From d91c98573da7a4af915410d40c6cf7a3a193fed2 Mon Sep 17 00:00:00 2001
From: Kenta Murata <mrkn@mrkn.jp>
Date: Wed, 26 Aug 2020 14:02:18 +0900
Subject: [PATCH] [Doc] Describe the stance of WEBrick about its security and
 utilization

WEBrick is not recommended for the production use.  We need to explicitly
describe this fact in the document to avoid troubles due to misunderstanding.
---
 lib/webrick.rb | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/lib/webrick.rb b/lib/webrick.rb
index 1c0eb81..b854b68 100644
--- a/lib/webrick.rb
+++ b/lib/webrick.rb
@@ -15,6 +15,11 @@
 # WEBrick also includes tools for daemonizing a process and starting a process
 # at a higher privilege level and dropping permissions.
 #
+# == Security
+#
+# *Warning:* WEBrick is not recommended for production.  It only implements
+# basic security checks.
+#
 # == Starting an HTTP server
 #
 # To create a new WEBrick::HTTPServer that will listen to connections on port
@@ -139,9 +144,9 @@
 # servers.  See WEBrick::HTTPAuth, WEBrick::HTTPAuth::BasicAuth and
 # WEBrick::HTTPAuth::DigestAuth.
 #
-# == WEBrick as a Production Web Server
+# == WEBrick as a daemonized Web Server
 #
-# WEBrick can be run as a production server for small loads.
+# WEBrick can be run as a daemonized server for small loads.
 #
 # === Daemonizing
 #