I hit a problem when using this piece of middleware along with galetahub-simple_captcha. The captcha gem uses a rack middle ware hook to respond to requests for captcha images written on the fly. With rack-policy in place the headers of these requests were being mangled so that the content length was zero giving a browser error.

I think that the issue lies in that by bypassing response.finish call the body does not get wrapped in a BodyProxy instance and cannot then be safely modified by rack middleware downstream of rack-policy in the middleware chain.

Hope that makes some sort of sense!

Ken