ponylang / http_server Goto Github PK
View Code? Open in Web Editor NEWPony library for building HTTP server applications.
Home Page: https://ponylang.github.io/http_server/
License: BSD 2-Clause "Simplified" License
Pony library for building HTTP server applications.
Home Page: https://ponylang.github.io/http_server/
License: BSD 2-Clause "Simplified" License
After #52 has been merged
The workflow release.yml is referencing action actions/checkout using references v1. However this reference is missing the commit a6747255bd19d7a757dbdda8c654a9f84db19839 which may contain fix to the some vulnerability.
The vulnerability fix that is missing by actions version could be related to:
(1) CVE fix
(2) upgrade of vulnerable dependency
(3) fix to secret leak and others.
Please consider to update the reference to the action.
Dear maintainers,
It would seem that, when ran with the --ponynoblock
flag, the example http server leaks.
Background: When running into a cycle detector segfault [0] by benchmarking the sample server, @SeanTAllen suggested that cycle detector might me turned off.
With the cycle detector off, when benchmarking, the process just got OOM killed.
I don't think that was a previously mentioned issue so I'm raising!
Thanks,
Marc
RFC 2068 states:
When it connects to an origin server, an HTTP client MAY send the
Keep-Alive connection-token in addition to the Persist connection-
token:
Connection: Keep-Alive
An HTTP/1.0 server would then respond with the Keep-Alive connection
token and the client may proceed with an HTTP/1.0 (or Keep-Alive)
persistent connection.
Currently users need to check for the Request version to be HTTP10
and for the right Connection header and then set the response header accordingly. This should not be the users responsibility. But right now, especially in the ResponseBuilder
it is not possible to prepopulate it with headers or any other values based on the request and maybe some server settings. When the Response is passed to the Sessions
it is too late as by then the Response
is val
not mutable anymore. With the ResponseBuilder
we only pass the response data as bytes over, also no possibility to change something here. The best way would be to initialize the response builder with HTTP version, Status Code and the given Request, so it can incorporate the logic necessary for handling HTTP/1.0 keep alive.
The workflow announce-a-release.yml is referencing action actions/checkout using references v1. However this reference is missing the commit a6747255bd19d7a757dbdda8c654a9f84db19839 which may contain fix to the some vulnerability.
The vulnerability fix that is missing by actions version could be related to:
(1) CVE fix
(2) upgrade of vulnerable dependency
(3) fix to secret leak and others.
Please consider to update the reference to the action.
Detected in Theodus/jennet#18 .
Give a simple example for:
also link to the examples.
The workflow pr.yml is referencing action actions/checkout using references v1. However this reference is missing the commit a6747255bd19d7a757dbdda8c654a9f84db19839 which may contain fix to the some vulnerability.
The vulnerability fix that is missing by actions version could be related to:
(1) CVE fix
(2) upgrade of vulnerable dependency
(3) fix to secret leak and others.
Please consider to update the reference to the action.
File: examples/httpserver/httpserver.pony
git: e1b15408fdd7ebdf76b9cf4107f702ecc15a80b8
On macOS 10.15.7, compiled using brew install libressl
and corral run -- ponyc -Dopenssl_0.9.0
$ ponyup show
ponyup-nightly-20201207-x86_64-darwin
ponyc-release-0.38.1-x86_64-darwin *
corral-release-0.4.0-x86_64-darwin *
A curl request worked as expected:
curl -i -H 'content-type: text/plain' -d 'hello' 'http://localhost:50000/'
HTTP/1.1 200 OK
Content-Type: text/plain
Content-Length: 130
POST / HTTP/1.1
Accept: */*
Content-Length: 5
content-type: text/plain
Host: localhost:50000
User-Agent: curl/7.64.1
hello$
The $
is the shell prompt as the body (correctly) did not have a newline.
Trying to run something similar using Apache Bench (ab) with a file name hello.txt
containing 6 bytes (hello + newline):
$ ab -T 'text/plain' -p hello.txt 'http://localhost:50000/'
This is ApacheBench, Version 2.3 <$Revision: 1843412 $>
Copyright 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/
Licensed to The Apache Software Foundation, http://www.apache.org/
Benchmarking localhost (be patient)...
blocks the client for about 30 seconds then ends after appending to the last line on screen:
Benchmarking localhost (be patient)...apr_pollset_poll: The timeout specified has expired (70007)
Running again with verbose output:
$ ab -v 2 -T 'text/plain' -p hello.txt 'http://localhost:50000/'
This is ApacheBench, Version 2.3 <$Revision: 1843412 $>
Copyright 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/
Licensed to The Apache Software Foundation, http://www.apache.org/
Benchmarking localhost (be patient)...INFO: POST header ==
---
POST / HTTP/1.0
Content-length: 6
Content-type: text/plain
Host: localhost:50000
User-Agent: ApacheBench/2.3
Accept: */*
---
LOG: header received:
HTTP/1.1 200 OK
Content-Type: text/plain
Content-Length: 135
POST / HTTP/1.0
Accept: */*
Content-length: 6
Content-type: text/plain
Host: localhost:50000
User-Agent: ApacheBench/2.3
hello
blocks there for about 30 seconds, then finally prints the following and exits:
apr_pollset_poll: The timeout specified has expired (70007)
Wasn't ever successful running ab
with multiple requests e.g. -n 100
or concurrency -c 10
.
Even tried -k
to enable keepalive but still had the client blocking/waiting.
Need to rev
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.