This allows responses to be sent to the client even when data is only
partially read, significantly improving the experience for the client
from one with a "connection closed" error to one with a proper response.
The consequence is a lifetime in 'Data'.
Though other non-lifetime-introducing solutions exist, the introduction
of a lifetime to 'Data' is a longstanding desire as it prevents
smuggling 'Data' into a longer-lived context. Use of 'Data' in that
context was unspecified with various runtime consequences. The addition
of a lifetime bound by the request prevents this error statically.
In summary, the changes are:
* Clients receive responses even when data isn't fully read.
* 'Data' becomes 'Data<'r>'. 'FromData' changes accordingly.
* Route 'Outcome's are strictly tied to the request lifetime.
Tangentially, the invalid length form field validation error message has
improved to format length in byte units if it exceeds 1024.
If stars aligned properly, we might imagine writing this:
#[non_exhaustive]
struct Config {
pub field: Foo,
pub other: Bar,
}
...with semantics that would allow the defining crate (here, Rocket), to
construct the structure directly while consumers would need to use
public constructors or struct update syntax:
Config {
field: Foo,
other: Bar,
..Default::default()
}
Alas, this is not the way `non_exhaustive` works on structs. You cannot
use field-update syntax to construct `Config` above. You must use public
constructors. This means builder methods or mutating an already built
struct. This is not what we want.
I don't know why it works this way. I don't see why it must. Something
something Drop.
So we have this hack from the pre-non_exhaustive era.
This resolves syntax ambiguity issues with public typed-stream macros.
Prior to this commit, greedy single-token matching by macro-rules macros
would result in certain tokens at the beginning of the macro input, such
as 'for', inadvertently triggering a '$ty' matching case resulting in
incorrect expansion.
This commit makes the following improvements to core request handling:
* Absolute target URIs are not rejected. Instead, the path and query
parts are passed through the application. This resolves an issue
where certain HTTP/2 requests would be rejected by Rocket.
* Data is never copied from the request. Previously, Rocket would copy
and allocate for incoming headers.
* Non-UTF-8 headers are dropped with a warning instead of being
lossily, and thus perhaps incorrectly, decoded as UTF-8. The final
fix is to properly support non-UTF-8 headers, no matter how in the
minority they are.
Resolves#1498.
This follows the completed graduation of stable contrib features into
core, removing 'rocket_contrib' in its entirety in favor of two new
crates. These crates are versioned independently of Rocket's core
libraries, allowing upgrades to dependencies without consideration for
versions in core libraries.
'rocket_dyn_templates' replaces the contrib 'templates' features. While
largely a 1-to-1 copy, it makes the following changes:
* the 'tera_templates' feature is now 'tera'
* the 'handlebars_templates' feature is now 'handlebars'
* fails to compile if neither 'tera' nor 'handlebars' is enabled
'rocket_sync_db_pools' replaces the contrib 'database' features. It
makes no changes to the replaced features except that the `database`
attribute is properly documented at the crate root.
This changes 'TempFile' doctests so that different file names are used
across them, avoiding race conditions where one test deletes a file
another test just created and thus expects to subsequently exist.
This has the following nice benefits:
* The 'Uuid' wrapper type is gone.
* 'Uuid' implements 'UriDisplay', 'FromUriParam'.
* The 'serialization' example merges in 'uuid'.
Resolves#1299.
The 'SpaceHelmet' fairing is now called 'Shield'. It features the
following changes and improvements:
* Headers which are now ignored by browsers are removed.
* 'XssFilter' is no longer an on-by-default policy.
* A new 'Permission' policy is introduced.
* 'Shield' is attached to all 'Rocket' instances by default.
* Default headers never allocate on 'Clone'.
* Policy headers are rendered once and cached at start-up.
* Improved use of typed URIs in policy types.
A singleton fairing is guaranteed to be the only instance of its type at
launch time. If more than one instance of a singleton fairing is
attached, only the last instance is retained.
Previously, if a panic occurred with an 'Error' on the stack, 'Error'
would panic as usual during unwinding. This resulted in a double panic.
This commit makes 'Error' detect if a panic is already occurring and
omits its own panic if it is.
This has the following nice benefits:
* The 'JsonValue' wrapper type is gone.
* 'Local{Request, Response}' natively support JSON/MessagePack.
* The 'json' and 'msgpack' limits are officially recognized.
* Soon, Rocket application will not require an explicit 'serde' dep.
This marks the beginning of the end of 'rocket_contrib'.
