Rack: a Ruby Webserver Interface
Rack provides a minimal interface between webservers that support Ruby and Ruby frameworks.
To use Rack, provide an "app": an object that responds to the call method, taking the environment hash as a parameter, and returning an Array with three elements:
- The HTTP response code
- A Hash of headers
- The response body, which must respond to each
You can handle an app directly:
# my_rack_app.rb
require 'rack'
app = Proc.new do |env|
['200', {'Content-Type' => 'text/html'}, ['A barebones rack app.']]
end
Rack::Handler::WEBrick.run app
Or, you can use the rackup command line tool and avoid specifying details like port and server until runtime:
# config.ru
run Proc.new { |env| ['200', {'Content-Type' => 'text/html'}, ['get rack\'d']] }
Invoked like so:
$ rackup config.ru
... and you're good to go!
Outrageous.
News
- February 7th, 2013
- CVE-2013-0262, symlink path traversal in Rack::File
- CVE-2013-0263, timing attack against Rack::Session::Cookie
- Some Rails users may not be affected (if they only use Rails managed sessions).
- If users are using the Marshal (default) session cookie encoding, then those users are vulnerable to a Remote Code Execution, after a successful timing attack.
- While some users may assume that timing attacks are not viable over the Internet, Cloud users in particular are reminded that intra-cloud latencies are sufficiently low to be viable.
- Rack 1.5.2 has been released!.
- Rack 1.4.5 has been released!.
- Rack 1.3.10 has been released!.
- Rack 1.2.8 has been released!.
- Rack 1.1.6 has been released!.
Today's releases are important. All users should upgrade ASAP!
- January 28th, 2013
- Rack 1.5.1 has been released!.
- January 21st, 2013
- Rack 1.5.0 has been released!.
- January 13th, 2013
- Rack 1.4.4 has been released!.
- Rack 1.3.9 has been released!.
- Rack 1.2.7 has been released!.
- Rack 1.1.5 has been released!.
Today's releases are again a minor DoS. All users should ugprade!
- January 7th, 2013
- Rack 1.4.3 has been released!.
See security fix here.
All users should upgrade! - Rack 1.3.8 has been released!.
See security fix here.
All users should upgrade!
- January 6th, 2013
- Rack 1.4.2 has been released!.
See DoS vector report here.
All users should upgrade! - Rack 1.3.7 has been released!.
See DoS vector report here.
All users should upgrade! - Rack 1.2.6 has been released!.
See DoS vector report here.
All users should upgrade! - Rack 1.1.4 has been released!.
See DoS vector report here.
All users should upgrade!
- January 23rd, 2012
- Rack 1.4.1 has been released!
- December 28th, 2011
- Rack 1.4.0 has been released!
- December 28th, 2011
- Rack 1.3.6 has been released!
- October 18th, 2011
- Rack 1.3.5 has been released!
- October 1st, 2011
- Rack 1.3.4 has been released!
- September 16th, 2011
- Rack 1.3.3 has been released!
- July 26th, 2011
- Rack 1.3.2 has been released!
- July 13th, 2011
- Rack 1.3.1 has been released!
- May 23rd, 2011
- Rack 1.3.0 has been released!
- June 13th, 2010
- Rack 1.2.0 has been released!
- January 3rd, 2010
- Rack 1.1.0 has been released!
- October 18th, 2009
- Rack 1.0.1 has been released!
- April 25th, 2009
- Rack 1.0.0 has been released!
- January 9th, 2009
- Rack 0.9.1 has been released! This is a security release, please update.
- January 6th, 2009
- Rack 0.9 has been released!
- December 24th, 2008
- Introducing the Rack Core Team
- December 23rd, 2008
- Rack is mentioned on heise.de!
- December 5th, 2008
- The tighter integration of Rails with Rack continues.
- August 21st, 2008
- Rack 0.4 has been released!
- May 31st, 2008
- Rack development moves to Git.
- May 24th, 2008
- There now is a Google Group on Rack Development.
- February 26th, 2008
- Rack 0.3 has been released!
- November 10th, 2007
- Rack has been presented at the Euruko 2007.
- October 2007
- Ryan Allen gave a presentation on Rack (PDF).
- May 16th, 2007
- Rack 0.2 has been released!
Documentation
Contact
- [email protected] (archives)
- #rack on Freenode
More information
- Introducing Rack, an introductory blog post by Christian Neukirchen.
- The Rack Wiki has tutorials and presentations.
License
Rack is licensed under the very liberal MIT License.
Get it!
Current stable release:
gem install rack
Bleeding-Edge
Available on GitHub:
git clone git://github.com/rack/rack.git
The repository is browsable online, too.
Releases
- Rack 1.4.1
- rack-1.4.1.tar.gz (e822bb1c1dd9306f1f4cc6c7c208ac3fe0aa4018)
- Rack 1.4.0
- rack-1.4.0.tar.gz (0fec4d01e20b1ad13fd7809d0083292a71d3ec84)
- Rack 1.3.6
- rack-1.3.6.tar.gz (367f91c3b3917a8d3709c8ec13d09cca5d3ca253)
- Rack 1.3.5
- rack-1.3.5.tar.gz (9768a2140711c3a92e194ddeb2f5671f6aa89bf3)
- Rack 1.3.4
- rack-1.3.4.tar.gz (bdd02c8185c0c184e56b05489554f91b0f5feb4a)
- Rack 1.3.3
- rack-1.3.3.tar.gz (5bcb00a9d8cbd87c415ad08958db0768ce589c1b)
- Rack 1.3.2
- rack-1.3.2.tar.gz (b351131fb809375f7ebed128a541664b8be26c8b)
- Rack 1.3.1
- rack-1.3.1.tar.gz (d0149b63b50b3c6b819ccabf6d93ce28f4de9db6)
- Rack 1.3.0
- rack-1.3.0.tar.gz (214a3af03896e9b1fbddbe647b796426d930edd8)
- Rack 1.2.0
- rack-1.2.0.tar.gz (c69b0a120b249832f9701e6a9fe6692e6728940f)
- Rack 1.1.0
- rack-1.1.0.tar.gz (0289477e44262c5067c61cfe13b39d0de2f3f3de)
- Rack 1.0.1
- rack-1.0.1.tar.gz (d489661be03d0c5d08daa4158b09e937778783ed)
- Rack 1.0.0
- rack-1.0.0.tar.gz (53609db88608fb846a0a62df803ae2bb33372cfe)
- Rack 0.9.1
- rack-0.9.1.tar.gz (237e24207b39c384d78c266d86bbf2a0808dc417)
- Rack 0.9
- rack-0.9.0.tar.gz (445f542ed89308b9352d7653f33fe63c50453e3e)
- Rack 0.4
- rack-0.4.0.tar.gz (65a19e53a0dc661f4055d043126585b49a0b618d)
- Rack 0.3
- rack-0.3.0.tar.gz (5e92f2901d2dc77eb0453fc3acdd6c4a07fc167a)
- Rack 0.2
- rack-0.2.0.tar.gz (f1063711f228d19875a3211d71308b5c)
- Rack 0.1
- rack-0.1.0.tar.gz (79b46158b7b30adcd7a9148cc7ed4305)