Rocket/core/lib/src/router/collider.rs

513 lines
21 KiB
Rust
Raw Normal View History

use super::Route;
use http::MediaType;
use http::route::Kind;
use request::Request;
2018-09-25 02:44:25 +00:00
impl Route {
/// Determines if two routes can match against some request. That is, if two
/// routes `collide`, there exists a request that can match against both
/// routes.
///
/// This implementation is used at initialization to check if two user
/// routes collide before launching. Format collisions works like this:
///
/// * If route specifies a format, it only gets requests for that format.
/// * If route doesn't specify a format, it gets requests for any format.
///
/// Because query parsing is lenient, and dynamic query parameters can be
/// missing, queries do not impact whether two routes collide.
#[doc(hidden)]
2018-09-25 02:44:25 +00:00
pub fn collides_with(&self, other: &Route) -> bool {
self.method == other.method
&& self.rank == other.rank
&& paths_collide(self, other)
&& formats_collide(self, other)
2018-09-25 02:44:25 +00:00
}
/// Determines if this route matches against the given request. This means
/// that:
///
/// * The route's method matches that of the incoming request.
/// * The route's format (if any) matches that of the incoming request.
/// - If route specifies format, it only gets requests for that format.
/// - If route doesn't specify format, it gets requests for any format.
/// * All static components in the route's path match the corresponding
/// components in the same position in the incoming request.
/// * All static components in the route's query string are also in the
/// request query string, though in any position.
2018-09-25 02:44:25 +00:00
/// - If no query in route, requests with/without queries match.
#[doc(hidden)]
2018-09-25 02:44:25 +00:00
pub fn matches(&self, req: &Request) -> bool {
self.method == req.method()
&& paths_match(self, req)
&& queries_match(self, req)
&& formats_match(self, req)
2018-09-25 02:44:25 +00:00
}
2016-03-18 02:43:58 +00:00
}
fn paths_collide(route: &Route, other: &Route) -> bool {
let a_segments = &route.metadata.path_segments;
let b_segments = &other.metadata.path_segments;
for (seg_a, seg_b) in a_segments.iter().zip(b_segments.iter()) {
if seg_a.kind == Kind::Multi || seg_b.kind == Kind::Multi {
return true;
}
if seg_a.kind == Kind::Static && seg_b.kind == Kind::Static {
if seg_a.string != seg_b.string {
return false;
}
}
}
a_segments.len() == b_segments.len()
}
fn paths_match(route: &Route, request: &Request) -> bool {
let route_segments = &route.metadata.path_segments;
if route_segments.len() > request.state.path_segments.len() {
return false;
}
let request_segments = request.raw_path_segments();
for (route_seg, req_seg) in route_segments.iter().zip(request_segments) {
match route_seg.kind {
Kind::Multi => return true,
Kind::Static if &*route_seg.string != req_seg.as_str() => return false,
_ => continue,
}
}
route_segments.len() == request.state.path_segments.len()
}
fn queries_match(route: &Route, request: &Request) -> bool {
if route.metadata.fully_dynamic_query {
return true;
}
2018-09-25 02:44:25 +00:00
let route_query_segments = match route.metadata.query_segments {
Some(ref segments) => segments,
None => return true
};
let req_query_segments = match request.raw_query_items() {
Some(iter) => iter.map(|item| item.raw.as_str()),
None => return route.metadata.fully_dynamic_query
};
for seg in route_query_segments.iter() {
if seg.kind == Kind::Static {
// it's okay; this clones the iterator
if !req_query_segments.clone().any(|r| r == seg.string) {
return false;
}
}
}
true
}
fn formats_collide(route: &Route, other: &Route) -> bool {
// When matching against the `Accept` header, the client can always provide
// a media type that will cause a collision through non-specificity.
if !route.method.supports_payload() {
return true;
}
// When matching against the `Content-Type` header, we'll only consider
// requests as having a `Content-Type` if they're fully specified. If a
// route doesn't have a `format`, it accepts all `Content-Type`s. If a
// request doesn't have a format, it only matches routes without a format.