This commit entirely rewrites Rocket's URI parsing routines and
overhauls the 'uri!' macro resolving all known issues and removing any
potential limitations for compile-time URI creation. This commit:
* Introduces a new 'Reference' URI variant for URI-references.
* Modifies 'Redirect' to accept 'TryFrom<Reference>'.
* Introduces a new 'Asterisk' URI variant for parity.
* Allows creation of any URI type from a string literal via 'uri!'.
* Enables dynamic/static prefixing/suffixing of route URIs in 'uri!'.
* Unifies 'Segments' and 'QuerySegments' into one generic 'Segments'.
* Consolidates URI formatting types/traits into a 'uri::fmt' module.
* Makes APIs more symmetric across URI types.
It also includes the following less-relevant changes:
* Implements 'FromParam' for a single-segment 'PathBuf'.
* Adds 'FileName::is_safe()'.
* No longer reparses upstream request URIs.
Resolves#842.
Resolves#853.
Resolves#998.
This has the following positive effects:
1) The lifetime retrieved through 'Deref' is now long-lived.
2) An '&State<T>` can be created via an '&T'.
3) '&State<T>' is shorter to type than 'State<'_, T>'.
The crux of the implementation is as follows:
* Configurable ctrl-c, signals that trigger a graceful shutdown.
* Configurable grace period before forced I/O termination.
* Programatic triggering via an application-wide method.
* A future (`Shutdown`) that resolves only when shutdown is requested.
Resolves#180.
This is a breaking change for many consumers of the 'Response' and all
consumers of the 'Body' API. The summary of breaking changes is:
* 'Response::body()', 'Response::body_mut()' are infallible.
* A 'Body' can represent an empty body in more cases.
* 'ResponseBuilder' is now simply 'Builder'.
* Direct body read methods on 'Response' were removed in favor of
chaining through 'body_mut()': 'r.body_mut().to_string()'.
* Notion of a 'chunked_body' was removed as it was inaccurate.
* Maximum chunk size can be set on any body.
* 'Response' no longer implements 'Responder'.
A few bugs were fixed in the process. Specifically, 'Body' will emit an
accurate size even for bodies that are partially read, and the size of
seek-determined bodies is emitted on HEAD request where it wasn't
before. Specifics on transport were clarified, and 'Body' docs greatly
improved as a result.
This removes the export of each of these macros from the root, limiting
their export-scope to their respective module. This is accomplished
using a new internal macro, 'export!', which does some "magic" to work
around rustdoc deficiencies.
This commit includes changes that improve how and what Rocket logs
automatically. Rocket now logs:
* All guard errors, indicating the failing guard kind and type.
* A warning when a 'TempFile' is used as a data guard for a request
that specifies a 'form' Content-Type.
* Only the top/sub of a request's format.
This commit makes the following breaking changes:
* '<T as FromData>::Error' must implement 'Debug'.
Furthermore, this commit restores the previous behavior of always
logging launch info. It further restores the unspecified behavior of
modifying logging state only when the set logger is Rocket's logger.
Sentinels resolve a long-standing usability and functional correctness
issue in Rocket: starting an application with guards and/or responders
that depend on state that isn't available. The canonical example is the
'State' guard. Prior to this commit, an application with routes that
queried unmanaged state via 'State' would fail at runtime. With this
commit, the application refuses to launch with a detailed error message.
The 'Sentinel' docs explains it as:
A sentinel, automatically run on ignition, can trigger a launch
abort should an instance fail to meet arbitrary conditions. Every
type that appears in a mounted route's type signature is eligible to
be a sentinel. Of these, those that implement 'Sentinel' have their
'abort()' method invoked automatically, immediately after ignition,
once for each unique type. Sentinels inspect the finalized instance
of 'Rocket' and can trigger a launch abort by returning 'true'.
The following types are now sentinels:
* 'contrib::databases::Connection' (any '#[database]' type)
* 'contrib::templates::Metadata'
* 'contrib::templates::Template'
* 'core::State'
The following are "specialized" sentinels, which allow sentinel
discovery even through type aliases:
* 'Option<T>', 'Debug<T>' if 'T: Sentinel'
* 'Result<T, E>', 'Either<T, E>' if 'T: Sentinel', 'E: Sentinel'
Closes#464.
