web-server
web-server copied to clipboard
racket
The value of `(current-directory)` upon entry to `start` is the htdocs directory inside the web-server collection, not the directory that Racket started in (as for other Racket programs) or the...
Recently, people have pointed out that the combination of common caching proxies and web frameworks that treat `;` as a query separator can lead to security problems; see here: https://snyk.io/blog/cache-poisoning-in-popular-open-source-packages/...
I was walking through [the continue tutorial](https://docs.racket-lang.org/continue/index.html) and I think on macos, with the new strictness about allowing things to write to the file system, having to grant special permissions...
After refactoring a big web-server program, attempting to run it now blames one of my modules for violating the contract of `with-current-saved-continuation-marks-and` ("expected 1 value, returned 2 values in: the...
A few places in the web server use cryptographic hash functions, specifically MD5 and SHA1: - [`md5-stuffer`](https://docs.racket-lang.org/web-server/stateless.html#%28def._%28%28lib._web-server%2Fstuffers%2Fhash..rkt%29._md5-stuffer%29%29) - `HMAC-SHA1` and `HMAC-SHA1-stuffer` from [`web-server/stuffers/hmac-sha1`](https://docs.racket-lang.org/web-server/stateless.html#%28mod-path._web-server%2Fstuffers%2Fhmac-sha1%29) - All of the functions from [`web-server/http/id-cookie`](https://docs.racket-lang.org/web-server/http.html#%28mod-path._web-server%2Fhttp%2Fid-cookie%29)...
I recently discovered that `dispatch-rules` and related forms make it hard to handle trailing `/`s on URLs sensibly. The URL `https://example.com/foo/` (with a trailing `/`) is treated differently than `https://example.com/foo`...
When servlet instances are flushed (selectively or not), the only action taken is that servlet instance references are discarded. In particular, resources managed by the servlet custodian are not shut...
I think that Continue, as a flagship tutorial for Racket, needs new sections to cover changes in web development practice especially supporting client side web frameworks(angular,Ember,Vue,React) by building backends that...
The rendering of signatures in the Continue tutorial is confusing to readers In the tutorial, functions are often described, then followed by their signature in the familiar scribble/manual format. Unfortunately...
The SSL Labs "SSL Server Test" service (https://www.ssllabs.com/ssltest/) identifies some aspects of the Racket web server's default HTTPS configuration that should be improved. Most significantly, it says, "This server does...