- How does Mojolicious compare to other Perl web frameworks?
- Why doesn't Mojolicious have any dependencies?
- Why reinvent wheels?
- What about backwards compatibility?
- Why not split up Mojolicious into many smaller distributions?
- Can you add feature XY to the core distribution?
- What does the error "Maximum message size exceeded" mean?
- What does the error "Maximum line size exceeded" mean?
- What does "Your secret passphrase needs to be changed" mean?
- What does "Inactivity timeout" mean.
- What does "Premature connection close" mean?
- What does "Worker 31842 has no heartbeat, restarting" mean?
- I think i have found a bug, what should i do now?
Mojolicious::Guides::FAQ - Frequently Asked Questions
This document contains the most frequently asked questions about Mojolicious together with the right answers.
The short answer is "it doesn't", because we interpret the words "web framework" much more literally than others. With the emergence of the
real-time web and new technologies such as
WebSockets, we are facing new challenges that go way beyond what commonly used modules like LWP were designed for. Because of this, Mojolicious contains a whole new HTTP client/server stack called Mojo, which was heavily inspired by the original
LWPng effort and carefully designed with these new requirements in mind. So while some of the higher abstraction layers might look similar to other web frameworks, it actually defines a whole new category and could even be the foundation for more advanced ones in the future.
We are optimizing Mojolicious for user-friendliness and development speed, without compromises. While there are no rules in Mojolicious::Guides::CodingGuidelines that forbid dependencies, we do currently discourage adding non-optional ones in favor of a faster and more painless installation process. And we do in fact already use several optional CPAN modules such as EV, IO::Socket::IP, IO::Socket::SSL and Plack to provide advanced functionality if they are installed.
Because we can make them rounder. Components specifically designed for user-friendliness and development speed are not easy to come by. We are strong believers of the Perl mantra "There is more than one way to do it", and our quest is to develop the best possible solutions for these two criteria.
In conformance with Mojolicious::Guides::CodingGuidelines, we will always deprecate a feature before removing or changing it in incompatible ways between major releases. New features can however be marked as experimental to explicitly exclude them from these rules. This gives us the necessary freedom to ensure a healthy future for Mojolicious. So, as long as you are not using anything marked experimental, untested or undocumented, you can always count on backwards compatibility, everything else would be considered a bug.
Because there are no advantages, it drastically increases maintenance costs and installation times without giving us anything in return. It would only make sense if we wanted to pass ownership of a module to a new maintainer, which we already have done in the past.
Probably not. While the Mojolicious distribution covers a wide range of features, we are rather conservative when it comes to adding new ones. The most important criteria are outlined in Mojolicious::Guides::CodingGuidelines. But don't let this discourage you, it doesn't hurt to open a GitHub issue and ask, just be prepared that it might not pass the vote. To increase the chances you can also discuss and refine ideas on the mailing-list.
To protect your applications from excessively large requests and responses, our HTTP parser has a cap after which it will automatically stop accepting new data, and in most cases force the connection to be closed. This limit is around
5MB by default, you can use the
MOJO_MAX_MESSAGE_SIZE environment variable to change this value.
This is a very similar protection mechanism to the one described in the previous answer, but a little more specific. It limits the maximum length of any
\r\n terminated part of a HTTP message, such as request line, status line and headers. This limit is around
10KB by default, you can use the
MOJO_MAX_LINE_SIZE environment variable to change this value.
Mojolicious uses a secret passphrase for security features such as signed cookies. It defaults to the name of your application, which is not very secure, so we added this log message as a reminder. You can change the passphrase with the attribute "secret" in Mojolicious.
app->secret('My very secret passphrase.');
To protect your applications from denial-of-service attacks, all connections have an inactivity timeout which limits how long a connection may be inactive before being closed automatically. It defaults to
20 seconds for the user agent and
15 seconds for all built-in web servers, and is commonly referred to as
inactivity_timeout. This timeout always applies, so you might have to tweak it for applications that take a long time to process a request.
This error message is often related to the one above, and means that the web server closed the connection before the user agent could receive the whole response.
As long as they are accepting new connections, Hypnotoad worker processes send heartbeat messages to the manager process in regular intervals, to signal that they are still responsive. A blocking operation such as an infinite loop in your application (or active connections after a worker has stopped accepting new connections) can prevent this, and will force the affected worker to be restarted after a timeout. This
heartbeat_timeout defaults to
20 seconds and can be extended if your application requires it.
First make sure you are using the latest version of Mojolicious, it is quite likely that the bug has already been fixed. If that doesn't help, prepare a test case demonstrating the bug, you are not expected to fix it yourself, but you'll have to make sure the developers can replicate your problem. Sending in your whole application generally does more harm than good, the
t directory of this distribution has many good examples for how to do it right. Writing a test is usually the hardest part of fixing a bug, so the better your test case the faster it can be fixed. ;)
Once that's done you can contact the developers via GitHub issue.
If you decide to fix the bug yourself, make sure to also take a look at Mojolicious::Guides::CodingGuidelines.