The core 'Rocket' type is parameterized: 'Rocket<P: Phase>', where
'Phase' is a newly introduced, sealed marker trait. The trait is
implemented by three new marker types representing the three launch
phases: 'Build', 'Ignite', and 'Orbit'. Progression through these three
phases, in order, is enforced, as are the invariants guaranteed by each
phase. In particular, an instance of 'Rocket' is guaranteed to be in its
final configuration after the 'Build' phase and represent a running
local or public server in the 'Orbit' phase. The 'Ignite' phase serves
as an intermediate, enabling inspection of a finalized but stationary
instance. Transition between phases validates the invariants required
by the transition.
All APIs have been adjusted appropriately, requiring either an instance
of 'Rocket' in a particular phase ('Rocket<Build>', 'Rocket<Ignite>', or
'Rocket<Orbit>') or operating generically on a 'Rocket<P>'.
Documentation is also updated and substantially improved to mention
required and guaranteed invariants.
Additionally, this commit makes the following relevant changes:
* 'Rocket::ignite()' is now a public interface.
* 'Rocket::{build,custom}' methods can no longer panic.
* 'Launch' fairings are now 'ignite' fairings.
* 'Liftoff' fairings are always run, even in local mode.
* All 'ignite' fairings run concurrently at ignition.
* Launch logging occurs on launch, not any point prior.
* Launch log messages have improved formatting.
* A new launch error kind, 'Config', was added.
* A 'fairing::Result' type alias was introduced.
* 'Shutdown::shutdown()' is now 'Shutdown::notify()'.
Some internal changes were also introduced:
* Fairing 'Info' name for 'Templates' is now 'Templating'.
* Shutdown is implemented using 'tokio::sync::Notify'.
* 'Client::debug()' is used nearly universally in tests.
Resolves#1154.
Resolves#1136.
...because loading up a Rocket while it's ignited is a bad idea.
More seriously, because 'Rocket.ignite()' will become an "execute
everything up to here" method.
The new examples directory...
* Contains a `README.md` explaining each example.
* Consolidates examples into more complete chunks.
* Is just better.
Resolves#1447.
The options set WAL, a 1s busy timeout, and enables foreign keys.
This also adds a focused 'databases::Config::figment()', used to
retrieve a focused figment for a given config.
This is now consistent with the serialization of 'Flash' and better
illustrates the purpose of the late 'name' property.
Additionally, take 'Into<String>' instead of 'AsRef<str>' so we only
allocate when necessary.
Launch fairings are now fallible and take the place of attach fairings,
but they are only run, as the name implies, at launch time.
This is is a fundamental shift from eager execution of set-up routines,
including the now defunct attach fairings, to lazy execution,
precipitated by the transition to `async`. The previous functionality,
while simple, caused grave issues:
1. A instance of 'Rocket' with async attach fairings requires an async
runtime to be constructed.
2. The instance is accessible in non-async contexts.
3. The async attach fairings have no runtime in which to be run.
Here's an example:
```rust
let rocket = rocket::ignite()
.attach(AttachFairing::from(|rocket| async {
Ok(rocket.manage(load_from_network::<T>().await))
}));
let state = rocket.state::<T>();
```
This had no real meaning previously yet was accepted by running the
attach fairing future in an isolated runtime. In isolation, this causes
no issue, but when attach fairing futures share reactor state with other
futures in Rocket, panics ensue.
The new Rocket application lifecycle is this:
* Build - A Rocket instance is constructed. No fairings are run.
* Ignition - All launch fairings are run.
* Liftoff - If all launch fairings succeeded, the server is started.
New 'liftoff' fairings are run in this third phase.
Catchers can now be scoped to paths, with preference given to the
longest-prefix, then the status code. This a breaking change for all
applications that register catchers:
* `Rocket::register()` takes a base path to scope catchers under.
- The previous behavior is recovered with `::register("/", ...)`.
* Catchers now fallibly, instead of silently, collide.
* `ErrorKind::Collision` is now `ErrorKind::Collisions`.
Related changes:
* `Origin` implements `TryFrom<String>`, `TryFrom<&str>`.
* All URI variants implement `TryFrom<Uri>`.
* Added `Segments::prefix_of()`.
* `Rocket::mount()` takes a `TryInto<Origin<'_>>` instead of `&str`
for the base mount point.
* Extended `errors` example with scoped catchers.
* Added scoped sections to catchers guide.
Internal changes:
* Moved router code to `router/router.rs`.
The new benchmarks use routes from real-world project. This is much more
realistic than the previous benchmarks.
The new benchmarks use `criterion` and exist in their own Cargo project.
