From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <mongrel-unicorn-bounces@rubyforge.org>
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on dcvr.yhbt.net
X-Spam-Level: 
X-Spam-ASN: AS33070 50.56.128.0/17
X-Spam-Status: No, score=-0.2 required=5.0 tests=AWL shortcircuit=no
 autolearn=unavailable version=3.3.2
X-Original-To: archivist@yhbt.net
Delivered-To: archivist@dcvr.yhbt.net
Received: from rubyforge.org (50-56-192-79.static.cloud-ips.com
 [50.56.192.79]) by dcvr.yhbt.net (Postfix) with ESMTP id 4725A1F706 for
 <archivist@yhbt.net>; Tue, 26 Feb 2013 17:46:25 +0000 (UTC)
Received: from localhost.localdomain (localhost [127.0.0.1]) by rubyforge.org
 (Postfix) with ESMTP id DFDCA2E09C; Tue, 26 Feb 2013 17:46:25 +0000 (UTC)
X-Original-To: mongrel-unicorn@rubyforge.org
Delivered-To: mongrel-unicorn@rubyforge.org
Received: from dcvr.yhbt.net (dcvr.yhbt.net [64.71.152.64]) by rubyforge.org
 (Postfix) with ESMTP id C12C52E069 for <mongrel-unicorn@rubyforge.org>; Tue,
 26 Feb 2013 17:46:15 +0000 (UTC)
Received: from localhost (dcvr.yhbt.net [127.0.0.1]) by dcvr.yhbt.net
 (Postfix) with ESMTP id D79F31F6E1; Tue, 26 Feb 2013 17:46:13 +0000 (UTC)
Date: Tue, 26 Feb 2013 17:46:13 +0000
From: Eric Wong <normalperson@yhbt.net>
To: unicorn list <mongrel-unicorn@rubyforge.org>
Subject: Re: Unicorn on shared apps platform
Message-ID: <20130226174613.GA10866@dcvr.yhbt.net>
References: <1361891291.86483.YahooMailNeo@web120106.mail.ne1.yahoo.com>
 <CAM3ce8G1nFJehhYA36=LPu+V901KiaU8hm=es5YOVYY_2+9jkg@mail.gmail.com>
 <20130226172630.GA10237@dcvr.yhbt.net>
 <CAM3ce8Ec66-yOuc=mNY9amk0Kve6ZWbt4cRN5kEeOXaQ+V1TnQ@mail.gmail.com>
MIME-Version: 1.0
Content-Disposition: inline
In-Reply-To:
 <CAM3ce8Ec66-yOuc=mNY9amk0Kve6ZWbt4cRN5kEeOXaQ+V1TnQ@mail.gmail.com>
User-Agent: Mutt/1.5.21 (2010-09-15)
X-BeenThere: mongrel-unicorn@rubyforge.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: <unicorn-public@bogomips.org>
List-Unsubscribe: <http://rubyforge.org/mailman/options/mongrel-unicorn>,
 <mailto:mongrel-unicorn-request@rubyforge.org?subject=unsubscribe>
List-Archive: <http://rubyforge.org/pipermail/mongrel-unicorn>
List-Post: <unicorn-public@bogomips.org>
List-Help: <mailto:mongrel-unicorn-request@rubyforge.org?subject=help>
List-Subscribe: <http://rubyforge.org/mailman/listinfo/mongrel-unicorn>,
 <mailto:mongrel-unicorn-request@rubyforge.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: mongrel-unicorn-bounces@rubyforge.org
Errors-To: mongrel-unicorn-bounces@rubyforge.org

Hongli Lai <hongli@phusion.nl> wrote:
> On Tue, Feb 26, 2013 at 6:26 PM, Eric Wong <normalperson@yhbt.net> wrote:
> > That's not true, Rainbows! was designed to serve clients directly.
> > On the other hand, I do not know if anybody uses Rainbows! that way
> > (or at all in production).
> 
> I didn't know that. Is it also the recommended setup though? Are you
> fairly sure there are no exploits in the request parser and that kind
> of stuff, that web servers usually shield for in reverse proxy setups?

Yes, it is recommended to expose Rainbows! directly to clients.

I've tested the parser extensively over many years.
As far as I can tell, there are no exploits...
but also no users, nor warranty :>
_______________________________________________
Unicorn mailing list - mongrel-unicorn@rubyforge.org
http://rubyforge.org/mailman/listinfo/mongrel-unicorn
Do not quote signatures (like this one) or top post when replying