| commit | c917ac526df214611ec33c21de2b070452ec8434 | |
| author | Dirkjan Bussink <d.bussink@gmail.com> | |
| Mon, 8 Mar 2021 08:51:09 +0000 (8 09:51 +0100) | ||
| committer | Eric Wong <bofh@yhbt.net> | |
| Sat, 13 Mar 2021 02:19:04 +0000 (13 02:19 +0000) | ||
| tree | 627b9c3050e2533bde08766473ed045f49c967b7 | treesnapshot (tar.gz zip) |
| parent | 5cdb68eb26faf7fd75fbf3ab1fadcf2a30fd4974 | commitdiff |
Allocate a new request for each client
This removes the reuse of the parser between requests. Reusing these is
risky in the context of running any other threads within the unicorn
process, also for threads that run background tasks.
If any other thread accidentally grabs hold of the request it can modify
things for the next request in flight.
The downside here is that we allocate more for each request, but that is
worth the trade off here and the security risk we otherwise would carry
to leaking wrong and incorrect data.
This removes the reuse of the parser between requests. Reusing these is
risky in the context of running any other threads within the unicorn
process, also for threads that run background tasks.
If any other thread accidentally grabs hold of the request it can modify
things for the next request in flight.
The downside here is that we allocate more for each request, but that is
worth the trade off here and the security risk we otherwise would carry
to leaking wrong and incorrect data.
| lib/unicorn/http_server.rb | diffblobblamehistory | |
| lib/unicorn/oob_gc.rb | diffblobblamehistory | |
| t/hijack.ru | [deleted file] | blobblamehistory |
| t/t0200-rack-hijack.sh | [deleted file] | blobblamehistory |