match (route.format.as_ref(), other.format.as_ref()) {
(Some(a), Some(b)) => media_types_collide(a, b),
_ => true
}
}
fn formats_match(route: &Route, request: &Request) -> bool {
if !route.method.supports_payload() {
route.format.as_ref()
.and_then(|a| request.format().map(|b| (a, b)))
.map(|(a, b)| media_types_collide(a, b))
.unwrap_or(true)
} else {
match route.format.as_ref() {
Some(a) => match request.format() {
Some(b) if b.specificity() == 2 => media_types_collide(a, b),
_ => false
}
None => true
}
}
}
2018-09-25 02:44:25 +00:00
fn media_types_collide(first: &MediaType, other: &MediaType) -> bool {
let collide = |a, b| a == "*" || b == "*" || a == b;
collide(first.top(), other.top()) && collide(first.sub(), other.sub())
}
#[cfg(test)]
mod tests {
use std::str::FromStr;
2018-09-25 02:44:25 +00:00
use super::*;
Remove Session in favor of private cookies. New testing API. Sessions -------- This commit removes the `Session` type in favor of methods on the `Cookies` types that allow for adding, removing, and getting private (signed and encrypted) cookies. These methods provide a superset of the functionality of `Session` while also being a minimal addition to the existing API. They can be used to implement the previous `Session` type as well as other forms of session storage. The new methods are: * Cookie::add_private(&mut self, Cookie) * Cookie::remove_private(&mut self, Cookie) * Cookie::get_private(&self, &str) Resolves #20 Testing ------- This commit removes the `rocket::testing` module. It adds the `rocket::local` module which provides a `Client` type for local dispatching of requests against a `Rocket` instance. This `local` package subsumes the previous `testing` package. Rocket Examples --------------- The `forms`, `optional_result`, and `hello_alt_methods` examples have been removed. The following example have been renamed: * extended_validation -> form_validation * hello_ranks -> ranking * from_request -> request_guard * hello_tls -> tls Other Changes ------------- This commit also includes the following smaller changes: * Config::{development, staging, production} constructors have been added for easier creation of default `Config` structures. * The `Config` type is exported from the root. * `Request` implements `Clone` and `Debug`. * `Request::new` is no longer exported. * A `Response::body_bytes` method was added to easily retrieve a response's body as a `Vec<u8>`.
2017-06-06 20:41:04 +00:00
use rocket::Rocket;
use config::Config;
use request::Request;
use router::{dummy_handler, route::Route};
use http::{Method, MediaType, ContentType, Accept};
Overhaul URI types. This is fairly large commit with several entangled logical changes. The primary change in this commit is to completely overhaul how URI handling in Rocket works. Prior to this commit, the `Uri` type acted as an origin API. Its parser was minimal and lenient, allowing URIs that were invalid according to RFC 7230. By contrast, the new `Uri` type brings with it a strict RFC 7230 compliant parser. The `Uri` type now represents any kind of valid URI, not simply `Origin` types. Three new URI types were introduced: * `Origin` - represents valid origin URIs * `Absolute` - represents valid absolute URIs * `Authority` - represents valid authority URIs The `Origin` type replaces `Uri` in many cases: * As fields and method inputs of `Route` * The `&Uri` request guard is now `&Origin` * The `uri!` macro produces an `Origin` instead of a `Uri` The strict nature of URI parsing cascaded into the following changes: * Several `Route` methods now `panic!` on invalid URIs * The `Rocket::mount()` method is (correctly) stricter with URIs * The `Redirect` constructors take a `TryInto<Uri>` type * Dispatching of a `LocalRequest` correctly validates URIs Overall, URIs are now properly and uniformly handled throughout Rocket's codebase, resulting in a more reliable and correct system. In addition to these URI changes, the following changes are also part of this commit: * The `LocalRequest::cloned_dispatch()` method was removed in favor of chaining `.clone().dispatch()`. * The entire Rocket codebase uses `crate` instead of `pub(crate)` as a visibility modifier. * Rocket uses the `crate_visibility_modifier` and `try_from` features. A note on unsafety: this commit introduces many uses of `unsafe` in the URI parser. All of these uses are a result of unsafely transforming byte slices (`&[u8]` or similar) into strings (`&str`). The parser ensures that these casts are safe, but of course, we must label their use `unsafe`. The parser was written to be as generic and efficient as possible and thus can parse directly from byte sources. Rocket, however, does not make use of this fact and so would be able to remove all uses of `unsafe` by parsing from an existing `&str`. This should be considered in the future. Fixes #443. Resolves #263.