This surfaced a dormant concurrency related issue. Prior to this commit,
the router used `routed_segments()` to retrieve the path segments of the
request. This was okay as there was no route in the request, and matched
segments were retrieved eagerly.
This commit makes segment matching lazy, so no matching occurs if
unnecessary. Between two matches, a `route` is atomically set of
`Request`. This is now visible in `routed_segments()`, which should not
have considered the current route in the first place. This was fixed.
While offering some utility, the lifetime did not carry its weight, and
in practice offered no further ability to borrow. This greatly
simplifies request guard implementations.
This prevents printing a secret key warning if a secret key was
generated, as is done by Rocket itself. This does not change any
behaviors in non-debug profiles.
Prior to this commit, it was not possible to test Rocket crates in
production mode without setting a global secret key or bypassing secret
key checking - the testing script did the latter. The consequence is
that it became impossible to test secret key related failures because
the tests passed regardless.
This commit undoes this. As a consequence, all tests are now aware of
the difference between debug and release configurations, the latter of
which validates 'secret_key' by default. New 'Client::debug()' and
'Client::debug_with()' simplify creating an instance of 'Client' with
configuration in debug mode to avoid undesired test failures.
The summary of changes in this commit are:
* Config 'secret_key' success and failure are now tested.
* 'secret_key' validation was moved to pre-launch from 'Config:from()'.
* 'Config::from()' only extracts the config.
* Added 'Config::try_from()' for non-panicking extraction.
* 'Config' now knows the profile it was extracted from.
* The 'Config' provider sets a profile of 'Config.profile'.
* 'Rocket', 'Client', 'Fairings', implement 'Debug'.
* 'fairing::Info' implements 'Copy', 'Clone'.
* 'Fairings' keeps track of, logs attach fairings.
* 'Rocket::reconfigure()' was added to allow modifying a config.
Internally, the testing script was refactored to properly test the
codebase with the new changes. In particular, it no longer sets a rustc
'cfg' to avoid secret-key checking.
Resolves#1543.
Fixes#1564.
This commit makes the `Config.secret_key` conditionally compile on the
`secrets` feature. The net effect is simplified internal code, fewer
corner-cases, and easier to write tests.
This commit removes the `Provider::profile()` implementation of
`Config`. This means that the `Config` provider no longer sets a
profile, a likely confusing behavior. The `Config::figment()` continues
to function as before.
This changes core routing so that panics in all handlers are handled by
emitting a long message explaining that panics are bad and invoking the
500 error catcher. If the 500 error catcher fails, Rocket's default 500
catcher is used.
This changes core routing so that '<path..>' in a route URI matches zero
or more segments. Previously, '<path..>' matched _1_ or more.
* Routes '$a' and '$b/<p..>' collide if $a and $b previously collided.
* For example, '/' now collides with '/<p..>'.
* Request '$a' matches route '$b/<p..>' if $a previously matched $b.
* For example, request '/' matches route '/<p..>'.
Resolves#985.
The iterator may be empty. This changes the return type of
'Request::segments()' from 'Option<Segments>' to simply 'Segments'.
Internally also adds a 'Client::debug()' for easier request testing.
* Add a `msg!()` macro to easily change a field validation message.
* Allow a field to refer to itself via `self.field`.
* Improve the various field validation traits.
This commit completely revamps the way that codegen handles route URI
"parameters". The changes are largely internal. In summary, codegen code
is better organized, better written, and less subject to error.
There are three breaking changes:
* `path` is now `uri` in `route` attribute: `#[route(GET, path = "..")]`
becomes `#[route(GET, uri = "..")]`.
* the order of execution for path and query guards relative to
each-other is now unspecified
* URI normalization now normalizes the query part as well.
Several error messages were improved. A couple of bugs were fixed:
* Prior to this commit, Rocket would optimistically try to parse every
segment of a URI as an ident, in case one was needed in the future.
A bug in rustc results in codegen "panicking" if the segment
couldn't _lex_ as an ident. This panic didn't manifest until far
after expansion, unfortunately. This wasn't a problem before as we
only allowed ident-like segments (ASCII), but now that we allow any
UTF-8, the bug surfaced. This was fixed by never attempting to parse
non-idents as idents.
* Prior to this commit, it was impossible to generate typed URIs for
paths that ignored path parameters via the recently added syntax
`<_>`: the macro would panic. This was fixed by, well, handling
these ignored parameters.
Some minor additions:
* Added `RawStr::find()`, expanding its `Pattern`-based API.
