2018-11-02 07:10:01 +00:00
|
|
|
#[macro_use] extern crate rocket;
|
|
|
|
|
|
|
|
|
|
use rocket::response::Redirect;
|
|
|
|
|
use rocket::http::uri::Uri;
|
|
|
|
|
|
|
|
|
|
const NAME: &str = "John[]|\\%@^";
|
|
|
|
|
|
|
|
|
|
#[get("/hello/<name>")]
|
|
|
|
|
fn hello(name: String) -> String {
|
|
|
|
|
format!("Hello, {}!", name)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#[get("/raw")]
|
|
|
|
|
fn raw_redirect() -> Redirect {
|
|
|
|
|
Redirect::to(format!("/hello/{}", Uri::percent_encode(NAME)))
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#[get("/uri")]
|
|
|
|
|
fn uri_redirect() -> Redirect {
|
|
|
|
|
Redirect::to(uri!(hello: NAME))
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
fn rocket() -> rocket::Rocket {
|
2021-04-08 08:07:52 +00:00
|
|
|
rocket::build().mount("/", routes![hello, uri_redirect, raw_redirect])
|
2018-11-02 07:10:01 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
mod tests {
|
|
|
|
|
use super::*;
|
2020-07-05 18:35:36 +00:00
|
|
|
use rocket::local::blocking::Client;
|
2018-11-02 07:10:01 +00:00
|
|
|
use rocket::http::{Status, uri::Uri};
|
|
|
|
|
|
2020-07-05 18:35:36 +00:00
|
|
|
#[test]
|
|
|
|
|
fn uri_percent_encoding_redirect() {
|
2018-11-02 07:10:01 +00:00
|
|
|
let expected_location = vec!["/hello/John%5B%5D%7C%5C%25@%5E"];
|
Test 'secret_key' validation, now on pre-launch.
Prior to this commit, it was not possible to test Rocket crates in
production mode without setting a global secret key or bypassing secret
key checking - the testing script did the latter. The consequence is
that it became impossible to test secret key related failures because
the tests passed regardless.
This commit undoes this. As a consequence, all tests are now aware of
the difference between debug and release configurations, the latter of
which validates 'secret_key' by default. New 'Client::debug()' and
'Client::debug_with()' simplify creating an instance of 'Client' with
configuration in debug mode to avoid undesired test failures.
The summary of changes in this commit are:
* Config 'secret_key' success and failure are now tested.
* 'secret_key' validation was moved to pre-launch from 'Config:from()'.
* 'Config::from()' only extracts the config.
* Added 'Config::try_from()' for non-panicking extraction.
* 'Config' now knows the profile it was extracted from.
* The 'Config' provider sets a profile of 'Config.profile'.
* 'Rocket', 'Client', 'Fairings', implement 'Debug'.
* 'fairing::Info' implements 'Copy', 'Clone'.
* 'Fairings' keeps track of, logs attach fairings.
* 'Rocket::reconfigure()' was added to allow modifying a config.
Internally, the testing script was refactored to properly test the
codebase with the new changes. In particular, it no longer sets a rustc
'cfg' to avoid secret-key checking.
Resolves #1543.
Fixes #1564.
2021-03-09 08:07:43 +00:00
|
|
|
let client = Client::debug(rocket()).unwrap();
|
2018-11-02 07:10:01 +00:00
|
|
|
|
2020-07-05 18:35:36 +00:00
|
|
|
let response = client.get("/raw").dispatch();
|
2018-11-02 07:10:01 +00:00
|
|
|
let location: Vec<_> = response.headers().get("location").collect();
|
|
|
|
|
assert_eq!(response.status(), Status::SeeOther);
|
|
|
|
|
assert_eq!(&location, &expected_location);
|
|
|
|
|
|
2020-07-05 18:35:36 +00:00
|
|
|
let response = client.get("/uri").dispatch();
|
2018-11-02 07:10:01 +00:00
|
|
|
let location: Vec<_> = response.headers().get("location").collect();
|
|
|
|
|
assert_eq!(response.status(), Status::SeeOther);
|
|
|
|
|
assert_eq!(&location, &expected_location);
|
|
|
|
|
}
|
|
|
|
|
|
2020-07-05 18:35:36 +00:00
|
|
|
#[test]
|
|
|
|
|
fn uri_percent_encoding_get() {
|
Test 'secret_key' validation, now on pre-launch.
Prior to this commit, it was not possible to test Rocket crates in
production mode without setting a global secret key or bypassing secret
key checking - the testing script did the latter. The consequence is
that it became impossible to test secret key related failures because
the tests passed regardless.
This commit undoes this. As a consequence, all tests are now aware of
the difference between debug and release configurations, the latter of
which validates 'secret_key' by default. New 'Client::debug()' and
'Client::debug_with()' simplify creating an instance of 'Client' with
configuration in debug mode to avoid undesired test failures.
The summary of changes in this commit are:
* Config 'secret_key' success and failure are now tested.
* 'secret_key' validation was moved to pre-launch from 'Config:from()'.
* 'Config::from()' only extracts the config.
* Added 'Config::try_from()' for non-panicking extraction.
* 'Config' now knows the profile it was extracted from.
* The 'Config' provider sets a profile of 'Config.profile'.
* 'Rocket', 'Client', 'Fairings', implement 'Debug'.
* 'fairing::Info' implements 'Copy', 'Clone'.
* 'Fairings' keeps track of, logs attach fairings.
* 'Rocket::reconfigure()' was added to allow modifying a config.
Internally, the testing script was refactored to properly test the
codebase with the new changes. In particular, it no longer sets a rustc
'cfg' to avoid secret-key checking.
Resolves #1543.
Fixes #1564.
2021-03-09 08:07:43 +00:00
|
|
|
let client = Client::debug(rocket()).unwrap();
|
2018-11-02 07:10:01 +00:00
|
|
|
let name = Uri::percent_encode(NAME);
|
2020-07-05 18:35:36 +00:00
|
|
|
let response = client.get(format!("/hello/{}", name)).dispatch();
|
2018-11-02 07:10:01 +00:00
|
|
|
assert_eq!(response.status(), Status::Ok);
|
2020-07-05 18:35:36 +00:00
|
|
|
assert_eq!(response.into_string().unwrap(), format!("Hello, {}!", NAME));
|
2018-11-02 07:10:01 +00:00
|
|
|
}
|
|
|
|
|
}
|