2018-07-29 01:26:15 +00:00
use http::uri::Origin;
use http::Method::*;
type SimpleRoute = (Method, &'static str);
fn m_collide(a: SimpleRoute, b: SimpleRoute) -> bool {
let route_a = Route::new(a.0, a.1, dummy_handler);
route_a.collides_with(&Route::new(b.0, b.1, dummy_handler))
}
2016-04-02 08:46:41 +00:00
fn unranked_collide(a: &'static str, b: &'static str) -> bool {
let route_a = Route::ranked(0, Get, a, dummy_handler);
let route_b = Route::ranked(0, Get, b, dummy_handler);
Overhaul URI types. This is fairly large commit with several entangled logical changes. The primary change in this commit is to completely overhaul how URI handling in Rocket works. Prior to this commit, the `Uri` type acted as an origin API. Its parser was minimal and lenient, allowing URIs that were invalid according to RFC 7230. By contrast, the new `Uri` type brings with it a strict RFC 7230 compliant parser. The `Uri` type now represents any kind of valid URI, not simply `Origin` types. Three new URI types were introduced: * `Origin` - represents valid origin URIs * `Absolute` - represents valid absolute URIs * `Authority` - represents valid authority URIs The `Origin` type replaces `Uri` in many cases: * As fields and method inputs of `Route` * The `&Uri` request guard is now `&Origin` * The `uri!` macro produces an `Origin` instead of a `Uri` The strict nature of URI parsing cascaded into the following changes: * Several `Route` methods now `panic!` on invalid URIs * The `Rocket::mount()` method is (correctly) stricter with URIs * The `Redirect` constructors take a `TryInto<Uri>` type * Dispatching of a `LocalRequest` correctly validates URIs Overall, URIs are now properly and uniformly handled throughout Rocket's codebase, resulting in a more reliable and correct system. In addition to these URI changes, the following changes are also part of this commit: * The `LocalRequest::cloned_dispatch()` method was removed in favor of chaining `.clone().dispatch()`. * The entire Rocket codebase uses `crate` instead of `pub(crate)` as a visibility modifier. * Rocket uses the `crate_visibility_modifier` and `try_from` features. A note on unsafety: this commit introduces many uses of `unsafe` in the URI parser. All of these uses are a result of unsafely transforming byte slices (`&[u8]` or similar) into strings (`&str`). The parser ensures that these casts are safe, but of course, we must label their use `unsafe`. The parser was written to be as generic and efficient as possible and thus can parse directly from byte sources. Rocket, however, does not make use of this fact and so would be able to remove all uses of `unsafe` by parsing from an existing `&str`. This should be considered in the future. Fixes #443. Resolves #263.
2018-07-29 01:26:15 +00:00
eprintln!("Checking {} against {}.", route_a, route_b);
route_a.collides_with(&route_b)
}
fn s_s_collide(a: &'static str, b: &'static str) -> bool {
let a = Route::new(Get, a, dummy_handler);
let b = Route::new(Get, b, dummy_handler);
2018-09-25 02:44:25 +00:00
paths_collide(&a, &b)
}
#[test]
fn simple_collisions() {
2016-04-02 08:46:41 +00:00
assert!(unranked_collide("/a", "/a"));
assert!(unranked_collide("/hello", "/hello"));
assert!(unranked_collide("/hello", "/hello/"));
assert!(unranked_collide("/hello/there/how/ar", "/hello/there/how/ar"));
assert!(unranked_collide("/hello/there", "/hello/there/"));
}
#[test]
fn simple_param_collisions() {
2016-04-02 08:46:41 +00:00
assert!(unranked_collide("/hello/<name>", "/hello/<person>"));
assert!(unranked_collide("/hello/<name>/hi", "/hello/<person>/hi"));
assert!(unranked_collide("/hello/<name>/hi/there", "/hello/<person>/hi/there"));
assert!(unranked_collide("/<name>/hi/there", "/<person>/hi/there"));
assert!(unranked_collide("/<name>/hi/there", "/dude/<name>/there"));
assert!(unranked_collide("/<name>/<a>/<b>", "/<a>/<b>/<c>"));
assert!(unranked_collide("/<name>/<a>/<b>/", "/<a>/<b>/<c>/"));
2016-09-08 07:02:17 +00:00
assert!(unranked_collide("/<a..>", "/hi"));
assert!(unranked_collide("/<a..>", "/hi/hey"));
assert!(unranked_collide("/<a..>", "/hi/hey/hayo"));
assert!(unranked_collide("/a/<a..>", "/a/hi/hey/hayo"));
assert!(unranked_collide("/a/<b>/<a..>", "/a/hi/hey/hayo"));
assert!(unranked_collide("/a/<b>/<c>/<a..>", "/a/hi/hey/hayo"));
assert!(unranked_collide("/<b>/<c>/<a..>", "/a/hi/hey/hayo"));
assert!(unranked_collide("/<b>/<c>/hey/hayo", "/a/hi/hey/hayo"));
}
#[test]
fn medium_param_collisions() {
2016-04-02 08:46:41 +00:00
assert!(unranked_collide("/hello/<name>", "/hello/bob"));
assert!(unranked_collide("/<name>", "//bob"));
