Commit Graph

2320 Commits

Author SHA1 Message Date
Sergio Benitez 54224618b2 Switch to upstream 'tokio-rustls'. 2022-05-04 09:44:26 -07:00
Sergio Benitez 1586ef9572 Downgrade URI discord debug assertion to warning.
Closes #1831.
2022-05-04 09:44:26 -07:00
Sergio Benitez ee4aa81847 Allow '[' and ']' in URI paths.
This is strictly noncompliant and they should be encoded, but browsers
routinely send them unencoded, so we allow them to avoid trouble.
2022-05-04 09:44:24 -07:00
Sergio Benitez 4c6c0b497c Avoid more platform dependent errors in UI tests. 2022-05-03 14:33:11 -07:00
Sergio Benitez 55ea5dfb35 Avoid platform dependent errors in UI tests. 2022-05-03 13:56:25 -07:00
Sergio Benitez 07460df279 Rework TLS listener/connection implementations.
The previous implementation allowed a trivial DoS attack in which the
client need simply maintain open connections with incomplete handshakes.
This commit resolves that by allowing a server worker to progress as
soon as a TCP connection has been established. This comes at the expense
of a more complex implementation necessitated by deficiencies in Hyper.

Potentially resolves #2118.
2022-05-03 13:56:25 -07:00
Sergio Benitez e9d46b917e Fully 'drop()' I/O struct in 'CancellableIo'.
This should improve the reliability of graceful shutdown.
2022-05-03 13:55:43 -07:00
Sergio Benitez bf84b1cdb5 Enable TCP_NODELAY on TCP-based connections.
We may want a more fine-grained approach to immediately transmitting
application data, but Hyper does not yet expose a suitable API.

Resolves #2062.
2022-04-28 13:22:06 -07:00
Sergio Benitez 613366f4bb Fix UI tests. 2022-04-27 13:59:20 -07:00
Sergio Benitez 6fc24789e9 Fix SSE heartbeat so it never interrupts events.
Previously, the heartbeat message, in its raw form, was ":\n\n". This
commit changes the message to be ":\n".

The former message, when parsed as Server-Sent Events, contained an
empty comment (as desired) _and_ a new line (erroneously). The new line
resulted in emitting any event that was presently being emitted, even if
it wasn't complete. That is, emitting an event partly, such as the
event's data but not its name. Removing the extra new line resolves this
issue and ensures that events aren't interrupted by the heartbeat.

Fixes #2152.
2022-04-27 13:59:03 -07:00
Sergio Benitez b117210ca6 Update 'rustls-pemfile' to 1.0. 2022-04-26 22:09:10 -07:00
Sergio Benitez 810f472524 Update 'uuid' to 1.0. 2022-04-26 22:04:47 -07:00
Sergio Benitez 6bdd2f8186 Consider form parsing strategy for 'Vec', 'Map'.
Prior to this commit, 'Vec', 'HashMap', and 'BTreeMap' would parse
leniently irrespetive of the requested parsing strategy. This commit
changes their behavior so that the parsing strategy is respected.

Resolves #2131.
2022-04-21 08:17:58 -07:00
Konrad Borowski 7bbe0457a5 Use new 2021 edition functionality.
* Remove `TryInto` and `TryFrom` imports.
  * Replace `IntoIter::new()` with `.into_iter()`.
2022-04-19 18:35:55 -07:00
Konrad Borowski 4d258739f5 Migrate Rocket to Rust 2021 edition. 2022-04-19 18:35:38 -07:00
Sergio Benitez 4d83f73f86 Implement 'Eq' for 'MediaType', 'ContentType'.
This also fixes the 'Hash' implementation to match the docs.

Resolves #2132.
2022-04-19 13:58:30 -07:00
Sergio Benitez 38bd5663c2 Use non-deprecated 'rmp_serde::from_slice'. 2022-04-19 13:20:44 -07:00
Sergio Benitez bc2315943b Allow 'unused_doc_comments' on generated doctests. 2022-04-19 13:13:33 -07:00
Sergio Benitez 2a7eac01bb Fix 'Segments::to_path_buf()' on Windows. 2022-04-19 13:06:02 -07:00
Sergio Benitez 82cd53de36 Add 'must_use' to 'Rocket'.
Closes #2146.
2022-04-19 13:03:58 -07:00
Sergio Benitez 49d138de14 Set 'RUSTC_BOOTSTRAP' to for '--no-run' on stable.
This is used by the testing script to run compile-only tests.
2022-04-18 21:15:58 -07:00
Sergio Benitez fc633dfcd8 Fix UI tests for latest stable, nightly. 2022-04-18 21:15:54 -07:00
Sergio Benitez ccf0b802bc Disallow ':' in `PathBuf` guard on Windows.
Fixes #1949.
2022-04-18 18:27:41 -07:00
Sergio Benitez 1b37d571c2 Rework 'local_cache!' so it returns unique refs.
Fixes #1987.
2022-04-18 18:12:54 -07:00
Sergio Benitez 8573b6069f Use 'print' for logging in debug.
In cc98f98, logging was changed to use a new 'write_out!' macro that
internally used 'write!' instead of 'print!' to log. This had an
unfortunate side-effect: 'libtest' via 'cargo test' no longer captures
the log output of tests.

