Displaying 20 results from an estimated 400 matches similar to: "expires header for .css"
2007 Dec 28
6
Arbitrary system files readable in 1.0.4 - 1.1.2
I just found a vulnerability in one of my web apps that was running
Mongrel 1.1.2 where I could go to URIs like
/.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/etc/passwd and it
would serve the actual /etc/passwd file.
The issue seems to be in lib/mongrel/handlers.rb in the change from
1.0.3 to 1.0.4
req_path = HttpRequest.unescape(path_info)
- if @path
- req_path =
2009 Mar 19
3
Settings for CDN, GZip, Header Expires for BEtter Yslow
Hi
On my website i m getting B Grade with 87 points. Now i want to make it
A and there is a scope to do that.
I have added Google Analytics code which is y my gzip component and
header expire grade goes to B from A. I need to use Google Analytics so
cant i set header expires and gzip that?
Another thing is that CDN is not something for a small website. So isnt
there a way out where we can set
2008 Jun 19
2
Strange performance issue
I have a strange performance issue and have no idea how to find the
bottle neck. A page on my site (http://www.neco.com/events/2783239) is
taking way too long to load. So I decided to test it out via curl to see
how fast it was downloading the page and this is what I got:
ben-johnsons-macbook-pro-17:neco-website benjohnson$ time curl -o
output.txt http://www.neco.com/events/2783239
% Total %
2009 Feb 11
8
how to get DTrace to use the same structure field alignment as C?
Is there a pragma to turn off padding or some other mechanism besides
dummying up fields to make them char[] to disable padding?
Thanks!
2010 Apr 20
5
Debugging slow apache server?
hello,
i'm using an apache server to host 8 virtual hosts.
even though this server is local.. 7 out of these 8 virtual hosts open extremly slow..
it takes around 10 seconds to open a page..
though the 8th (which is a completely different site) it opens fairly fast in around 1 or 2 seconds tops..
i tried tailing the error_log and i found nothing ..
is there a way i could monitor wht each
2007 Dec 29
0
[SECURITY] Patch For Bug Serving Arbitrary Files
This is a proposed patch for the security hole reported today. You can
just add the test for @path being at index 0 in the exanded req_path as
shown below. Take heed of the comment I''ve added too, and there was a
test for this very attack in the unit test suite, so it was removed by
someone as well. I didn''t test this but I''m pretty sure it''s the fix.
===
2007 Oct 19
0
X-Sendfile, static files, windows
Jeremy,
I found your old message with this title. I struck the same thing,
where the current drive wasn''t the same as the drive I wanted to
serve (some) files from. So here''s the patch to add to
lib/mongrel/handlers.rb contains class DirHandler. I added two
things, first to initialize:
def initialize(path, listing_allowed=true, index_html="index.html")
2006 Oct 31
12
Moving page_cache_directory
Howdy. I''m working on a RoR CMS and need cached pages to all be in
public/cache rather than public [in order to set svn:ignore on all the files
properly]. I can get page_cache_directory set correctly and the pages are
cached in the right place but Mongrel isn''t serving them because it''s only
looking for them in public. During development I know I can set -r
public/cache
2006 Dec 01
2
favicon
im trying to figure out how to serve a favicon.ico for my app, does anyone have a line for Mongrel::Configurator? all i can see is that everyone seems to use the 404 handler...how boring..
uri "/favico", :handler => Mongrel::DirHandler.new(File.dirname(__FILE__)+"/favicon.ico") is sort of close, but it says The image ?http://m/favicon.ico? cannot be displayed, because it
2010 Sep 18
3
max-age/header problems with nginx
0 down vote favorite
I notice that in my production enviornment (where I have memcached
implemented) in see a cache-control - max-age header in firebug,
anytime I am looking at an index page (posts for example).
Cache-Control max-age=315360000
In my dev environment that header looks like following.
Cache-Contro private, max-age=0, must-revalidate
As far as I know I have not done anything
2007 Oct 25
2
Patch for X-SendFile on Windows
A new TRAC entry with patch has been added (initially for Camping)
to allow X-SendFile on Windows to use DirHandler to send files on
drives other than the current drive, if the DirHandler base path is "/"
(which is the way Camping uses DirHandler).
