Archive

Posts Tagged ‘Proxy’

Mongrel ESI

July 24th, 2007
No comments

Thought it would be a good time to share this. Mongrel ESI, is a little project I’ve been working on for a few months now. It provides a simple means of caching views. You can include cachable fragments in a page by using the <esi:include tag.

You can invalidate fragments by using the <esi:invalidate tag

<esi:invalidate output="no">
  <?xml version="1.0"?>
  <!DOCTYPE INVALIDATION SYSTEM "internal:///WCSinvalidation.dtd">
    <INVALIDATION VERSION="WCS-1.1">
      <OBJECT>
        <BASICSELECTOR URI="#{invalidate_url}"/>
        <ACTION REMOVALTTL="0"/>
        <INFO VALUE="invalidating action"/>
      </OBJECT>
    </INVALIDATION>
</esi:invalidate>

The cache server works as a proxy server. To configure how it proxies, modify the config/routes.yml

insurance:
  host: 127.0.0.1
  port: 3001
  match_url: ^\/(special_app).*
default:
  host: 127.0.0.1
  port: 3000

The command line interface is a clone of mongrel_rails. To start

mongrel_esi start

It only implements a small subset of the ESI spec, but it’s a pretty useful subset IMO…

Software , , ,

An attack worth noting

January 30th, 2006
2 comments

This is something I’ve been thinking about for awhile now. Mainly I’ve been trying to understanding how it can happen. I believe the most common method for this kind of attack is coming from forms that allow free text that later ends up in some document on a site. Thought this was a pretty interesting article, helped me understand XSS a little bit better.

Here’s another interesting article about XSS

Software ,