diff options
author | Aaron Patterson <aaron.patterson@gmail.com> | 2015-10-02 14:45:31 -0700 |
---|---|---|
committer | Aaron Patterson <aaron.patterson@gmail.com> | 2015-10-02 14:45:31 -0700 |
commit | 37423e4ff883ad5584bab983aceb4b2b759a1fd8 (patch) | |
tree | 93dc7b22fc418927258ab290e9a48cb649bc1a0f /guides/source/rails_on_rack.md | |
parent | 55e6d2f0e344a5396f6d6448146efeb949a1c222 (diff) | |
download | rails-37423e4ff883ad5584bab983aceb4b2b759a1fd8.tar.gz rails-37423e4ff883ad5584bab983aceb4b2b759a1fd8.tar.bz2 rails-37423e4ff883ad5584bab983aceb4b2b759a1fd8.zip |
removing Rack::Runtime from the default stack.
The runtime header is a potential target for timing attacks since it
returns the amount of time spent on the server (eliminating network
speed). Total time is also not accurate for streaming responses.
The middleware can be added back via:
```ruby
config.middleware.ues ::Rack::Runtime
```
Diffstat (limited to 'guides/source/rails_on_rack.md')
-rw-r--r-- | guides/source/rails_on_rack.md | 1 |
1 files changed, 0 insertions, 1 deletions
diff --git a/guides/source/rails_on_rack.md b/guides/source/rails_on_rack.md index 0db90fedb3..82aedc3fdf 100644 --- a/guides/source/rails_on_rack.md +++ b/guides/source/rails_on_rack.md @@ -106,7 +106,6 @@ use Rack::Sendfile use ActionDispatch::Static use Rack::Lock use #<ActiveSupport::Cache::Strategy::LocalCache::Middleware:0x000000029a0838> -use Rack::Runtime use Rack::MethodOverride use ActionDispatch::RequestId use Rails::Rack::Logger |