rack-devel archive mirror (unofficial) https://groups.google.com/group/rack-devel
 help / color / mirror / Atom feed
From: Aaron Patterson <tenderlove@ruby-lang.org>
To: Eric Wong <e@80x24.org>
Cc: rack-devel@googlegroups.com
Subject: Re: [PATCH] webrick: detect partial hijack without hash headers
Date: Fri, 4 Nov 2016 17:22:13 -0700	[thread overview]
Message-ID: <20161105002213.GA99772@TC.local> (raw)
In-Reply-To: <20161102001153.GA10317@starla>

[-- Attachment #1: Type: text/plain, Size: 1306 bytes --]

On Wed, Nov 02, 2016 at 12:11:53AM +0000, Eric Wong wrote:
> Eric Wong <e@80x24.org> wrote:
> > Response headers need not be a hash according to SPEC,
> > so grab the io_lambda the first time we iterate through
> > the headers and avoid an extra hash lookup.
> > ---
> >   This is related to (but applies independently of) my lint
> >   clarification for case-sensitivity.
> > 
> >   The following changes since commit 9073125f71afd615091f575d74ec468a0b1b79bf:
> > 
> >     bumping version (2016-05-06 15:51:18 -0500)
> > 
> >   are available in the git repository at:
> > 
> >     git://80x24.org/rack.git webrick-header-each
> > 
> >   for you to fetch changes up to 2c95a6e5bc18ac860ec0f7f7614ffb4aa6ad817d:
> > 
> >     webrick: detect partial hijack without hash headers (2016-05-12 02:23:48 +0000)
> 
> Ping?  I just got bitten by this.

Sorry about that, I must have missed this.  I've applied the patch and
it should be in the next release.  Thank you!

-- 
Aaron Patterson
http://tenderlovemaking.com/

-- 

--- 
You received this message because you are subscribed to the Google Groups "Rack Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to rack-devel+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 455 bytes --]

      reply	other threads:[~2016-11-05  0:22 UTC|newest]

Thread overview: 6+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2016-05-11  5:04 rack.hijack response header check is case-insensitive? Eric Wong
2016-05-11  5:06 ` James Tucker
2016-05-12  2:28   ` [PATCH] lint: clarify "rack.hijack" case-sensitivity in response Eric Wong
2016-05-12  2:31     ` [PATCH] webrick: detect partial hijack without hash headers Eric Wong
2016-11-02  0:11       ` Eric Wong
2016-11-05  0:22         ` Aaron Patterson [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-list from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

  List information: https://groups.google.com/group/rack-devel

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20161105002213.GA99772@TC.local \
    --to=rack-devel@googlegroups.com \
    --cc=e@80x24.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).