[web-devel] [Yesod] Re: Next version of WAI: cleaning house

Michael Snoyman michael at snoyman.com
Wed Jul 24 13:54:26 CEST 2013


On Wed, Jul 24, 2013 at 2:43 PM, Kazu Yamamoto <kazu at iij.ad.jp> wrote:

> Michael,
>
> > 1. How does Warp know which interface, port, and IP address the
> connection
> > comes in on? The port is specified by the user, so there's no purpose in
> > Warp providing that to the application. The interface is (mostly) user
> > specified as well. But it's not a request-specific piece of information
> > anyway. If you wanted that information, why should it be part of the
> > Request value? Warp could just provide it separately via a separate run
> > function, e.g.:
>
> I guess they want to know peer's port number. I don't know why it is
> important.
>
> However, I think that peer's IP address is important. If an
> application can obtain combination of peer's IP address and HTTP
> header, the application can tell whether or not communication is
> encrypted.
>
> --Kazu
>

I'm definitely not talking about removing the peer information. Request has
a remoteHost field which is of type SockAddr, and therefore provides both
remote IP address and port number (the latter, as you mention, being mostly
useless).

I'm not sure what you mean by telling if communication is encrypted using
the headers + IP address, can you clarify?

Michael
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.haskell.org/pipermail/web-devel/attachments/20130724/627f07e7/attachment.htm>


More information about the web-devel mailing list