From mboxrd@z Thu Jan 1 00:00:00 1970 Delivered-To: chneukirchen@gmail.com Received: by 10.49.85.105 with SMTP id g9csp107646qez; Mon, 28 Jan 2013 14:01:57 -0800 (PST) Return-Path: Received-SPF: pass (google.com: domain of rack-devel+bncBD75LW742ECRBU7KTOEAKGQE74C5FXA@googlegroups.com designates 10.49.24.164 as permitted sender) client-ip=10.49.24.164 Authentication-Results: mr.google.com; spf=pass (google.com: domain of rack-devel+bncBD75LW742ECRBU7KTOEAKGQE74C5FXA@googlegroups.com designates 10.49.24.164 as permitted sender) smtp.mail=rack-devel+bncBD75LW742ECRBU7KTOEAKGQE74C5FXA@googlegroups.com; dkim=pass header.i=@googlegroups.com X-Received: from mr.google.com ([10.49.24.164]) by 10.49.24.164 with SMTP id v4mr9451781qef.6.1359410517117 (num_hops = 1); Mon, 28 Jan 2013 14:01:57 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20120806; h=x-received:x-beenthere:x-received:x-received:received-spf :mime-version:x-received:in-reply-to:references:date:message-id :subject:from:to:x-original-sender:x-original-authentication-results :reply-to:precedence:mailing-list:list-id:x-google-group-id :list-post:list-help:list-archive:sender:list-subscribe :list-unsubscribe:content-type; bh=QA3IM7gkIY0uQnqOhMcGxR/KZoaDYyxIhnj9VlJ9XGA=; b=G/97FlnaoYYBEk8FMrVzTkZtT5wcms1AZOYstlp/8LW0QUT0zUnXh90jjtUAMgNAsB 9sz78lKzSOrYNKI/mpO7ILiJ5skrzA6stbHZoL+7MzCmz6lqwSwnj0px/1J02R/SAxws +vbB3KmB6RPobJtSyy413QBgNNquXPGpynlRbUrofmNQoxh9kCdwSPb8LMkCAptIh8+a fPPRA1xHK4NIbgdC7fQXJfFBdIMnCgiZ3nqTds9ewmxZM4OAf/1gkbBT8trFHOOj0KHM L2F+lnSSY08NYy+hriexTuxYw5FUgvPjYaqNkSipn1OZmLlm3xLjBe9v0sw/5dkrdlqQ S01Q== X-Received: by 10.49.24.164 with SMTP id v4mr2470796qef.6.1359410517043; Mon, 28 Jan 2013 14:01:57 -0800 (PST) X-BeenThere: rack-devel@googlegroups.com Received: by 10.49.82.19 with SMTP id e19ls1254896qey.38.gmail; Mon, 28 Jan 2013 14:01:55 -0800 (PST) X-Received: by 10.58.88.7 with SMTP id bc7mr9919090veb.40.1359410515688; Mon, 28 Jan 2013 14:01:55 -0800 (PST) X-Received: by 10.58.88.7 with SMTP id bc7mr9919089veb.40.1359410515671; Mon, 28 Jan 2013 14:01:55 -0800 (PST) Received: from mail-vc0-f180.google.com (mail-vc0-f180.google.com [209.85.220.180]) by gmr-mx.google.com with ESMTPS id q13si3090680vdh.0.2013.01.28.14.01.55 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Mon, 28 Jan 2013 14:01:55 -0800 (PST) Received-SPF: pass (google.com: domain of jftucker@gmail.com designates 209.85.220.180 as permitted sender) client-ip=209.85.220.180; Received: by mail-vc0-f180.google.com with SMTP id fo13so2193491vcb.25 for ; Mon, 28 Jan 2013 14:01:55 -0800 (PST) MIME-Version: 1.0 X-Received: by 10.52.33.11 with SMTP id n11mr14412943vdi.131.1359410515562; Mon, 28 Jan 2013 14:01:55 -0800 (PST) Received: by 10.220.48.200 with HTTP; Mon, 28 Jan 2013 14:01:55 -0800 (PST) In-Reply-To: <20130123002048.GA362@dcvr.yhbt.net> References: <20130123002048.GA362@dcvr.yhbt.net> Date: Mon, 28 Jan 2013 14:01:55 -0800 Message-ID: Subject: Re: [RFC/PATCH] lint: additional response checking/skipping for hijack From: James Tucker To: rack-devel@googlegroups.com X-Original-Sender: jftucker@gmail.com X-Original-Authentication-Results: gmr-mx.google.com; spf=pass (google.com: domain of jftucker@gmail.com designates 209.85.220.180 as permitted sender) smtp.mail=jftucker@gmail.com; dkim=pass header.i=@gmail.com Reply-To: rack-devel@googlegroups.com Precedence: list Mailing-list: list rack-devel@googlegroups.com; contact rack-devel+owners@googlegroups.com List-ID: X-Google-Group-Id: 486215384060 List-Post: , List-Help: , List-Archive: Sender: rack-devel@googlegroups.com List-Subscribe: , List-Unsubscribe: , Content-Type: multipart/alternative; boundary=20cf307c9d64e24f2404d4606ca4 --20cf307c9d64e24f2404d4606ca4 Content-Type: text/plain; charset=ISO-8859-1 I'd generally recommend that the hijacking app return valid stub data, something like: [200, {}, []]. On 22 January 2013 16:20, Eric Wong wrote: > Not a serious patch for now, at least not all of it. > I suspect middlewares will break badly if the body.each/body.close > checks are enforced. > > --- > lib/rack/lint.rb | 17 +++++++++++++++++ > 1 file changed, 17 insertions(+) > > diff --git a/lib/rack/lint.rb b/lib/rack/lint.rb > index 1bc2127..f895772 100644 > --- a/lib/rack/lint.rb > +++ b/lib/rack/lint.rb > @@ -9,6 +9,7 @@ class Lint > def initialize(app) > @app = app > @content_length = nil > + @response_hijacked = false > end > > # :stopdoc: > @@ -47,6 +48,15 @@ def _call(env) > > ## and returns an Array of exactly three values: > status, headers, @body = @app.call(env) > + > + # hijacked requests may not give a valid response, do not check them > + if env.include?("rack.hijack_io") > + # request hijacking implies response hijacking, this will ensure > + # the response body raises if body.each or body.close gets called > + @response_hijacked = true > + return [ status, headers, self ] > + end > + > ## The *status*, > check_status status > ## the *headers*, > @@ -530,6 +540,7 @@ def check_hijack_response(headers, env) > headers['rack.hijack'] = proc do |io| > original_hijack.call HijackWrapper.new(io) > end > + @response_hijacked = true > else > ## > ## The special response header rack.hijack must only be > set > @@ -636,6 +647,9 @@ def verify_content_length(bytes) > > ## === The Body > def each > + assert("server is not attempting to iterate hijacked response > body") { > + @response_hijacked == false > + } > @closed = false > bytes = 0 > > @@ -683,6 +697,9 @@ def each > end > > def close > + assert("server is not attempting to close hijacked response") { > + @response_hijacked == false > + } > @closed = true > @body.close if @body.respond_to?(:close) > end > -- > Eric Wong > -- --- You received this message because you are subscribed to the Google Groups "Rack Development" group. To unsubscribe from this group, send email to rack-devel+unsubscribe@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out. --20cf307c9d64e24f2404d4606ca4 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable
I'd generally recommend that the hijacking app return = valid stub data, something like: [200, {}, []].


