lua-users home
lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]


On Mon, Sep 28, 2009 at 10:10 AM, Petite Abeille
<petite.abeille@gmail.com> wrote:>> - HTTP ain't as simple as at
looks, particularly when dealing with stuff
>> like multipart, transfer encoding, negotiating compression and so on;
>> targeting something like WSAPI makes all these problems go away, as the main
>> web server does it for you;
>
> Ditto with proxies, you can leave each proxy to specialize in whatever it
> does well. Very similar to the basic concept of stdin/stdout in Unix. Not
> every tool needs to implement everything. Instead, one can pipeline
> processing from one to the other. The lingua franca being HTTP.
>
>> - having two HTTP servers means that you've double the chances of exposing
>> a security flaw to the outside world; WSAPI nicely isolates you from the web
>> server proper,
>
> I always wonder why people want to be "isolated" from HTTP: what's the
> benefit of ignoring the most fundamental protocol a web application is
> supposed to deal with? A bit like wanting to access a relational database,
> but not wanting to bother with SQL.

WSAPI (in its various forms in python, lua, and ruby, that I know of)
has nothing to do with isolating from HTTP, its about decoupling the
implementation of the HTTP protocol, from the implementation of the
behaviour.

This allows an HTTP aware app to not be tied to a particular server.
It neither encourages or discourages proxying, in fact, it allows you
to set up an arbitrarily complex set of http servers, proxied between
other, each implementation perhaps specialized for a particular
purpose, and distribute your apps into the server of choice.

Cheers,
Sam