Security News
Researcher Exposes Zero-Day Clickjacking Vulnerabilities in Major Password Managers
Hacker Demonstrates How Easy It Is To Steal Data From Popular Password Managers
By Jonathan Leitschuh - Aug 19, 2025
canson
Canson
small rack based framework that can run websocket. 20K connections can be handled
Run the example chat app
cd spec/test_app_root
bundle install
bundler exec iodine -p 3000 -t 16 -w 4
open localhost:3000 in browser
Example app
in spec/test_app_root
require 'canson'
class TestApp < Canson::Base
def self.print_out
puts 'hijack'
end
get '/' do
print_out
{results: 'hi'}
end
get '/ask' do |params|
name = params[:name]
{results: name}
end
on_open do
puts '================================'
puts 'We have a websocket connection'
puts '================================'
end
on_close do
puts "Bye Bye... #{count} connections left..."
end
on_shutdown do
write 'The server is shutting down, goodbye.'
end
on_message do |params|
data = params[:data]
ws = params[:ws]
nickname = params[:nickname]
tmp = "#{nickname}: #{data}"
ws.write tmp
ws.each { |h| h.write tmp }
puts '================================'
puts "got message: #{data} encoded as #{data.encoding}"
puts "broadcasting #{tmp.bytesize} bytes with encoding #{tmp.encoding}"
puts '================================'
end
end
require './test_app.rb'
run TestApp.new
Usage
Given the following piece of ruby code:
# config.ru
require "canson"
get "/index" do
{ results: [1, 2, 3] }
end
The server is run via
bundle exec rackup --port 3000.
When requested with curl http://localhost:3000/bla -i, it should return:
HTTP/1.1 200 OK
Content-Type: application/json
{"results": [1, 2, 3]}
Given the following piece of ruby code:
# config.ru
require "trialday"
get "/bla" do
{ results: [1, 2, 3] }
end
post "/bla" do |params|
name = params[:name]
{ name: name }
end
When requested with curl http://localhost:3000/index -i, it should return:
HTTP/1.1 200 OK
Content-Type: application/json
{"results": [1, 2, 3]}
When requested with curl -XPOST http://localhost:3000/bla -i -H "Content-Type: application/json" -d '{"name": "Mario"}', it should return:
HTTP/1.1 200 OK
Content-Type: application/json
{"name": "Mario"}
FAQs
Unknown package
We found that canson demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 07 Dec 2016
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Oxlint Introduces Type-Aware Linting Preview
Oxlint’s new preview brings type-aware linting powered by typescript-go, combining advanced TypeScript rules with native-speed performance.
By Sarah Gooding - Aug 18, 2025
Security News
New Website “Is It Really FOSS?” Tracks Transparency in Open Source Distribution Models
A new site reviews software projects to reveal if they’re truly FOSS, making complex licensing and distribution models easy to understand.
By Sarah Gooding - Aug 15, 2025