On 22 January 2013 16:20, Eric Wong= <normalperson@yhbt.net> wrote:
Not a serious patch for now, at least not al= l of it.
I suspect middlewares will break badly if the body.each/body.close
checks are enforced.

---
=A0lib/rack/lint.rb | 17 +++++++++++++++++
=A01 file changed, 17 insertions(+)

diff --git a/lib/rack/lint.rb b/lib/rack/lint.rb
index 1bc2127..f895772 100644
--- a/lib/rack/lint.rb
+++ b/lib/rack/lint.rb
@@ -9,6 +9,7 @@ class Lint
=A0 =A0 =A0def initialize(app)
=A0 =A0 =A0 =A0@app =3D app
=A0 =A0 =A0 =A0@content_length =3D nil
+ =A0 =A0 =A0@response_hijacked =3D false
=A0 =A0 =A0end

=A0 =A0 =A0# :stopdoc:
@@ -47,6 +48,15 @@ def _call(env)

=A0 =A0 =A0 =A0## and returns an Array of exactly three values:
=A0 =A0 =A0 =A0status, headers, @body =3D @app.call(env)
+
+ =A0 =A0 =A0# hijacked requests may not give a valid response, do not chec= k them
+ =A0 =A0 =A0if env.include?("rack.hijack_io")
+ =A0 =A0 =A0 =A0# request hijacking implies response hijacking, this will = ensure
+ =A0 =A0 =A0 =A0# the response body raises if body.each or body.close gets= called
+ =A0 =A0 =A0 =A0@response_hijacked =3D true
+ =A0 =A0 =A0 =A0return [ status, headers, self ]
+ =A0 =A0 =A0end
+
=A0 =A0 =A0 =A0## The *status*,
=A0 =A0 =A0 =A0check_status status
=A0 =A0 =A0 =A0## the *headers*,
@@ -530,6 +540,7 @@ def check_hijack_response(headers, env)
=A0 =A0 =A0 =A0 =A0headers['rack.hijack'] =3D proc do |io|
=A0 =A0 =A0 =A0 =A0 =A0original_hijack.call HijackWrapper.new(io)
=A0 =A0 =A0 =A0 =A0end
+ =A0 =A0 =A0 =A0@response_hijacked =3D true
=A0 =A0 =A0 =A0else
=A0 =A0 =A0 =A0 =A0##
=A0 =A0 =A0 =A0 =A0## The special response header <tt>rack.hijack<= /tt> must only be set
@@ -636,6 +647,9 @@ def verify_content_length(bytes)

=A0 =A0 =A0## =3D=3D=3D The Body
=A0 =A0 =A0def each
+ =A0 =A0 =A0assert("server is not attempting to iterate hijacked resp= onse body") {
+ =A0 =A0 =A0 =A0@response_hijacked =3D=3D false
+ =A0 =A0 =A0}
=A0 =A0 =A0 =A0@closed =3D false
=A0 =A0 =A0 =A0bytes =3D 0

@@ -683,6 +697,9 @@ def each
=A0 =A0 =A0end

=A0 =A0 =A0def close
+ =A0 =A0 =A0assert("server is not attempting to close hijacked respon= se") {
+ =A0 =A0 =A0 =A0@response_hijacked =3D=3D false
+ =A0 =A0 =A0}
=A0 =A0 =A0 =A0@closed =3D true
=A0 =A0 =A0 =A0@body.close =A0if @body.respond_to?(:close)
=A0 =A0 =A0end
--
Eric Wong

--
 
---
You received this message because you are subscribed to the Google Groups &= quot;Rack Development" group.
To unsubscribe from this group, send email to rack-devel+unsubscribe@google= groups.com.
For more options, visit https://groups.google.com/groups/opt_out.
 
 
--20cf307c9d64e24f2404d4606ca4--