}
#[test]
fn hard_param_collisions() {
2016-09-08 07:02:17 +00:00
assert!(unranked_collide("/<a..>", "///a///"));
assert!(unranked_collide("/<a..>", "//a/bcjdklfj//<c>"));
assert!(unranked_collide("/a/<a..>", "//a/bcjdklfj//<c>"));
assert!(unranked_collide("/a/<b>/<c..>", "//a/bcjdklfj//<c>"));
}
#[test]
fn query_collisions() {
assert!(unranked_collide("/?<a>", "/?<a>"));
assert!(unranked_collide("/a/?<a>", "/a/?<a>"));
assert!(unranked_collide("/a?<a>", "/a?<a>"));
assert!(unranked_collide("/<r>?<a>", "/<r>?<a>"));
assert!(unranked_collide("/a/b/c?<a>", "/a/b/c?<a>"));
assert!(unranked_collide("/<a>/b/c?<d>", "/a/b/<c>?<d>"));
assert!(unranked_collide("/?<a>", "/"));
assert!(unranked_collide("/a?<a>", "/a"));
assert!(unranked_collide("/a?<a>", "/a"));
assert!(unranked_collide("/a/b?<a>", "/a/b"));
assert!(unranked_collide("/a/b", "/a/b?<c>"));
}
#[test]
fn non_collisions() {
assert!(!unranked_collide("/<a>", "/"));
2016-04-02 08:46:41 +00:00
assert!(!unranked_collide("/a", "/b"));
assert!(!unranked_collide("/a/b", "/a"));
assert!(!unranked_collide("/a/b", "/a/c"));
assert!(!unranked_collide("/a/hello", "/a/c"));
assert!(!unranked_collide("/hello", "/a/c"));
assert!(!unranked_collide("/hello/there", "/hello/there/guy"));
assert!(!unranked_collide("/a/<b>", "/b/<b>"));
2016-09-08 07:02:17 +00:00
assert!(!unranked_collide("/<a..>", "/"));
assert!(!unranked_collide("/hi/<a..>", "/hi"));
assert!(!unranked_collide("/hi/<a..>", "/hi/"));
assert!(!unranked_collide("/<a..>", "//////"));
assert!(!unranked_collide("/t", "/test"));
assert!(!unranked_collide("/a", "/aa"));
assert!(!unranked_collide("/a", "/aaa"));
assert!(!unranked_collide("/", "/a"));
}
#[test]
fn query_non_collisions() {
assert!(!unranked_collide("/a?<b>", "/b"));
assert!(!unranked_collide("/a/b", "/a?<b>"));
assert!(!unranked_collide("/a/b/c?<d>", "/a/b/c/d"));
assert!(!unranked_collide("/a/hello", "/a/?<hello>"));
assert!(!unranked_collide("/?<a>", "/hi"));
}
#[test]
fn method_dependent_non_collisions() {
assert!(!m_collide((Get, "/"), (Post, "/")));
assert!(!m_collide((Post, "/"), (Put, "/")));
assert!(!m_collide((Put, "/a"), (Put, "/")));
assert!(!m_collide((Post, "/a"), (Put, "/")));
assert!(!m_collide((Get, "/a"), (Put, "/")));
assert!(!m_collide((Get, "/hello"), (Put, "/hello")));
}
Overhaul URI types. This is fairly large commit with several entangled logical changes. The primary change in this commit is to completely overhaul how URI handling in Rocket works. Prior to this commit, the `Uri` type acted as an origin API. Its parser was minimal and lenient, allowing URIs that were invalid according to RFC 7230. By contrast, the new `Uri` type brings with it a strict RFC 7230 compliant parser. The `Uri` type now represents any kind of valid URI, not simply `Origin` types. Three new URI types were introduced: * `Origin` - represents valid origin URIs * `Absolute` - represents valid absolute URIs * `Authority` - represents valid authority URIs The `Origin` type replaces `Uri` in many cases: * As fields and method inputs of `Route` * The `&Uri` request guard is now `&Origin` * The `uri!` macro produces an `Origin` instead of a `Uri` The strict nature of URI parsing cascaded into the following changes: * Several `Route` methods now `panic!` on invalid URIs * The `Rocket::mount()` method is (correctly) stricter with URIs * The `Redirect` constructors take a `TryInto<Uri>` type * Dispatching of a `LocalRequest` correctly validates URIs Overall, URIs are now properly and uniformly handled throughout Rocket's codebase, resulting in a more reliable and correct system. In addition to these URI changes, the following changes are also part of this commit: * The `LocalRequest::cloned_dispatch()` method was removed in favor of chaining `.clone().dispatch()`. * The entire Rocket codebase uses `crate` instead of `pub(crate)` as a visibility modifier. * Rocket uses the `crate_visibility_modifier` and `try_from` features. A note on unsafety: this commit introduces many uses of `unsafe` in the URI parser. All of these uses are a result of unsafely transforming byte slices (`&[u8]` or similar) into strings (`&str`). The parser ensures that these casts are safe, but of course, we must label their use `unsafe`. The parser was written to be as generic and efficient as possible and thus can parse directly from byte sources. Rocket, however, does not make use of this fact and so would be able to remove all uses of `unsafe` by parsing from an existing `&str`. This should be considered in the future. Fixes #443. Resolves #263.