As it was, "/" gets expanded to "C:/", and then you can''t serve files
on any other drive, which I needed to do
2006 Sep 19
1
Problem with large files
Hi
we have samba 3.0.14a on FreeBSD 5.4.
We tried with different kind of locking and oplocks (both enabled and
disabled).
If we try to copy from a Windows XP client a file larger than 3g, we get
these error:
Cannot copy XXX. The specified network name is no longer available.
We traced this problem in the logs (log level 10) and we got this error
------------
[2006/09/19 10:29:41, 5]
2006 Feb 03
3
Mongrel HTTP Library 0.2.2 (Serving Directories)
Hey Folks,
Another announcement of Mongrel -- the fastest little web server
library for Ruby yet. This release is nice in that it should build
on win32 better and it now sports a small DirHandler that can serve
directories and files. This means Mongrel is closer to replacing
WEBrick as a Rails debug runner.
You can get the releases and information from:
*
2006 Aug 07
1
DirHandler in surplus slashing / unrequited unescaping
im using Mongrels to serve up /usr/portage/packages for other gentoo boxen. since i guess im the guinea pig with the DirHandler, ran into a couple issues:
first, the client showed no files in the remote binhost, turns out the DirHandler was adding a trailing "/" to every filename, presumably making the client think they were directories, not files. attached is a patch which fixes this
2006 Jul 27
3
A number (id?) is added after css/js tags like style.css?1154009736
Dears,
My Ror setup works.. but I can''t guess why
<%= stylesheet_link_tag ''style'' , :media=> ''screen''%>
is rended as
<link href="/stylesheets/style.css?1154009736" media="screen"
rel="Stylesheet" type="text/css" />
What is that number.. any usage ??
Or I misconfigured something ?
Thanks
2006 Jan 22
2
Using register_template_handler to serve CSS files (Making ActionView handle .css as .rhtml)
Hi,
I wanted to be able to use some Rails code inside CSS files, so I set up
a controller (StylesController) to serve CSS files that reside inside
the controller''s view folder when the browser requests /stylesheets/:action
So in the controller I just define empty actions with the names I want
my style sheets in (ie: def cooleffects end - that would respond to
2007 Aug 10
1
serving static files
It seems that Merb is sending static files with Mongrel::DirHandler.
(mongrel_handler.rb:52)
if get_or_head and @files.can_serve(path_info)
# File exists as-is so serve it up
MERB_LOGGER.info("Serving static file: #{path_info}")
@files.process(request,response)
I haven''t done benchmarks and I''ve hardly glanced at DirHandler''s code
but the
2008 Jan 03
23
deployment survey
Hello Mongrels,
Building on the last messages about Fastthread, can we get a detailed
survey of the different ways people are deploying their applications?
It will help with near-future Mongrel development.
Please include the following things:
* Framework, if any (Camping, Merb, Rails, Nitro, Ramaze, IOWA, Rack...)
* Mongrel version
* Mongrel handlers used (rails, dirhandler, camping,
2006 Dec 19
1
mongrel_config has no output
I am not sure what i am doing wrong here, but no matter what i try i get no
output from mongrel_config:
$ mongrel_rails configtool
$ telnet localhost 3001
Trying 127.0.0.1...
Connected to localhost.
Escape character is ''^]''.
GET /config/ HTTP/1.1
HTTP/1.1 200 OK
Connection: close
Date: Tue, 19 Dec 2006 05:33:16 GMT
Content-Type: text/html
Content-Length: 0
Connection closed by
2007 Dec 10
4
Mongrel and http 1.1 OPTIONS keyword
Hello.
I just seen some errors in my mongrel application log:
It seems related to the httpd OPTIONS keyword
Example:
Processing LoginController#login (for .30.5.208 at 2007-12-10 09:00:23)
[OPTIONS]
and our ruby application does not know what to do with it. and finally
send an error
Does mongrel (which is the http server) is supposed to deal with these
kind of request ?
I think these