From: Sam Saffron <firstname.lastname@example.org> To: unicorn-public <email@example.com> Subject: env reuse and hijack Date: Wed, 29 Nov 2017 11:13:57 +1100 Message-ID: <CAAtdryPG3nLuyo0jxfYW1YHu1Q+ZpkLkd4KdWC8vA46B5haZxw@mail.gmail.com> (raw) I was reading through unicorn today and noticed that it uses `HttpParser_clear` to clear up env between requests as opposed to allocating a new `env` object. This is generally fine, but if you hijack a request you may want to still look at env after this is done leading to situations where you are looking at the wrong env by the time you are dealing with the hijacked request I guess I have 2 questions 1. Should Rack specify that env must be "re-initialized" if for any reason a request is hijacked? 2. Should unicorn allow you to opt for env "recycle" via a rack key? I don't really have the answers here, my simplest course of action is simple to clone all the key/value pairs in env on to a new hash when I hijack, but it feels wasteful.
next reply index Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top 2017-11-29 0:13 Sam Saffron [this message] 2017-11-29 1:03 ` Eric Wong 2017-12-05 1:53 ` Eric Wong 2017-12-16 1:49 ` [PATCH] avoid reusing env on hijack Eric Wong
Reply instructions: You may reply publically to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style List information: https://bogomips.org/unicorn/ * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=CAAtdryPG3nLuyo0jxfYW1YHu1Q+ZpkLkd4KdWC8vA46B5haZxw@mail.gmail.com \ --firstname.lastname@example.org \ --email@example.com \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: link
unicorn Ruby/Rack server user+dev discussion/patches/pulls/bugs/help Archives are clonable: git clone --mirror https://bogomips.org/unicorn-public git clone --mirror http://ou63pmih66umazou.onion/unicorn-public Newsgroups are available over NNTP: nntp://news.public-inbox.org/inbox.comp.lang.ruby.unicorn nntp://ou63pmih66umazou.onion/inbox.comp.lang.ruby.unicorn note: .onion URLs require Tor: https://www.torproject.org/ AGPL code for this site: git clone https://public-inbox.org/ public-inbox