2018-07-29 01:26:15 +00:00
#[test]
fn query_dependent_non_collisions() {
assert!(!m_collide((Get, "/"), (Get, "/?a")));
assert!(!m_collide((Get, "/"), (Get, "/?<a>")));
assert!(!m_collide((Get, "/a/<b>"), (Get, "/a/<b>?d")));
}
#[test]
fn test_str_non_collisions() {
assert!(!s_s_collide("/a", "/b"));
assert!(!s_s_collide("/a/b", "/a"));
assert!(!s_s_collide("/a/b", "/a/c"));
assert!(!s_s_collide("/a/hello", "/a/c"));
assert!(!s_s_collide("/hello", "/a/c"));
assert!(!s_s_collide("/hello/there", "/hello/there/guy"));
assert!(!s_s_collide("/a/<b>", "/b/<b>"));
2016-09-08 07:02:17 +00:00
assert!(!s_s_collide("/a", "/b"));
assert!(!s_s_collide("/a/b", "/a"));
assert!(!s_s_collide("/a/b", "/a/c"));
assert!(!s_s_collide("/a/hello", "/a/c"));
assert!(!s_s_collide("/hello", "/a/c"));
assert!(!s_s_collide("/hello/there", "/hello/there/guy"));
assert!(!s_s_collide("/a/<b>", "/b/<b>"));
assert!(!s_s_collide("/a", "/b"));
assert!(!s_s_collide("/a/b", "/a"));
assert!(!s_s_collide("/a/b", "/a/c"));
assert!(!s_s_collide("/a/hello", "/a/c"));
assert!(!s_s_collide("/hello", "/a/c"));
assert!(!s_s_collide("/hello/there", "/hello/there/guy"));
assert!(!s_s_collide("/a/<b>", "/b/<b>"));
assert!(!s_s_collide("/<a..>", "/"));
assert!(!s_s_collide("/hi/<a..>", "/hi/"));
assert!(!s_s_collide("/a/hi/<a..>", "/a/hi/"));
assert!(!s_s_collide("/t", "/test"));
assert!(!s_s_collide("/a", "/aa"));
assert!(!s_s_collide("/a", "/aaa"));
assert!(!s_s_collide("/", "/a"));
}
fn mt_mt_collide(mt1: &str, mt2: &str) -> bool {
let mt_a = MediaType::from_str(mt1).expect(mt1);
let mt_b = MediaType::from_str(mt2).expect(mt2);
2018-09-25 02:44:25 +00:00
media_types_collide(&mt_a, &mt_b)
}
#[test]
fn test_content_type_colliions() {
assert!(mt_mt_collide("application/json", "application/json"));
assert!(mt_mt_collide("*/json", "application/json"));
assert!(mt_mt_collide("*/*", "application/json"));
assert!(mt_mt_collide("application/*", "application/json"));
assert!(mt_mt_collide("application/*", "*/json"));
assert!(mt_mt_collide("something/random", "something/random"));
assert!(!mt_mt_collide("text/*", "application/*"));
assert!(!mt_mt_collide("*/text", "*/json"));
assert!(!mt_mt_collide("*/text", "application/test"));
assert!(!mt_mt_collide("something/random", "something_else/random"));
assert!(!mt_mt_collide("something/random", "*/else"));
assert!(!mt_mt_collide("*/random", "*/else"));
assert!(!mt_mt_collide("something/*", "random/else"));
}
fn r_mt_mt_collide<S1, S2>(m: Method, mt1: S1, mt2: S2) -> bool
where S1: Into<Option<&'static str>>, S2: Into<Option<&'static str>>
{
let mut route_a = Route::new(m, "/", dummy_handler);
if let Some(mt_str) = mt1.into() {
route_a.format = Some(mt_str.parse::<MediaType>().unwrap());
}
let mut route_b = Route::new(m, "/", dummy_handler);
if let Some(mt_str) = mt2.into() {
route_b.format = Some(mt_str.parse::<MediaType>().unwrap());
}
route_a.collides_with(&route_b)
}
#[test]
fn test_route_content_type_colliions() {
// non-payload bearing routes always collide
assert!(r_mt_mt_collide(Get, "application/json", "application/json"));
assert!(r_mt_mt_collide(Get, "*/json", "application/json"));
assert!(r_mt_mt_collide(Get, "*/json", "application/*"));
assert!(r_mt_mt_collide(Get, "text/html", "text/*"));
assert!(r_mt_mt_collide(Get, "any/thing", "*/*"));
assert!(r_mt_mt_collide(Get, None, "text/*"));
assert!(r_mt_mt_collide(Get, None, "text/html"));
assert!(r_mt_mt_collide(Get, None, "*/*"));
assert!(r_mt_mt_collide(Get, "text/html", None));
assert!(r_mt_mt_collide(Get, "*/*", None));
assert!(r_mt_mt_collide(Get, "application/json", None));
assert!(r_mt_mt_collide(Get, "application/*", "text/*"));
