El Sábado, 9 de Enero de 2010, skaar escribió: > Eric, > > think I came across an issue with the parser in unicorn, with a request > (due to 2 layers of nginx proxying) coming across with both a > X_FORWARDED_PROTO and a X-Forwarded-Proto header. From the socket (in > HttpRequest) - we get: > > X_FORWARDED_PROTO: http > X-Forwarded-Proto: https > > which is parsed to > > HTTP_X_FORWARDED_PROTO"=>"http,https > > There was a passenger ticket that describes that from nginx's point of > view - X-Forwarded-Proto is the "correct" form.
Rack specs require "-" being converted to "_" in header names, so both header X_FORWARDED_PROTO and X-Forwarded-Proto become the same header. Then we have two headers with same name and different value. Some headers are defined as "multivalue" which means that they would have the same meaning if an unique header exists containing both values separated by comma (the top one first). So: X_FORWARDED_PROTO: http X-Forwarded-Proto: https is equivalent to: X_FORWARDED_PROTO: http, https However it's not true that *any* header behaves in this way, but just headers defined in such way (by the standards). For example two "Authorization" headers cannot be joined in a single header. So it's not totally safe to assume that any header appearing various times could be a single header with their values separated by comma, however I think it's a good approach. More correct would be that Unicorn parses uknown headers appearing more than one time by setting a Array as value: X_FORWARDED_PROTO: ["http", "https"] Unfortunately this is not allowed in Rack specifications. -- Iñaki Baz Castillo <i...@aliax.net> _______________________________________________ Unicorn mailing list - mongrel-unicorn@rubyforge.org http://rubyforge.org/mailman/listinfo/mongrel-unicorn Do not quote signatures (like this one) or top post when replying
