Thanks for patches.
In message <Pine.GSO.4.44.0203212132150.24869-100000@peta.cs.auc.dk>,
`Lars Christensen <larsch@cs.auc.dk>' wrote:
> Below is two patches for webrick-1.1.5. The first fixes a smaller problem
> with HTTP/1.0 client that expect the server to disconnect if no
> "Connection:" header is sent (e.g. wget).
It's applied. (with arranged)
> The next two seem to fix the above problem. It changes the server model a
> little. When a request has been processed, the thread returns the sockets
> to the main loop.. The main loop will IO#select on the sockets and return
> them to a thread when there is incoming data.
This approach seems appropriate to use the threads efficiently.
However, it has to be considered about the processing which
performed only when connection is established. This problem is
appeared in webrick/https.
> WEBrick will still be vulnerable to DOS attacks by opening connections for
> all thread and sending the request, but not completing the header.
I think applications cannot deal with all of DoS attacks.
It might require lower network level solutions. (e.g. firewalls,
filtering or routing daemons.)
--
gotoyuzo