assert!(r_mt_mt_collide(Get, "application/json", "text/*"));
assert!(r_mt_mt_collide(Get, "application/json", "text/html"));
assert!(r_mt_mt_collide(Get, "text/html", "text/html"));
// payload bearing routes collide if the media types collide
assert!(r_mt_mt_collide(Post, "application/json", "application/json"));
assert!(r_mt_mt_collide(Post, "*/json", "application/json"));
assert!(r_mt_mt_collide(Post, "*/json", "application/*"));
assert!(r_mt_mt_collide(Post, "text/html", "text/*"));
assert!(r_mt_mt_collide(Post, "any/thing", "*/*"));
assert!(r_mt_mt_collide(Post, None, "text/*"));
assert!(r_mt_mt_collide(Post, None, "text/html"));
assert!(r_mt_mt_collide(Post, None, "*/*"));
assert!(r_mt_mt_collide(Post, "text/html", None));
assert!(r_mt_mt_collide(Post, "*/*", None));
assert!(r_mt_mt_collide(Post, "application/json", None));
assert!(!r_mt_mt_collide(Post, "text/html", "application/*"));
assert!(!r_mt_mt_collide(Post, "application/html", "text/*"));
assert!(!r_mt_mt_collide(Post, "*/json", "text/html"));
assert!(!r_mt_mt_collide(Post, "text/html", "text/css"));
assert!(!r_mt_mt_collide(Post, "other/html", "text/html"));
}
fn req_route_mt_collide<S1, S2>(m: Method, mt1: S1, mt2: S2) -> bool
where S1: Into<Option<&'static str>>, S2: Into<Option<&'static str>>
{
let rocket = Rocket::custom(Config::development());
Overhaul URI types. This is fairly large commit with several entangled logical changes. The primary change in this commit is to completely overhaul how URI handling in Rocket works. Prior to this commit, the `Uri` type acted as an origin API. Its parser was minimal and lenient, allowing URIs that were invalid according to RFC 7230. By contrast, the new `Uri` type brings with it a strict RFC 7230 compliant parser. The `Uri` type now represents any kind of valid URI, not simply `Origin` types. Three new URI types were introduced: * `Origin` - represents valid origin URIs * `Absolute` - represents valid absolute URIs * `Authority` - represents valid authority URIs The `Origin` type replaces `Uri` in many cases: * As fields and method inputs of `Route` * The `&Uri` request guard is now `&Origin` * The `uri!` macro produces an `Origin` instead of a `Uri` The strict nature of URI parsing cascaded into the following changes: * Several `Route` methods now `panic!` on invalid URIs * The `Rocket::mount()` method is (correctly) stricter with URIs * The `Redirect` constructors take a `TryInto<Uri>` type * Dispatching of a `LocalRequest` correctly validates URIs Overall, URIs are now properly and uniformly handled throughout Rocket's codebase, resulting in a more reliable and correct system. In addition to these URI changes, the following changes are also part of this commit: * The `LocalRequest::cloned_dispatch()` method was removed in favor of chaining `.clone().dispatch()`. * The entire Rocket codebase uses `crate` instead of `pub(crate)` as a visibility modifier. * Rocket uses the `crate_visibility_modifier` and `try_from` features. A note on unsafety: this commit introduces many uses of `unsafe` in the URI parser. All of these uses are a result of unsafely transforming byte slices (`&[u8]` or similar) into strings (`&str`). The parser ensures that these casts are safe, but of course, we must label their use `unsafe`. The parser was written to be as generic and efficient as possible and thus can parse directly from byte sources. Rocket, however, does not make use of this fact and so would be able to remove all uses of `unsafe` by parsing from an existing `&str`. This should be considered in the future. Fixes #443. Resolves #263.