The reason this occurs is due to the way that Cargo, or rather
`libtest`, captures log output: it uses hidden, unstable functions that
replace a special sink that `print!`, and _only_ `print!` writes to.
Using `write!` directly, as the commit does, bypasses this sink, and so
`cargo` never captures the output.

As a compromise, we only use the better implementation when we're not
compiled with `debug_assertions` or running tests, so at least tests run
in debug-mode won't spew output.
2022-04-14 15:01:51 -07:00
Sergio Benitez ae0ccf43f1 Fix parsing docs for 'Lenient'.
Resolves #2039.
2022-03-09 14:09:22 -08:00
Sergio Benitez 4fcb57b704 Log HTTP/2 availability at start-up. 2022-03-08 15:24:14 -08:00
Edgar Onghena ff7cf68461 Make HTTP/2 optional via 'http2' feature.
Closes #2030.
2022-03-08 15:13:24 -08:00
arlecchino cc98f98aa7 Implement and log with panic-free 'write_out!'.
Resolves #2019.
2022-03-08 14:41:01 -08:00
Sergio Benitez 2cbaf05153 Update UI tests for latest stable. 2022-03-07 12:16:21 -08:00
Juraj Fiala 71e96d0d0d Fix typo: 'Tera' -> 'Handlebars'. 2022-03-03 15:48:00 -08:00
Sergio Benitez b5b842f0bf Use fully working examples in dyn_templates.
Closes #1992.
2022-03-03 15:41:29 -08:00
Alex Sears 91e3b4397a Fix 'observe' and 'retrieve' typos in cookie docs. 2022-02-23 14:40:01 -08:00
Aurora 3bd65e7e18 Use docstring '///' comment in 'Responder' docs. 2022-02-23 14:36:03 -08:00
Aditya 72e1bce2f2 Fix link to OWASP path traversal docs in guide. 2022-02-23 14:25:31 -08:00
J. Cohen 42df0f3679 Fix spacing in 'overview' code examples. 2022-02-23 14:23:35 -08:00
Joshua Nitschke eba469b558 Fix 'form' data limit name in configuration guide. 2022-02-23 14:21:37 -08:00
David Venhoek 83e7fe1157 Log launch messages at info level.
Fixes #1828.
Closes #1871.
2022-02-23 14:16:18 -08:00
=?UTF-8?q?R=C3=A9mi=20Lauzier?= f82d760b52 Use 'matches!' macro where possible. 2022-02-23 14:11:44 -08:00
=?UTF-8?q?R=C3=A9mi=20Lauzier?= 928d51ca6e Fix typo in suggestion issue template. 2022-02-23 14:11:20 -08:00
xelivous 13d8e74655 Fix flash message display in todo example. 2022-02-23 13:55:02 -08:00
Sergio Benitez 5593685455 Add sqlite aux files to gitignore. 2022-02-23 13:53:26 -08:00
Matthew Pomes a05b3e138c Explicitly doc enabling 'json' feature in guide.
Co-authored-by: Marshall Bowers <elliott.codes@gmail.com>
2022-02-23 13:38:50 -08:00
Sergio Benitez 8825f936ef Add 'includeSubdomains' in HSTS preload header.
Resolves #2049.
Closes #2050.

Co-authored-by: Soham Roy <sohamroy@sohamroy.me>
2022-02-22 18:19:09 -08:00
Sergio Benitez fda05bddd2 Update 'rustls' to 0.20.
Also updates 'tokio-rustls' to a compatible version.

Additionally depends on 'rustls-pemfile' which includes functionality
that was previously part of 'rustls' itself.
2022-02-22 17:30:42 -08:00
Sergio Benitez 502b11c177 Update 'x509-parser' to 0.13. 2022-02-22 13:01:05 -08:00
Sergio Benitez 2f59515752 Update 'x509-parser' to 0.12.
Closes #2100.
2022-02-22 12:51:59 -08:00
Gabriel Fontes 66d18bf665 Explicitly import 'Result' in 'context!'. 2022-02-17 16:33:36 -08:00
arlecchino 1ba41b3990 Remove 'CookieJar::get_private_pending()'.
This commit removes the 'CookieJar::get_private_pending()' method in
favor of the already existing and correct 'CookieJar::get_pending()'
method. Previously, the 'CookieJar::get_private_pending()' method
attempted to decrypt the value of a pending cookie, which in reality is
plaintext, thus failing. Because the pending value is plaintext, the
'CookieJar::get_pending()' method suffices.

Documentation has been updated to refer to 'CookieJar::get_pending()'.

Fixes #2063.
2022-02-17 11:04:30 -08:00
arlecchino 442b668a7a Update 'cookie' to '0.16'. 2022-02-17 10:57:37 -08:00