* Added an internal mechanism to dynamically determine if a `UriPart`
is `Path` or `Query`.
So. Many. Changes.
This is an insane commit: simultaneously one of the best (because of all
the wonderful improvements!) and one of the worst (because it is just
massive) in the project's history.
Routing:
* All UTF-8 characters are accepted everywhere in route paths. (#998)
* `path` is now `uri` in `route` attribute: `#[route(GET, path = "..")]`
becomes `#[route(GET, uri = "..")]`.
Forms Revamp
* All form related types now reside in a new `form` module.
* Multipart forms are supported. (resolves#106)
* Collections are supported in forms and queries. (resolves#205)
* Nested structures in forms and queries are supported. (resolves#313)
* Form fields can be ad-hoc validated with `#[field(validate = expr)]`.
* `FromFormValue` is now `FromFormField`, blanket implements `FromForm`.
* Form field values are always percent-decoded apriori.
Temporary Files
* A new `TempFile` data and form guard allows streaming data directly to a
file which can then be persisted.
* A new `temp_dir` config parameter specifies where to store `TempFile`.
* The limits `file` and `file/$ext`, where `$ext` is the file extension,
determines the data limit for a `TempFile`.
Capped
* A new `Capped` type is used to indicate when data has been truncated due to
incoming data limits. It allows checking whether data is complete or
truncated.
* `DataStream` methods return `Capped` types.
* `DataStream` API has been revamped to account for `Capped` types.
* Several `Capped<T>` types implement `FromData`, `FromForm`.
* HTTP 413 (Payload Too Large) errors are now returned when data limits are
exceeded. (resolves#972)
Hierarchical Limits
* Data limits are now hierarchical, delimited with `/`. A limit of `a/b/c`
falls back to `a/b` then `a`.
Core
* `&RawStr` no longer implements `FromParam`.
* `&str` implements `FromParam`, `FromData`, `FromForm`.
* `FromTransformedData` was removed.
* `FromData` gained a lifetime for use with request-local data.
* The default error HTML is more compact.
* `&Config` is a request guard.
* The `DataStream` interface was entirely revamped.
* `State` is only exported via `rocket::State`.
* A `request::local_cache!()` macro was added for storing values in
request-local cache without consideration for type uniqueness by using a
locally generated anonymous type.
* `Request::get_param()` is now `Request::param()`.
* `Request::get_segments()` is now `Request::segments()`, takes a range.
* `Request::get_query_value()` is now `Request::query_value()`, can parse any
`FromForm` including sequences.
* `std::io::Error` implements `Responder` like `Debug<std::io::Error>`.
* `(Status, R)` where `R: Responder` implements `Responder` by overriding the
`Status` of `R`.
* The name of a route is printed first during route matching.
* `FlashMessage` now only has one lifetime generic.
HTTP
* `RawStr` implements `serde::{Serialize, Deserialize}`.
* `RawStr` implements _many_ more methods, in particular, those related to the
`Pattern` API.
* `RawStr::from_str()` is now `RawStr::new()`.
* `RawStr::url_decode()` and `RawStr::url_decode_lossy()` only allocate as
necessary, return `Cow`.
* `Status` implements `Default` with `Status::Ok`.
* `Status` implements `PartialEq`, `Eq`, `Hash`, `PartialOrd`, `Ord`.
* Authority and origin part of `Absolute` can be modified with new
`Absolute::{with,set}_authority()`, `Absolute::{with,set}_origin()` methods.
* `Origin::segments()` was removed in favor of methods split into query and
path parts and into raw and decoded versions.
* The `Segments` iterator is smarter, returns decoded `&str` items.
* `Segments::into_path_buf()` is now `Segments::to_path_buf()`.
* A new `QuerySegments` is the analogous query segment iterator.
* Once set, `expires` on private cookies is not overwritten. (resolves#1506)
* `Origin::path()` and `Origin::query()` return `&RawStr`, not `&str`.
Codegen
* Preserve more spans in `uri!` macro.
* Preserve spans `FromForm` field types.
* All dynamic parameters in a query string must typecheck as `FromForm`.
* `FromFormValue` derive removed; `FromFormField` added.
* The `form` `FromForm` and `FromFormField` field attribute is now named
`field`. `#[form(field = ..)]` is now `#[field(name = ..)]`.
Contrib
* `Json` implements `FromForm`.
* `MsgPack` implements `FromForm`.
