As part of working on mailtanium, I wrote a basic webapp in Sinatra to check mail on my phone. Sinatra does all sorts of magic for you, as ruby frameworks are prone to do. It’s built on top of Rack, which also does magic things.

I wasn’t fully aware of this until I recently checked my logs and noticed a bunch of entries like this.
W, [2013-03-06T06:01:57.276947 #2149] WARN -- : attack prevented by Rack::Protection::HttpOrigin
Wowza, I’m under attack! No wait, on further inspection, I see one of those every time I send a POST request from my phone. Firefox on my laptop doesn’t seem to trigger it.

What’s happening? I’m not sure. From what I can make of the source for the module, the request should be blocked, but it’s not. Everything still works. The emails I tried to send were, in fact, sent. Maybe Rack’s default config is to only log a warning and not do anything drastic. But why then say the attack was prevented, instead of not prevented?

I think what I need is less magical protection and more protection from magic.