----- Original Message ----- From: David Corbin <[EMAIL PROTECTED]> Date: Tuesday, June 20, 2006 0:24 am Subject: Re: [Jruby-devel] A strategy for Mongrel. To: jruby-devel@lists.sourceforge.net
> On Monday 19 June 2006 07:24 am, Ola Bini wrote: > > Actually, I'm not sure that performance is the big issue in HTTP > parsing,> but google for a few interviews with Zed, and you will > notice immediatly > > that he talks much about the security in a parser generated from > a formal > > description instead of hand crafted code. According to him, it > seems his > > parser even stop some attacks that Apache HTTPD let's through... > > Well, that makes some sense, but I'd think that would not be a big > issue in > something like Ruby (as compared to C, land of buffer overruns). > > David > > Compared to Java, land of eternal Exceptions? Yes, Java is less vulnurable than C regarding these attacks, but some still work. /O _______________________________________________ Jruby-devel mailing list Jruby-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jruby-devel
