Comments (10)
jeremyevans
commented on June 1, 2024
3
Make we should change Lint so that it doesn't check for response status if full hijack has been done?
from rack.
MSP-Greg
commented on June 1, 2024
1
I looked back thru Puma, and a commit Add support for async socket handoff (08-Jan-2012) checked whether status == -1.
WebSocket was finalized first in Dec-2011 with "IETF 6455 The WebSocket Protocol".
from rack.
jeremyevans
commented on June 1, 2024
1
I guess I'm OK for -1 as status if full hijack is active.
from rack.
jeremyevans
commented on June 1, 2024
Is there a reason you think this is a bug in Rack? If you are just asking for general help, you could post in Discussions, but the problem you are having does not appear related to Rack itself. It's probably an issue in ActionCable.
from rack.
lacostenycoder
commented on June 1, 2024
Is there a reason you think this is a bug in Rack? If you are just asking for general help, you could post in Discussions, but the problem you are having does not appear related to Rack itself. It's probably an issue in ActionCable.
OK I wasn't sure but if it's not a Rack issue, I'll look elsewhere. Thanks.
from rack.
ioquatix
commented on June 1, 2024
@lacostenycoder IIUC, your question is, why does the lint reject status=-1?
Lines 619 to 625 in f6c583a
I suppose in the past, -1 was used to indicate "ignore this response" and was used when performing a full hijack. @jeremyevans not sure if we document it, but what should the user return when performing a full hijack?
from rack.
ioquatix
commented on June 1, 2024
According to https://github.com/rack/rack/blob/main/SPEC.rdoc#full-hijack- the response is ignored, so in theory you can return any valid status code, e.g. 200 okay, etc.
@jeremyevans should we consider allowing -1? or nil? I think the reason not to do this is because other middleware may not be aware of the full hijack. AFAIK, there is no mechanism to signal on the return path that the response is to be ignored.
from rack.
ioquatix
commented on June 1, 2024
The problem with this, is that all middleware needs to accommodate it on the return path. I think it would be better to document a standard for full hijack - either -1 is acceptable as a status code and indicates the response is invalid, or something else? I suppose -1 was chosen since it still compares correctly.
from rack.
lacostenycoder
commented on June 1, 2024
So is this a case where perhaps this issue can be resolved in this repo? Because for now I used this monkey patch eek.
from rack.
ioquatix
commented on June 1, 2024
Please open a PR with the following changes:
- Explicitly document the response that should be returned when using full hijack.
- Let's add some tests and fix
Rack::Lintto accept that.
from rack.
Related Issues (20)
- Handle CloudFront-Forwarded-Proto as a lower priority X-Forwarded-sheme option HOT 1
- Rack::ETag, and Enumerator support HOT 7
- EOFError on multipart request HOT 2
- HTML escape of slash is not recommended by OWASP HOT 1
- Rack::Lint is incompatible with Rack::BodyProxy HOT 7
- Is a boundary delimiter-only body an invalid request? HOT 1
- How to handle (legal vis-à-vis HTTP) `OPTIONS *` requests HOT 1
- Rack::Utils.unescape doesn't respect JavaScript's `%uxxxx` notation HOT 4
- If 2 parameters share the same name & are files / attachments, convert to array with both attachments
- Rack 3 breaks deeply nested hash when inside an array HOT 3
- Rails 7, dynamically setting the session cookie by domain & subdomain
- Nested parameters parsing error in rack 3.0.8 HOT 22
- Cookie being created with [" prefixed to name versions 3.0 thru 3.0.8 HOT 7
- Support for `Partitioned` cookie attribute HOT 16
- can't rackup HOT 5
- How to manually decode a Rack::Session::Cookie 2023 HOT 1
- 3.0.8 Multipart PATCH requests fail in minitest(Rack::Multipart::EmptyContentError) HOT 2
- HTTP_VERSION vs SERVER_PROTOCOL and Rack::Lint HOT 5
- Spec ambiguity: environment instance HOT 11
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from rack.