diff options
author | Aaron Patterson <aaron.patterson@gmail.com> | 2015-10-02 14:45:31 -0700 |
---|---|---|
committer | Aaron Patterson <aaron.patterson@gmail.com> | 2015-10-02 14:45:31 -0700 |
commit | 37423e4ff883ad5584bab983aceb4b2b759a1fd8 (patch) | |
tree | 93dc7b22fc418927258ab290e9a48cb649bc1a0f /guides/source | |
parent | 55e6d2f0e344a5396f6d6448146efeb949a1c222 (diff) | |
download | rails-37423e4ff883ad5584bab983aceb4b2b759a1fd8.tar.gz rails-37423e4ff883ad5584bab983aceb4b2b759a1fd8.tar.bz2 rails-37423e4ff883ad5584bab983aceb4b2b759a1fd8.zip |
removing Rack::Runtime from the default stack.
The runtime header is a potential target for timing attacks since it
returns the amount of time spent on the server (eliminating network
speed). Total time is also not accurate for streaming responses.
The middleware can be added back via:
```ruby
config.middleware.ues ::Rack::Runtime
```
Diffstat (limited to 'guides/source')
-rw-r--r-- | guides/source/api_app.md | 1 | ||||
-rw-r--r-- | guides/source/command_line.md | 2 | ||||
-rw-r--r-- | guides/source/rails_on_rack.md | 1 |
3 files changed, 1 insertions, 3 deletions
diff --git a/guides/source/api_app.md b/guides/source/api_app.md index feaaff166a..eb762612ee 100644 --- a/guides/source/api_app.md +++ b/guides/source/api_app.md @@ -188,7 +188,6 @@ An API application comes with the following middlewares by default: - `ActiveSupport::Cache::Strategy::LocalCache::Middleware` - `ActionDispatch::RequestId` - `Rails::Rack::Logger` -- `Rack::Runtime` - `ActionDispatch::ShowExceptions` - `ActionDispatch::DebugExceptions` - `ActionDispatch::RemoteIp` diff --git a/guides/source/command_line.md b/guides/source/command_line.md index e85f9fc9c6..cbfccce788 100644 --- a/guides/source/command_line.md +++ b/guides/source/command_line.md @@ -412,7 +412,7 @@ Ruby version 2.2.2 (x86_64-linux) RubyGems version 2.4.6 Rack version 1.6 JavaScript Runtime Node.js (V8) -Middleware Rack::Sendfile, ActionDispatch::Static, Rack::Lock, #<ActiveSupport::Cache::Strategy::LocalCache::Middleware:0x007ffd131a7c88>, Rack::Runtime, Rack::MethodOverride, ActionDispatch::RequestId, Rails::Rack::Logger, ActionDispatch::ShowExceptions, ActionDispatch::DebugExceptions, ActionDispatch::RemoteIp, ActionDispatch::Reloader, ActionDispatch::Callbacks, ActiveRecord::Migration::CheckPending, ActiveRecord::ConnectionAdapters::ConnectionManagement, ActiveRecord::QueryCache, ActionDispatch::Cookies, ActionDispatch::Session::CookieStore, ActionDispatch::Flash, Rack::Head, Rack::ConditionalGet, Rack::ETag +Middleware Rack::Sendfile, ActionDispatch::Static, Rack::Lock, #<ActiveSupport::Cache::Strategy::LocalCache::Middleware:0x007ffd131a7c88>, Rack::MethodOverride, ActionDispatch::RequestId, Rails::Rack::Logger, ActionDispatch::ShowExceptions, ActionDispatch::DebugExceptions, ActionDispatch::RemoteIp, ActionDispatch::Reloader, ActionDispatch::Callbacks, ActiveRecord::Migration::CheckPending, ActiveRecord::ConnectionAdapters::ConnectionManagement, ActiveRecord::QueryCache, ActionDispatch::Cookies, ActionDispatch::Session::CookieStore, ActionDispatch::Flash, Rack::Head, Rack::ConditionalGet, Rack::ETag Application root /home/foobar/commandsapp Environment development Database adapter sqlite3 diff --git a/guides/source/rails_on_rack.md b/guides/source/rails_on_rack.md index 0db90fedb3..82aedc3fdf 100644 --- a/guides/source/rails_on_rack.md +++ b/guides/source/rails_on_rack.md @@ -106,7 +106,6 @@ use Rack::Sendfile use ActionDispatch::Static use Rack::Lock use #<ActiveSupport::Cache::Strategy::LocalCache::Middleware:0x000000029a0838> -use Rack::Runtime use Rack::MethodOverride use ActionDispatch::RequestId use Rails::Rack::Logger |