X-Forwarded-Proto / X_FORWARDED_PROTO
Eric, think I came across an issue with the parser in unicorn, with a request (due to 2 layers of nginx proxying) coming across with both a X_FORWARDED_PROTO and a X-Forwarded-Proto header. From the socket (in HttpRequest) - we get: X_FORWARDED_PROTO: http X-Forwarded-Proto: https which is parsed to HTTP_X_FORWARDED_PROTO=http,https There was a passenger ticket that describes that from nginx's point of view - X-Forwarded-Proto is the correct form. -- /skaar sk...@waste.org where in the W.A.S.T.E is the wisdom s_u_b_s_t_r_u_c_t_i_o_n ___ Unicorn mailing list - mongrel-unicorn@rubyforge.org http://rubyforge.org/mailman/listinfo/mongrel-unicorn Do not quote signatures (like this one) or top post when replying
Re: X-Forwarded-Proto / X_FORWARDED_PROTO
The Rack (and CGI) specs require that '-' be replaced with '_' for HTTP header names, so Unicorn is doing the correct thing and treating it as the same header. but should it aggregate the values? Even though '_' appears to be allowed in header names by rfc 2616, it's use is questionable as there are parsers that reject it. Any chance of fixing whatever sends the X_FORWARDED_PROTO header? It's completely pointless to set to http in our case we can probably fix the proxy chain - we have a set of dedicated SSL systems (which sets X-Forwarded-Proto) which forward to the main nginx front end (which sets X_FORWARDED_PROTO). I'll also look at removing the proxy-set-header cases that sets it to to 'http'. Just for reference: we ran into this issue when replacing nginx to mongrels over a TCP socket, with nginx to unicorn over a domain socket. With mongrel we don't have this problem (although I see from e26ebc985b882c38da50fb0104791a5f2c0f8522 - that you added support for it in http11) /skaar -- Eric Wong ___ Unicorn mailing list - mongrel-unicorn@rubyforge.org http://rubyforge.org/mailman/listinfo/mongrel-unicorn Do not quote signatures (like this one) or top post when replying -- /skaar sk...@waste.org where in the W.A.S.T.E is the wisdom s_u_b_s_t_r_u_c_t_i_o_n ___ Unicorn mailing list - mongrel-unicorn@rubyforge.org http://rubyforge.org/mailman/listinfo/mongrel-unicorn Do not quote signatures (like this one) or top post when replying
unicorn/reexec/bundler/cap deploy issue
Hi Eric,
we've run into an issue with Unicorn's reexec, when the rails app is
using Bundler and we deploy into dated release directories. Still not
sure what the correct fix is for this, but what happens is that bundler
modifies (acutally prefixes) PATH/RUBYOPT and when you reexec unicorn
these are passed along to the new master process - and Bundler will
again append to the PATH/RUBYOBT.
This becomes more of a problem when you deploy with capistrano and
include SIGUSR2 restart of your unicorn. And effectively it will attempt
to load all Bundler vendor/bundler_gems/environment.rb for all deploys
since unicorn was first started - and if you have, say, a keep only 5
releases strategy, you will soon get failures when a bundler
environment.rb file in RUBYOPT has been shifted out.
I'm still not sure what the right solution is (to modify unicorn, the
unicorn.rb config file or to address it in bundler), but the following
patch does it brute force in unicorn and introduce the assumption that
a reexec should take the same PATH/RUBYOPT variables as the initial
invokation of the unicorn process (using a similar strategy as with
PWD):
From 3d6ca163723148668d69115ebaf00cb814db8f49 Mon Sep 17 00:00:00 2001
From: skaar sk...@waste.org
Date: Sat, 2 Jan 2010 12:29:38 -0500
Subject: [PATCH] filter PATH/RUBYOPT when rexec, and give new master same
values as the
original master process
---
lib/unicorn.rb |4
1 files changed, 4 insertions(+), 0 deletions(-)
diff --git a/lib/unicorn.rb b/lib/unicorn.rb
index 225e00a..6b3e334 100644
--- a/lib/unicorn.rb
+++ b/lib/unicorn.rb
@@ -111,6 +111,8 @@ module Unicorn
Dir.pwd
end
}.call,
+ :path = ENV['PATH'],
+ :rybyopt = ENV['RUBYOPT'],
0 = $0.dup,
}
@@ -488,6 +490,8 @@ module Unicorn
self.reexec_pid = fork do
listener_fds = LISTENERS.map { |sock| sock.fileno }
ENV['UNICORN_FD'] = listener_fds.join(',')
+ENV['PATH'] = START_CTX[:path]
+ENV['RUBYOPT'] = START_CTX[:rubyopt]
Dir.chdir(START_CTX[:cwd])
cmd = [ START_CTX[0] ].concat(START_CTX[:argv])
--
1.6.6.rc3
--
/skaar
sk...@waste.org
where in the W.A.S.T.E is the wisdom
s_u_b_s_t_r_u_c_t_i_o_n
___
Unicorn mailing list - mongrel-unicorn@rubyforge.org
http://rubyforge.org/mailman/listinfo/mongrel-unicorn
Do not quote signatures (like this one) or top post when replying
