From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <e@80x24.org>
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on dcvr.yhbt.net
X-Spam-Level: 
X-Spam-ASN:  
X-Spam-Status: No, score=-4.0 required=3.0 tests=ALL_TRUSTED,BAYES_00
	shortcircuit=no autolearn=ham autolearn_force=no version=3.4.2
Received: from localhost (dcvr.yhbt.net [127.0.0.1])
	by dcvr.yhbt.net (Postfix) with ESMTP id A4C581F461;
	Sun,  5 May 2019 21:28:34 +0000 (UTC)
Date: Sun, 5 May 2019 21:28:34 +0000
From: Eric Wong <e@80x24.org>
To: meta@public-inbox.org
Subject: default PSGI middlewares (was: httpd: get rid of Deflater warning)
Message-ID: <20190505212834.2ewnijn5risiexhm@whir>
References: <20190505204220.30345-1-e@80x24.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
In-Reply-To: <20190505204220.30345-1-e@80x24.org>
List-Id: <meta.public-inbox.org>

Now, the ReverseProxy middleware may be invalid (or become less
valid) in the future as well: TLS may come to NNTP and we might
as well support HTTPS natively while we're at it.

I can't drop middlewares by default since it would break
existing installations which don't rely on a .psgi config;
but there can be options to disable it... (not that I'm a
fan of adding more options).

Keeping ReverseProxy in the default middleware stack along with
the existing warning would probably be the right thing to do.
Worst case somebody malicious could do is change logging of
IP addresses.  Maybe the warning could be silenced if listening
on 0.0.0.0:{443,80}