Consider other essential handlers

[jbr]

from rails:

• Rack::Sendfile Sets server specific X-Sendfile header. Configure this via config.action_dispatch.x_sendfile_header option.
• ActionDispatch::Static Used to serve static files from the public directory. Disabled if config.public_file_server.enabled is false.
• Rack::Lock -- Sets env["rack.multithread"] flag to false and wraps the application within a Mutex.
• ActionDispatch::Executor Used for thread safe code reloading during development.
• ActiveSupport::Cache::Strategy::LocalCache::Middleware -- Used for memory caching. This cache is not thread safe.
• Rack::Runtime Sets an X-Runtime header, containing the time (in seconds) taken to execute the request.
• Rack::MethodOverride -- Allows the method to be overridden if params[:_method] is set. This is the middleware which supports the PUT and DELETE HTTP method types.
• ActionDispatch::RequestId Makes a unique X-Request-Id header available to the response and enables the ActionDispatch::Request#request_id method.
• ActionDispatch::RemoteIp Checks for IP spoofing attacks.
• Sprockets::Rails::QuietAssets Suppresses logger output for asset requests.
• Rails::Rack::Logger Notifies the logs that the request has begun. After the request is complete, flushes all the logs.
• ActionDispatch::ShowExceptions Rescues any exception returned by the application and calls an exceptions app that will wrap it in a format for the end user.
• ActionDispatch::DebugExceptions Responsible for logging exceptions and showing a debugging page in case the request is local.
• ActionDispatch::ActionableExceptions Provides a way to dispatch actions from Rails' error pages.
• ActionDispatch::Reloader Provides prepare and cleanup callbacks, intended to assist with code reloading during development.
• ActionDispatch::Callbacks Provides callbacks to be executed before and after dispatching the request.
• ActiveRecord::Migration::CheckPending Checks pending migrations and raises ActiveRecord::PendingMigrationError if any migrations are pending.
• ActionDispatch::Cookies Sets cookies for the request.
• ActionDispatch::Session::CookieStore Responsible for storing the session in cookies.
• ActionDispatch::Flash Sets up the flash keys. Only available if config.action_controller.session_store is set to a value.
• ActionDispatch::ContentSecurityPolicy::Middleware Provides a DSL to configure a Content-Security-Policy header.
• Rack::Head Converts HEAD requests to GET requests and serves them as so.
• Rack::ConditionalGet Adds support for "Conditional GET" so that server responds with nothing if the page wasn't changed.
• Rack::ETag Adds ETag header on all String bodies. ETags are used to validate cache.
• Rack::TempfileReaper Cleans up tempfiles used to buffer multipart requests.

from phoenix:

• Plug.Static - serves static assets. Since this plug comes before the logger, serving of static assets is not logged
• Phoenix.CodeReloader - a plug that enables code reloading for all entries in the web directory. It is configured directly in the Phoenix application
• Plug.RequestId - generates a unique request id for each request.
• Plug.Telemetry - adds instrumentation points so Phoenix can log the request path, status code and request time by default.
• Plug.Parsers - parses the request body when a known parser is available. By default parsers parse urlencoded, multipart and json (with jason). The request body is left untouched when the request content-type cannot be parsed
• Plug.MethodOverride - converts the request method to PUT, PATCH or DELETE for POST requests with a valid _method parameter
• Plug.Head - converts HEAD requests to GET requests and strips the response body
• Plug.Session - a plug that sets up session management. Note that fetch_session/2 must still be explicitly called before using the session as this Plug just sets up how the session is fetched
• accepts Performs content negotiation based on the available formats.
• fetch_flash Fetches the flash storage.
• put_secure_browser_headers Put headers that improve browser security.

from plug:

• Plug.BasicAuth - provides Basic HTTP authentication;
• Plug.CSRFProtection - adds Cross-Site Request Forgery protection to your application. Typically required if you are using Plug.Session;
• Plug.Head - converts HEAD requests to GET requests;
• Plug.Logger - logs requests;
• Plug.MethodOverride - overrides a request method with one specified in the request parameters;
• Plug.Parsers - responsible for parsing the request body given its content-type;
• Plug.RequestId - sets up a request ID to be used in logs;
• Plug.RewriteOn - rewrite the request's host/port/protocol from x-forwarded-* headers;
• Plug.Session - handles session management and storage;
• Plug.SSL - enforces requests through SSL;
• Plug.Static - serves static files;
• Plug.Telemetry - instruments the plug pipeline with :telemetry events;

from express

• body-parser - previous bodyParser, json, and urlencoded. You may also be interested in:
• compression
• connect-timeout
• cookie-parser
• cookie-session
• csurf
• errorhandler
• express-session
• method-override
• morgan logger
• response-time
• serve-favicon
• serve-static
• vhost

[prabirshrestha]

There are lot from fastly ecosystem. around 44 core plugins and 146 community plugin as of now.

[jbr]

I'm not familiar with fastly, is there an equivalent of a "default middleware stack?"