rwf2
/
Rocket
mirror of https://github.com/rwf2/Rocket.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fix URI normalization checks in 'Rocket::mount()'.

This commit is contained in:
Sergio Benitez 2018-07-29 18:24:25 -07:00
parent 56c6a96f6a
commit b0f86dcba0
3 changed files with 22 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
core/lib/src/rocket.rs
View File

@ -499,22 +499,28 @@ impl Rocket {
Paint::blue(base)); Paint::blue(base));
if base.contains('<') || base.contains('>') { if base.contains('<') || base.contains('>') {
error_!("Invalid mount point: {}", base); error_!("Mount point '{}' contains dynamic paramters.", base);
panic!("Mount points cannot contain dynamic parameters"); panic!("Invalid mount point.");
}
let base_uri = Origin::parse(base)
.unwrap_or_else(|e| {
error_!("Invalid origin URI '{}' used as mount point.", base);
panic!("Error: {}", e);
});
if base_uri.query().is_some() {
error_!("Mount point '{}' contains query string.", base);
panic!("Invalid mount point.");
}
if !base_uri.is_normalized() {
error_!("Mount point '{}' is not normalized.", base_uri);
info_!("Expected: '{}'.", base_uri.to_normalized());
panic!("Invalid mount point.");
} }
for mut route in routes { for mut route in routes {
let base_uri = Origin::parse(base)
.unwrap_or_else(|e| {
error_!("Invalid origin URI used as mount point: {}", base);
panic!("Error: {}", e);
});
if base_uri.query().is_some() {
error_!("Mount point cannot contain a query string: {}", base_uri);
panic!("Invalid mount point.");
}
let complete_uri = format!("{}/{}", base_uri, route.uri); let complete_uri = format!("{}/{}", base_uri, route.uri);
let uri = Origin::parse_route(&complete_uri) let uri = Origin::parse_route(&complete_uri)
.unwrap_or_else(|e| { .unwrap_or_else(|e| {
@ -522,11 +528,7 @@ impl Rocket {
panic!("Error: {}", e) panic!("Error: {}", e)
}); });
if !uri.is_normalized() { route.set_base(base_uri.clone());
warn_!("Abnormal URI '{}' will be automatically normalized.", uri);
}
route.set_base(base_uri);
route.set_uri(uri.to_normalized()); route.set_uri(uri.to_normalized());
info_!("{}", route); info_!("{}", route);

1
core/lib/src/router/route.rs
View File

@ -266,6 +266,7 @@ impl fmt::Debug for Route {
#[doc(hidden)] #[doc(hidden)]
impl<'a> From<&'a StaticRouteInfo> for Route { impl<'a> From<&'a StaticRouteInfo> for Route {
fn from(info: &'a StaticRouteInfo) -> Route { fn from(info: &'a StaticRouteInfo) -> Route {
// This should never panic since `info.path` is statically checked.
let mut route = Route::new(info.method, info.path, info.handler); let mut route = Route::new(info.method, info.path, info.handler);
route.format = info.format.clone(); route.format = info.format.clone();
route.name = Some(info.name); route.name = Some(info.name);

2
examples/todo/src/main.rs
View File

@ -80,7 +80,7 @@ fn rocket() -> (Rocket, Option<db::Conn>) {
let rocket = rocket::ignite() let rocket = rocket::ignite()
.manage(pool) .manage(pool)
.mount("/", routes![index, static_files::all]) .mount("/", routes![index, static_files::all])
.mount("/todo/", routes![new, toggle, delete]) .mount("/todo", routes![new, toggle, delete])
.attach(Template::fairing()); .attach(Template::fairing());
(rocket, conn) (rocket, conn)