PDA

View Full Version : Re: Update Software Roadmap - POST and CSRF/security



John A. Tamplin
2005-08-09, 07:49
On Tue, 9 Aug 2005, Peter Watkins wrote:

> From a security standpoint, the simplicity of the Slim HTTP server is
> a very good thing -- it makes it easier to understand and protect against
> threats when there are fewer input vectors.

True, but there are other benefits to switching -- a proven
high-performance model with many other people working on new features, bug
fixes, cross-platform portability, and performance enhancements. I
previously wrote a custom HTTP server for banner ad delivery (blazingly
fast, 90th percentile of response times was under 35ms counting multiple
database fetches), but if I were doing it again today I would definitely
do it as a module for apache rather than write it full custom again.

--
John A. Tamplin jat (AT) jaet (DOT) org
770/436-5387 HOME 4116 Manson Ave
Smyrna, GA 30082-3723