* The `json!` macro is exported as `rocket_contrib::json::json!`.
* Added clarifying docs to `StaticFiles`.
Examples
* `form_validation` and `form_kitchen_sink` removed in favor of `forms`.
* The `hello_world` example uses unicode in paths.
* The `json` example only allocates as necessary.
Internal
* Codegen uses new `exports` module with the following conventions:
- Locals starts with `__` and are lowercased.
- Rocket modules start with `_` and are lowercased.
- `std` types start with `_` and are titlecased.
- Rocket types are titlecased.
* A `header` module was added to `http`, contains header types.
* `SAFETY` is used as doc-string keyword for `unsafe` related comments.
* The `Uri` parser no longer recognizes Rocket route URIs.
This commit also improves config pretty-printing and warning messages.
It also fixes an issue that resulted in config value deprecation
warnings not being emitted. The 'workers' value is now a 'usize', not a
'u16'; contrib pool sizes now default to 'workers * 2'.
Closes#1470.
This commit reverts most of dea940c7 and d89c7024. The "fix" is to run
attach fairings on a new thread. If a runtime is already running, it is
used. Otherwise, the future is executed in a single-threaded executor.
This commit completely overhauls Rocket's configuration systems, basing
it on the new Figment library. It includes many breaking changes
pertaining to configuration. They are:
* "Environments" are replaced by "profiles".
* 'ROCKET_PROFILE' takes the place of 'ROCKET_ENV'.
* Profile names are now arbitrary, but 'debug' and 'release' are given
special treatment as default profiles for the debug and release
compilation profiles.
* A 'default' profile now sits along-side the meta 'global' profile.
* The concept of "extras" is no longer present; users can extract any
values they want from the configured 'Figment'.
* The 'Poolable' trait takes an '&Config'.
* The 'secrets' feature is disabled by default.
* It is a hard error if 'secrets' is enabled under the 'release'
profile and no 'secret_key' is configured.
* 'ConfigBuilder' no longer exists: all fields of 'Config' are public
with public constructors for each type.
* 'keep_alive' is disabled with '0', not 'false' or 'off'.
* Inlined error variants into the 'Error' structure.
* 'LoggingLevel' is now 'LogLevel'.
* Limits can now be specified in SI units: "1 MiB".
The summary of other changes are:
* The default config file can be configured with 'ROCKET_CONFIG'.
* HTTP/1 and HTTP/2 keep-alive configuration is restored.
* 'ctrlc' is now a recognized config option.
* 'serde' is now a core dependency.
* TLS misconfiguration errors are improved.
* Several example use '_' as the return type of '#[launch]' fns.
* 'AdHoc::config()' was added for simple config extraction.
* Added more documentation for using 'Limits'.
* Launch information is no longer treated specially.
* The configuration guide was rewritten.
Resolves#852.
Resolves#209.
Closes#1404.
Closes#652.
In brief, this commit:
* Updates to the latest upstream 'cookie', fixing a memory leak.
* Make changes to 'CookieJar' observable only through 'pending()'.
* Deprecates 'Client::new()' in favor of 'Client::tracked()'.
* Makes 'dispatch()' on tracked 'Client's synchronize on cookies.
* Makes 'Client::untracked()' actually untracked.
This commit updates to the latest 'cookie' which removes support for
'Sync' cookie jars. Instead of relying on 'cookie', this commit
implements an op-log based 'CookieJar' which internally keeps track of
changes. The API is such that changes are only observable through
specialized '_pending()' methods.
Prior to this commit, it was impossible to 'use' a route from a separate
namespace for use in a 'routes!' macro. Naturally, this was a common
source of confusion amongst users. This commit obviates this deficiency
by generating a "proxy" structure that can be imported and converted
into a 'Route'/'Catcher' or their static variants.
This change is largely backwards compatible but can break existing code
when routes are named identically to other types in the namespace.
The user-facing changes effected by this commit are:
* The 'http::Cookies<'_>' guard is now '&http::CookieJar<'_>'.
* The "one-at-a-time" jar restriction is no longer imposed.
* 'CookieJar' retrieval methods return 'http::CookieCrumb'.
* The 'private-cookies' feature is now called 'secrets'.
* Docs flag private cookie methods with feature cfg.
* Local, async request dispatching is never serialized.
* 'Client::cookies()' returns the tracked 'CookieJar'.
* 'LocalResponse::cookies()' returns a 'CookieJar'.
* 'Response::cookies()' returns an 'impl Iterator'.
