Unicorn on shared apps platform
normalperson at yhbt.net
Tue Feb 26 17:46:13 UTC 2013
Hongli Lai <hongli at phusion.nl> wrote:
> On Tue, Feb 26, 2013 at 6:26 PM, Eric Wong <normalperson at yhbt.net> wrote:
> > That's not true, Rainbows! was designed to serve clients directly.
> > On the other hand, I do not know if anybody uses Rainbows! that way
> > (or at all in production).
> I didn't know that. Is it also the recommended setup though? Are you
> fairly sure there are no exploits in the request parser and that kind
> of stuff, that web servers usually shield for in reverse proxy setups?
Yes, it is recommended to expose Rainbows! directly to clients.
I've tested the parser extensively over many years.
As far as I can tell, there are no exploits...
but also no users, nor warranty :>
More information about the mongrel-unicorn