From 65e110304147fa4c19d9c6cc29e0f289e1465b4b Mon Sep 17 00:00:00 2001 From: Chris McDonough Date: Sat, 1 Nov 2008 19:26:08 +0000 Subject: - Change default paster template generator to use ``Paste#http`` server rather than ``PasteScript#cherrpy`` server. The cherrypy server has a security risk in it when ``REMOTE_USER`` is trusted by the downstream application. --- docs/narr/MyProject/MyProject.ini | 4 ++-- docs/narr/project.rst | 4 ++-- docs/narr/startup.rst | 11 ++++------- 3 files changed, 8 insertions(+), 11 deletions(-) (limited to 'docs/narr') diff --git a/docs/narr/MyProject/MyProject.ini b/docs/narr/MyProject/MyProject.ini index f76323d50..c1ff50547 100644 --- a/docs/narr/MyProject/MyProject.ini +++ b/docs/narr/MyProject/MyProject.ini @@ -4,9 +4,9 @@ debug = true [app:main] use = egg:MyProject#app reload_templates = true +debug_authorization = false [server:main] -use = egg:PasteScript#cherrypy +use = egg:Paste#http host = 0.0.0.0 port = 6543 -numthreads = 4 diff --git a/docs/narr/project.rst b/docs/narr/project.rst index c7f53a4e5..c117d906a 100644 --- a/docs/narr/project.rst +++ b/docs/narr/project.rst @@ -309,8 +309,8 @@ changes will not require an application restart to be detected. See The ``[server:main]`` section of the configuration file configures a WSGI server which listens on port 6543. It is configured to listen on -all interfaces (``0.0.0.0``), and is configured to use four threads -for our application. +all interfaces (``0.0.0.0``). The ``Paste#http`` server will create a +new thread for each request. .. note:: diff --git a/docs/narr/startup.rst b/docs/narr/startup.rst index 17eb35d1e..b9391b273 100644 --- a/docs/narr/startup.rst +++ b/docs/narr/startup.rst @@ -156,13 +156,10 @@ press ``return`` after running ``paster serve MyProject.ini``. another WSGI application". #. PasteDeploy starts the WSGI *server* defined within the - ``[server:main]`` section. In our case, this is the "CherryPy" - server (``use = egg:PasteScript#cherrypy``), and it will listen on - all interfaces (``host = 0.0.0.0``), on port number 6543 (``port = - 6543``). It will serve up the application using 4 simultaneous - threads (``numthreads = 4``), which means it will handle four - simultaneous requests before needing to put a request in a wait - queue. The server code itself is what prints ``serving on + ``[server:main]`` section. In our case, this is the ``Paste#http`` + server (``use = egg:Paste#http``), and it will listen on all + interfaces (``host = 0.0.0.0``), on port number 6543 (``port = + 6543``). The server code itself is what prints ``serving on 0.0.0.0:6543 view at http://127.0.0.1:6543``. The server serves the application, and the application is running, waiting to receive requests. -- cgit v1.2.3