* A path of '/' is set by default on all cookies.
* 'SameSite=strict' is set by default on all cookies.
* 'LocalRequest::cookies()' accepts any 'Cookie' iterator.
* The 'Debug' impl for 'Request' prints the cookie jar.
Resolves#1332.
The bulk of the changes in this commit are for creating an
'ErrorHandler' trait that works like the 'Handler' trait, but for
errors. Furthermore, Rocket's default catcher now responds with a JSON
payload if the preferred 'Accept' media type is JSON.
This commit also fixes a bug in 'LocalRequest' where the internal
'Request' contained an correct 'URI'.
This commit aims to make it impossible to modify a 'Route' structure in
a way that violates expectations of a code-generated 'Route'. It removes
'Route::set_uri()' in favor of 'Route::map_base()', which allows for
safe modifications of the route's base.
In a similar vain, this commit also includes the following changes:
* 'Route::path()' was added to safely retrieve the route's 'path'.
* The base of a 'Route' is underlined during launch printing.
* 'Origin::into_normalized()' replaces 'Origin::to_normalized()'.
Fixes#1262.
This commits makes the following high-level changes:
* 'ShutdownHandle' is renamed to 'Shutdown'.
* 'Rocket::shutdown_handle()' is renamed to 'Rocket::shutdown()'.
* '#[launch]` is preferred to '#[rocket::launch]'.
* Various docs phrasings are improved.
* Fixed various broken links in docs.
This commits rearranges top-level exports as follows:
* 'shutdown' module is no longer exported.
* 'Shutdown' is exported from the crate root.
* 'Outcome' is not longer exported from the root.
* 'Handler', 'ErrorHandler' are no longer exported from the root.
To the Rust teams, Rust's contributors, Rocket's contributors, the
entire Rust and Rocket communities, my colleagues at Stanford and
beyond, and Jeb: thank you all. Sincerely.
To the next ~4 years of Rocket!
Closes#19.
Prior to this commit, codegen used 'Span' information to generate a
unique id for a given route. This commit changes the id generation to
instead use 1) the route's name and path, 2) a an per-generation
atomically increasing ID, and 3) the ids of the process/thread the
proc-macro is running in. Together, these values should provide a unique
id for a given route, even in the face of the reused processes and
threads, while also removing the dependence on unstable Span features.
Fixes#1373.
This commit adds the 'local::blocking' module and moves the existing
asynchronous testing to 'local::asynchronous'. It also includes several
changes to improve the local API, bringing it to parity (and beyond)
with master. These changes are:
* 'LocalRequest' implements 'Clone'.
* 'LocalResponse' doesn't implement 'DerefMut<Target=Response>'.
Instead, direct methods on the type, such as 'into_string()', can
be used to read the 'Response'.
* 'Response::body()' returns an '&ResponseBody' as opposed to '&mut
ResponseBody', which is returned by a new 'Response::body_mut()'.
* '&ResponseBody' implements 'known_size()` to retrieve a body's size,
if it is known.
Co-authored-by: Jeb Rosen <jeb@jebrosen.com>
This removes the 'ctrl_c_shutdown' feature opting instead for a 'ctrlc'
configuration option. To avoid further merge conflicts with the master
branch, the option is currently read as an extra.
Co-authored-by: Jeb Rosen <jeb@jebrosen.com>
This is largely an internal change. Prior to this commit, the 'Manifest'
type, now replaced with the 'Cargo' type, robbed responsibility from the
core 'Rocket' type. This new construction restores the previous
responsibility and makes it clear that 'Cargo' is _only_ for freezing,
and representing the stability of, Rocket's internal state.
Previously, 'NamedFile::open()' called a synchronous I/O method. This
commit changes it to instead use tokio's 'File' for async I/O.
To allow this to change, the 'Handler' trait was fixed to enforce that
the lifetime of '&self', the reference to the handler, outlives the
incoming request. As a result, futures returned from a handler can hold
a reference to 'self'.
In summary, this commit modifies 'Responder' so that:
* ..it is no longer 'async'. To accommodate, the 'sized_body' methods
in 'Response' and 'ResponseBuilder' are no longer 'async' and accept
an optional size directly. If none is supplied, Rocket will attempt
to compute the size, by seeking, before writing out the response.
The 'Body' type was also changed to differentiate between its sized
'Seek' and chunked body variants.
* ..'&Request' gains a lifetime: 'r, and the returned 'Response' is
parameterized by a new 'o: 'r. This allows responders to return
references from the request or those that live longer.
