would.
Add a few tests to ensure we properly close the response body
for exec_cgi, where I noticed zombies and started me down this
rabbit hole looking for places where the response body was not
closed properly.
|
|
This is an ad-hoc reverse proxy solution. This is fully-Rack
compatible at the moment, so it's synchronous. This is also
only very lightly tested but I don't use it for any important
serving, yet.
|
|
Unlike Rack::Directory, this this also avoids tables and CSS for
preformatted HTML. This is meant to resemble nginx autoindex
and index functionality (combined).
|
|
Describe the intent of the extras/ subdirectory.
|
|
These applications are what I'll be using to run on yahns on
my personal server.
Including them here will be helpful for me to find bugs. I've
already found some, the following commits were directly the result
of playing with these extras:
* stream_file: only close FDs we opened ourselves
* worker-less server should not waitpid indiscriminately
* http: do not drop Content-Range from response headers
|