From 0666e425fe7e726995dcf5894958a69987e6054e Mon Sep 17 00:00:00 2001
From: Jeb Rosen <jeb@jebrosen.com>
Date: Sat, 4 May 2019 08:38:11 -0700
Subject: [PATCH] Add a few missing pieces of 'compression' documentation.

---
 contrib/lib/src/compression/fairing.rs | 9 ++++++++-
 contrib/lib/src/compression/mod.rs     | 7 +++++++
 site/guide/5-responses.md              | 2 ++
 3 files changed, 17 insertions(+), 1 deletion(-)

diff --git a/contrib/lib/src/compression/fairing.rs b/contrib/lib/src/compression/fairing.rs
index f2d1d700..2e10d5e2 100644
--- a/contrib/lib/src/compression/fairing.rs
+++ b/contrib/lib/src/compression/fairing.rs
@@ -39,7 +39,14 @@ impl Default for Context {
 /// - `application/octet-stream`
 ///
 /// The excluded types can be changed changing the `compress.exclude` Rocket
-/// configuration property.
+/// configuration property in Rocket.toml. The default `Content-Type` exclusions
+/// will be ignored if this is set, and must be added back in one by one if
+/// desired.
+///
+/// ```toml
+/// [global.compress]
+/// exclude = ["video/*", "application/x-xz"]
+/// ```
 ///
 /// # Usage
 ///
diff --git a/contrib/lib/src/compression/mod.rs b/contrib/lib/src/compression/mod.rs
index 8e6a7e69..85cd1904 100644
--- a/contrib/lib/src/compression/mod.rs
+++ b/contrib/lib/src/compression/mod.rs
@@ -15,6 +15,13 @@
 //! default-features = false
 //! features = ["compression"]
 //! ```
+//!
+//! # Security Implications
+//!
+//! In some cases, HTTP compression on a site served over HTTPS can make a web
+//! application vulnerable to attacks including BREACH. These risks should be
+//! evaluated in the context of your application before enabling compression.
+//!
 #[cfg(feature="brotli_compression")] extern crate brotli;
 #[cfg(feature="gzip_compression")] extern crate flate2;
 
diff --git a/site/guide/5-responses.md b/site/guide/5-responses.md
index 7410468a..8b6e1b5e 100644
--- a/site/guide/5-responses.md
+++ b/site/guide/5-responses.md
@@ -241,6 +241,7 @@ library. Among these are:
   * [`Json`] - Automatically serializes values into JSON.
   * [`MsgPack`] - Automatically serializes values into MessagePack.
   * [`Template`] - Renders a dynamic template using handlebars or Tera.
+  * [`Compress`] - Compresses a response at the HTTP layer.
 
 [`status`]: @api/rocket/response/status/
 [`response`]: @api/rocket/response/
@@ -250,6 +251,7 @@ library. Among these are:
 [`Stream`]: @api/rocket/response/struct.Stream.html
 [`Flash`]: @api/rocket/response/struct.Flash.html
 [`MsgPack`]: @api/rocket_contrib/msgpack/struct.MsgPack.html
+[`Compress`]: @api/rocket_contrib/compression/struct.Compress.html
 
 ### Streaming