Sweet, when can I remove these lines from my nginx.conf ? --
# nginx does not appear to properly sanitize urls in the form http://www.redbubble.com/people/photography/art/ </p # which causes mongrel to slam the door all the way down the cluster, causing a minor hickup. Both behaviours are # wrong, but until one party fixes the bug, this hack protects us location ~ '<' { return 400; } location ~ '>' { return 400; } location ~ '"' { return 400; } -- Cheers Dave On 28/03/2008, at 9:18 AM, Evan Weaver wrote: > Oh wow; good catch. > > Evan > > On Thu, Mar 27, 2008 at 5:50 PM, Eric Wong <[EMAIL PROTECTED]> > wrote: >> "Zed A. Shaw" <[EMAIL PROTECTED]> >> wrote: >>> On Mon, 16 Oct 2006 07:48:16 +0800 >>> "Eden Li" <[EMAIL PROTECTED]> wrote: >>> >>>> Here's a patch of http_parser.rl against r358 that allows these >>>> three >>>> characters and associated unit tests. >>> >>> >>> Rock on! That's what I'm talking about. I'll apply this soon and >>> post up a pre-release. >>> >>> Thanks Eden. >> >> I was late to the party, but just committed this to trunk: >> >> ------------------------------------------------------------------------ >> r996 | normalperson | 2008-03-27 14:46:28 -0700 (Thu, 27 Mar 2008) >> | 12 lines >> Changed paths: >> M ext/http11/http11_parser.c >> M ext/http11/http11_parser_common.rl >> M test/test_http11.rb >> >> http11_parser: accept '"' (double-quote), '<', and '>' characters >> in URLs >> >> Some broken web browsers don't properly escape ", <, and > characters >> in URLs, however these URLs to occasionally legitimate and sometimes >> show up. >> >> This patch was submitted by Eden Li here: >> http://rubyforge.org/pipermail/mongrel-users/2006-October/ >> 001845.html >> >> This patch was accepted by Zed Shaw here: >> http://rubyforge.org/pipermail/mongrel-users/2006-October/ >> 001847.html >> >> ------------------------------------------------------------------------ >> >> -- >> Eric Wong >> _______________________________________________ >> Mongrel-users mailing list >> Mongrel-users@rubyforge.org >> http://rubyforge.org/mailman/listinfo/mongrel-users >> > > > > -- > Evan Weaver > Cloudburst, LLC > _______________________________________________ > Mongrel-users mailing list > Mongrel-users@rubyforge.org > http://rubyforge.org/mailman/listinfo/mongrel-users _______________________________________________ Mongrel-users mailing list Mongrel-users@rubyforge.org http://rubyforge.org/mailman/listinfo/mongrel-users