2018-07-29 01:26:15 +00:00
let mut req = Request::new(&rocket, m, Origin::dummy());
if let Some(mt_str) = mt1.into() {
if m.supports_payload() {
req.replace_header(mt_str.parse::<ContentType>().unwrap());
} else {
req.replace_header(mt_str.parse::<Accept>().unwrap());
}
}
let mut route = Route::new(m, "/", dummy_handler);
if let Some(mt_str) = mt2.into() {
route.format = Some(mt_str.parse::<MediaType>().unwrap());
}
2018-09-25 02:44:25 +00:00
route.matches(&req)
}
#[test]
fn test_req_route_mt_collisions() {
assert!(req_route_mt_collide(Post, "application/json", "application/json"));
assert!(req_route_mt_collide(Post, "application/json", "application/*"));
assert!(req_route_mt_collide(Post, "application/json", "*/json"));
assert!(req_route_mt_collide(Post, "text/html", "*/*"));
assert!(req_route_mt_collide(Get, "application/json", "application/json"));
assert!(req_route_mt_collide(Get, "text/html", "text/html"));
assert!(req_route_mt_collide(Get, "text/html", "*/*"));
assert!(req_route_mt_collide(Get, None, "*/*"));
assert!(req_route_mt_collide(Get, None, "text/*"));
assert!(req_route_mt_collide(Get, None, "text/html"));
assert!(req_route_mt_collide(Get, None, "application/json"));
assert!(req_route_mt_collide(Post, "text/html", None));
assert!(req_route_mt_collide(Post, "application/json", None));
assert!(req_route_mt_collide(Post, "x-custom/anything", None));
assert!(req_route_mt_collide(Post, None, None));
assert!(req_route_mt_collide(Get, "text/html", None));
assert!(req_route_mt_collide(Get, "application/json", None));
assert!(req_route_mt_collide(Get, "x-custom/anything", None));
assert!(req_route_mt_collide(Get, None, None));
assert!(req_route_mt_collide(Get, None, "text/html"));
assert!(req_route_mt_collide(Get, None, "application/json"));
assert!(req_route_mt_collide(Get, "text/html, text/plain", "text/html"));
assert!(req_route_mt_collide(Get, "text/html; q=0.5, text/xml", "text/xml"));
assert!(!req_route_mt_collide(Post, None, "text/html"));
assert!(!req_route_mt_collide(Post, None, "text/*"));
assert!(!req_route_mt_collide(Post, None, "*/text"));
assert!(!req_route_mt_collide(Post, None, "*/*"));
assert!(!req_route_mt_collide(Post, None, "text/html"));
assert!(!req_route_mt_collide(Post, None, "application/json"));
assert!(!req_route_mt_collide(Post, "application/json", "text/html"));
assert!(!req_route_mt_collide(Post, "application/json", "text/*"));
assert!(!req_route_mt_collide(Post, "application/json", "*/xml"));
assert!(!req_route_mt_collide(Get, "application/json", "text/html"));
assert!(!req_route_mt_collide(Get, "application/json", "text/*"));
assert!(!req_route_mt_collide(Get, "application/json", "*/xml"));
assert!(!req_route_mt_collide(Post, None, "text/html"));
assert!(!req_route_mt_collide(Post, None, "application/json"));
}
fn req_route_path_match(a: &'static str, b: &'static str) -> bool {
let rocket = Rocket::custom(Config::development());
Overhaul URI types. This is fairly large commit with several entangled logical changes. The primary change in this commit is to completely overhaul how URI handling in Rocket works. Prior to this commit, the `Uri` type acted as an origin API. Its parser was minimal and lenient, allowing URIs that were invalid according to RFC 7230. By contrast, the new `Uri` type brings with it a strict RFC 7230 compliant parser. The `Uri` type now represents any kind of valid URI, not simply `Origin` types. Three new URI types were introduced: * `Origin` - represents valid origin URIs * `Absolute` - represents valid absolute URIs * `Authority` - represents valid authority URIs The `Origin` type replaces `Uri` in many cases: * As fields and method inputs of `Route` * The `&Uri` request guard is now `&Origin` * The `uri!