The attribute is applied everywhere it can be across the codebase and is
the newly preferred method for launching an application. This commit
also makes '#[rocket::main]` stricter by warning when it is applied to
functions other than 'main'.
observed.
This is a prerequisite for async on_attach fairings. 'Rocket' is now a
builder wrapper around the 'Manifest' type, with operations being
applied when needed by 'launch()', 'Client::new()', or 'inspect()'.
'inspect()' returns an '&Manifest', which now provides the methods that
could be called on an '&Rocket'.
Also:
* Remove 'response::ResultFuture'.
* Re-export 'tokio' and 'futures' from the crate root.
* Make 'ResponseBuilder::sized_body()' and 'async fn'.
* Remove the 'Future' implementation for 'ResponseBuilder'.
* Add 'ResponseBuilder::finalize()' for finalizing the builder.
* Implement `std::error::Error` for the new Error type.
* Document the new Error type.
* Remove `LaunchError`'s implementation of `Error::description`, which is deprecated.
In order to avoid making 'ResponseBuilder::sized_body' an asynchronous
function, the seeking is deferred until finalization. 'finalize()' is
replaced with '.await', and 'ResponseBuilder::ok()' is an 'async fn'.
* Update 'tokio', 'tokio-rustls', and 'hyper'.
* Remove unused dependencies on some `futures-*` crates.
* Rework 'spawn_on', which is now 'serve'.
* Simplify Ctrl-C handling.
Use I/O traits and types from 'tokio-io' as much as possible.
A few adapters only exist in futures-io-preview and use
futures-tokio-compat as a bridge for now.
Types can now implement the new 'Listener' trait, which means they can
report the address they are listening on and asynchronously accept
connections. 'Connection's are read/write streams that can additionally
report the remote address.
Listener is implemented for 'tokio_net::tcp::TcpListener' and for
the new 'rocket_http::tls::TlsListener' based on 'tokio-rustls'.
The new private function 'Rocket::listen_on()' now does the main setup
for launch and is generic over a Listener. In the future, a more refined
version of the API can be exposed so that applications can implement
their own listeners.
* body_string_wait and body_bytes_wait are removed; use `.await` instead
* `dispatch()` is now an async fn and must be .await-ed
* Add `#[rocket::async_test]` macro, similar in purpose to `tokio::test`
* Tests now use either `rocket::async_test(async { })` or
`#[rocket::async_test]` in order to `.await` the futures returned
from `dispatch()` and `body_{string,bytes}()`
* Update 'test.sh' to reflect the tests that should be passing.
Broken:
* Cloned dispatch and mut_dispatch() with a live previous response now both fail, due to a (partial) check for mutable aliasing in LocalRequest.
* Some tests are still failing and need example-specific changes.
This is required to be able to do anything useful with the body in the
outgoing response. Request fairings do not appear to need to be async
as everything on Data that returns a future moves self and on_request only
gets &Data, but the same change in this commit should work for on_request
if desired.
The former method allows constructing a 'Config' in the exact manner
Rocket does internally: reading the active environment's properties from
'Rocket.toml' and overriding values from environment variables. The
'read_from()' property does the same except it allows a custom config
file path.
This PR also improves the internal structure of the configuration code.
The existing implementation of 'LocalRequest::clone()' mistakenly copied
the internal 'Request' pointer from the existing 'LocalRequest' to the
cloned 'LocalRequest'. This resulted in an aliased '*mut Request'
pointer, a clear soundness issue. The fix in this commit is to clone the
internal 'Request', replacing the internal pointer with the newly cloned
'Request' when producing the cloned 'LocalRequest'. A fix that removes
all 'unsafe' code should be explored.
Fixes#1312.
Every code example is now fully runnable and testable. As a result, all
examples are now tested and include imports. Relevant imports are shown
by default. Code examples can be expanded to show all imports.
Fixes#432.
Sergio Benitez
ThouCheese
toshokan
Jeb Rosen
Matthew Pomes
Jonah Brüchert
Ben Sully
ami-GS
Filip Gospodinov
Jonty
George Cheng
Edwin Svensson
lewis
Jonathan Dickinson
Necmettin Karakaya
Michael Howell
Paolo Barbolini
Follpvosten
Jacob Pratt
Marc Schreiber
gcarq
Yusuke Kominami
Nia Watts
Alex Macleod
Thiago Veronezi
Sorin Davidoi
A. L