Thanks to a private reply I was able to look at the 4.5.1 adaptor
code, and it hasn't really changed much. For example, loadaverage.c
has just this following diff:
"""
< Copyright # 2000 Apple Computer, Inc. All Rights Reserved.
---
> Copyright # 2000-2007 Apple, Inc. All Rights Reserved.
"""
On my development machine I sent some requests through two configurations:
- Adaptor 4.5.1 + Apache 1.3
- Adaptor 5.4.1 + Apache 2.2
And both properly stripped the x-webobjects-loadaverage header. It
looks like the problem is elsewhere, or the adaptor has been modified.
cheers,
travis
On Sun, Jun 8, 2008 at 10:01 AM, Travis Crawford
<[EMAIL PROTECTED]> wrote:
> Hi All,
>
> I'm investigating an issue where x-webobjects-loadaverage headers leak
> to end-users and think this might be an issue with the version 4.5.1
> HTTP Adaptor code. The issue appears to be fixed in version 5.4.1, the
> most recent release. Does anyone have the 4.5.1 code? I can't seem to
> find it on the Apple site.
>
> DETAILS:
>
> Looking at the latest WebObject source
> /Developer/Examples/WebObjects/Source/Adaptors/Adaptor/loadaverage.c
> we see:
> 22 * LoadAverage: a slightly more sophisticated load balancing
> 23 * method that tries to even out the load by levelling the number of
> 24 * sessions each app handles at any given time.
> 25 *
> 26 * This makes sense especially because for most WebObjects apps
> 27 * store state in the app, requiring each request for a session to always
> 28 * return to the same app. In this case, load balancing only really
> 29 * occurs on the first request - we try to pick the best app at this
> 30 * time.
> 31 *
> 32 * We use custom headers to get the session information returned to
> 33 * the adaptor; the header is, of course, stripped before sending to
> 34 * the client. The app developer can substitute their own header for
> 35 * default one (session count) if they want.
>
>
> in config.h we see:
> 254 /*
> 255 * private headers that shouldn't get leaked back to the browser
> 256 */
> 257 #define LOAD_AVERAGE_HEADER "x-webobjects-loadaverage"
>
>
> and the header is stripped in transaction.c
> 653 st_removeKey(resp->headers, LOAD_AVERAGE_HEADER);
>
> I'd like to look at the version 4.5.1 code to see if this header is
> stripped before sending back to clients; that would explain the
> behavior I'm seeing.
>
>
> Cheers,
> Travis
>
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-deploy mailing list (Webobjects-deploy@lists.apple.com)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/webobjects-deploy/archive%40mail-archive.com
This email sent to [EMAIL PROTECTED]