` macro produces an `Origin` instead of a `Uri` The strict nature of URI parsing cascaded into the following changes: * Several `Route` methods now `panic!` on invalid URIs * The `Rocket::mount()` method is (correctly) stricter with URIs * The `Redirect` constructors take a `TryInto<Uri>` type * Dispatching of a `LocalRequest` correctly validates URIs Overall, URIs are now properly and uniformly handled throughout Rocket's codebase, resulting in a more reliable and correct system. In addition to these URI changes, the following changes are also part of this commit: * The `LocalRequest::cloned_dispatch()` method was removed in favor of chaining `.clone().dispatch()`. * The entire Rocket codebase uses `crate` instead of `pub(crate)` as a visibility modifier. * Rocket uses the `crate_visibility_modifier` and `try_from` features. A note on unsafety: this commit introduces many uses of `unsafe` in the URI parser. All of these uses are a result of unsafely transforming byte slices (`&[u8]` or similar) into strings (`&str`). The parser ensures that these casts are safe, but of course, we must label their use `unsafe`. The parser was written to be as generic and efficient as possible and thus can parse directly from byte sources. Rocket, however, does not make use of this fact and so would be able to remove all uses of `unsafe` by parsing from an existing `&str`. This should be considered in the future. Fixes #443. Resolves #263.
2018-07-29 01:26:15 +00:00
let req = Request::new(&rocket, Get, Origin::parse(a).expect("valid URI"));
let route = Route::ranked(0, Get, b.to_string(), dummy_handler);
2018-09-25 02:44:25 +00:00
route.matches(&req)
}
#[test]
fn test_req_route_query_collisions() {
assert!(req_route_path_match("/a/b?a=b", "/a/b?<c>"));
assert!(req_route_path_match("/a/b?a=b", "/<a>/b?<c>"));
assert!(req_route_path_match("/a/b?a=b", "/<a>/<b>?<c>"));
assert!(req_route_path_match("/a/b?a=b", "/a/<b>?<c>"));
assert!(req_route_path_match("/?b=c", "/?<b>"));
assert!(req_route_path_match("/a/b?a=b", "/a/b"));
assert!(req_route_path_match("/a/b", "/a/b"));
assert!(req_route_path_match("/a/b/c/d?", "/a/b/c/d"));
assert!(req_route_path_match("/a/b/c/d?v=1&v=2", "/a/b/c/d"));
assert!(req_route_path_match("/a/b", "/a/b?<c>"));
assert!(req_route_path_match("/a/b", "/a/b?<c..>"));
assert!(req_route_path_match("/a/b?c", "/a/b?c"));
assert!(req_route_path_match("/a/b?c", "/a/b?<c>"));
assert!(req_route_path_match("/a/b?c=foo&d=z", "/a/b?<c>"));
assert!(req_route_path_match("/a/b?c=foo&d=z", "/a/b?<c..>"));
assert!(req_route_path_match("/a/b?c=foo&d=z", "/a/b?c=foo&<c..>"));
assert!(req_route_path_match("/a/b?c=foo&d=z", "/a/b?d=z&<c..>"));
assert!(!req_route_path_match("/a/b/c", "/a/b?<c>"));
assert!(!req_route_path_match("/a?b=c", "/a/b?<c>"));
assert!(!req_route_path_match("/?b=c", "/a/b?<c>"));
assert!(!req_route_path_match("/?b=c", "/a?<c>"));
assert!(!req_route_path_match("/a/b?c=foo&d=z", "/a/b?a=b&<c..>"));
assert!(!req_route_path_match("/a/b?c=foo&d=z", "/a/b?d=b&<c..>"));
assert!(!req_route_path_match("/a/b", "/a/b?c"));
assert!(!req_route_path_match("/a/b", "/a/b?foo"));
assert!(!req_route_path_match("/a/b", "/a/b?foo&<rest..>"));
assert!(!req_route_path_match("/a/b", "/a/b?<a>&b&<rest..>"));
}
}