[Doc] Describe the stance of WEBrick about its security and utilization

WEBrick is not recommended for the production use. We need to explicitly describe this fact in the document to avoid troubles due to misunderstanding.
ruby · Aug 26, 2020 · d91c985 · d91c985
1 parent 0f0c9f1
commit d91c985
Showing 1 changed file with 7 additions and 2 deletions.
diff --git a/lib/webrick.rb b/lib/webrick.rb
@@ -15,6 +15,11 @@
 # WEBrick also includes tools for daemonizing a process and starting a process
 # at a higher privilege level and dropping permissions.
 #
+# == Security
+#
+# *Warning:* WEBrick is not recommended for production.  It only implements
+# basic security checks.
+#
 # == Starting an HTTP server
 #
 # To create a new WEBrick::HTTPServer that will listen to connections on port
@@ -139,9 +144,9 @@
 # servers.  See WEBrick::HTTPAuth, WEBrick::HTTPAuth::BasicAuth and
 # WEBrick::HTTPAuth::DigestAuth.
 #
-# == WEBrick as a Production Web Server
+# == WEBrick as a daemonized Web Server
 #
-# WEBrick can be run as a production server for small loads.
+# WEBrick can be run as a daemonized server for small loads.
 #
 # === Daemonizing
 #