Hi All, I'm investigating an issue where x-webobjects-loadaverage headers leak to end-users and think this might be an issue with the version 4.5.1 HTTP Adaptor code. The issue appears to be fixed in version 5.4.1, the most recent release. Does anyone have the 4.5.1 code? I can't seem to find it on the Apple site.
DETAILS: Looking at the latest WebObject source /Developer/Examples/WebObjects/Source/Adaptors/Adaptor/loadaverage.c we see: 22 * LoadAverage: a slightly more sophisticated load balancing 23 * method that tries to even out the load by levelling the number of 24 * sessions each app handles at any given time. 25 * 26 * This makes sense especially because for most WebObjects apps 27 * store state in the app, requiring each request for a session to always 28 * return to the same app. In this case, load balancing only really 29 * occurs on the first request - we try to pick the best app at this 30 * time. 31 * 32 * We use custom headers to get the session information returned to 33 * the adaptor; the header is, of course, stripped before sending to 34 * the client. The app developer can substitute their own header for 35 * default one (session count) if they want. in config.h we see: 254 /* 255 * private headers that shouldn't get leaked back to the browser 256 */ 257 #define LOAD_AVERAGE_HEADER "x-webobjects-loadaverage" and the header is stripped in transaction.c 653 st_removeKey(resp->headers, LOAD_AVERAGE_HEADER); I'd like to look at the version 4.5.1 code to see if this header is stripped before sending back to clients; that would explain the behavior I'm seeing. Cheers, Travis _______________________________________________ Do not post admin requests to the list. They will be ignored. Webobjects-deploy mailing list (Webobjects-deploy@lists.apple.com) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/webobjects-deploy/archive%40mail-archive.com This email sent to [EMAIL PROTECTED]
