Commit Graph

344 Commits

Author SHA1 Message Date
Sergio Benitez
d8afb4c7fa Implement Display and Error for ConfigError.
Closes #189.
2017-02-15 01:32:57 -08:00
Sergio Benitez
d8b90ebf5f Readd missing config address test. 2017-02-14 23:34:27 -08:00
Sergio Benitez
0c963da1fd Fix IPv6 address parsing and validation. 2017-02-14 23:10:36 -08:00
Sergio Benitez
1e1ff3bd23 Explicitly delete flash cookie so that path is set. 2017-02-08 23:53:29 -08:00
Sergio Benitez
3c8dd0fad8 Fix fallout from latest cargo nightly. 2017-02-08 00:55:22 -08:00
Sergio Benitez
46f753e128 Fix typo in manage docs: referes -> refers. 2017-02-06 10:40:43 -08:00
Sergio Benitez
20a548b11b Add percent_encode method to URI. 2017-02-06 03:41:12 -08:00
Sergio Benitez
0b69a5d8f7 Ensure routes with and without query params don't collide. 2017-02-05 01:43:53 -08:00
Sergio Benitez
e966925455 Use full URI in codegen routes; log query params in routes. 2017-02-05 01:34:48 -08:00
Sergio Benitez
391628dea9 Fix broken link to IntoValue. 2017-02-03 17:15:29 -08:00
Sergio Benitez
0e82eb0b31 Fixup forms documentation for new features. 2017-02-03 16:56:29 -08:00
Sergio Benitez
aefa2f1494 Use pub(crate) to enforce doc(hidden). 2017-02-03 02:17:06 -08:00
Sergio Benitez
bf1b9e76fd Tweak http module docs. 2017-02-03 01:27:41 -08:00
Sergio Benitez
a8356de183 Fully document config module. Deprecate Config::{set, default_for}. 2017-02-03 01:15:01 -08:00
Sergio Benitez
5abb8d99b4 Clarify manage method docs. 2017-02-02 18:16:57 -08:00
Sergio Benitez
988236f272 Add documentation for State request guard. 2017-02-02 18:01:00 -08:00
Sergio Benitez
a9c3b8a919 Silence warnings during testing. 2017-02-02 02:16:21 -08:00
Garrett Squire
11e90f525f Update status code for form processing failure. 2017-02-01 18:29:29 -08:00
Sergio Benitez
ed429cd487 Change FromForm signature. Emit 422 form errors on bad form strings.
This commit changes the way Rocket parses form items. In particular, it now
(liberally) validates form strings, returning a Bad Request on malformed inputs
and Unprocessable Entity on bad parses.

The 'FormItems' iterator was modified to accomodate this. The iterator is now
initialized using 'from': 'FormItems::from(form_string)'. The iterator can be
queried to check for a complete parse using either 'completed()' or
'exhausted()', the latter of which will consume valid keys/values and return
true only if the entire string was consumed.

The 'FromForm' trait now takes a mutable borrow to a 'FormItems' iterator.

The 'Form' and 'FormForm' implementation for 'Form' were modified to use the new
iterfaces and check for 'exhausted' after a parse, returning a Bad Request error
if the iterator cannot be exhausted.

Resolves #46.
2017-02-01 18:22:51 -08:00
Sergio Benitez
cc22836867 Precisely route formats. Make 'content_type' an 'Option' in 'Request'.
This commit changes the routing algorithm. In particular, it enforces
precise matching of formats. With this change, a route with a specified
format only matches requests that have the same format specified. A
route with no format specified matches any request's format. This is
contrast to the previous behavior, where a route without a specified
format would match requests regardless of their format or whether one
was specified.

This commit also changes the following:
  * The return type of the 'content_type' method of 'Request' is now
    'Option<ContentType>'.
  * The 'ContentType' request guard forwards when the request has no
    specified ContentType.
  * The 'add_header' and 'replace_header' methods take the header
    argument generically.

Closes #120.
2017-02-01 03:12:24 -08:00
Sergio Benitez
3235e1e5e6 Make 'false' the default value for bools in forms. 2017-02-01 00:12:11 -08:00
Sergio Benitez
35bbb8b60b Use 'to_string' to format Hyper headers. 2017-01-31 17:32:35 -08:00
Sergio Benitez
374593c2f0 Use 'ContentType::Plain' for 'String' responses.
Resolves #49.
2017-01-31 02:43:19 -08:00
Sergio Benitez
06a7317fd9 Update to Hyper 0.10. Use cookie crate directly.
A few interesting notes on this breakage:

  * `Cookie` how has a lifetime. It should be `'static'` everywhere.
  * The `SetCookie` header is no longer reexported.
  * Instead, `Cookie` implements `Into<Header>` for Set-Cookie.
2017-01-26 23:08:15 -08:00
Sergio Benitez
c815911705 Introduce Managed State. 2017-01-20 23:17:28 -08:00
Ernestas Poskus
59b7cb006f Add SVG as a known Content-Type. 2017-01-19 12:29:39 -08:00
Sergio Benitez
cf82469c52 Document encoding behavior for FormItems. 2017-01-15 02:21:28 -08:00
Sergio Benitez
bb295dc230 Extend FormFormValue docs with details and built-in impls.
Closes #129.
2017-01-15 02:05:17 -08:00
Eijebong
1398626710 Fix typo in Redirect documentation. 2017-01-14 07:58:28 -08:00
Sergio Benitez
d4d5c5dd29 Override config parameters via environment variables.
Resolves #37.
2017-01-14 07:55:08 -08:00
Sergio Benitez
4bc5c20a45 Fix security checks in PathBuf::FromSegments.
In #134, @tunz discovered that Rocket does not properly prevent path traversal
or local file inclusion attacks. The issue is caused by a failure to check for
some dangerous characters after decoding. In this case, the path separator '/'
was left as-is after decoding. As such, an attacker could construct a path with
containing any number of `..%2f..` sequences to traverse the file system.

This commit resolves the issue by ensuring that the decoded segment does not
contains any `/` characters. It further hardens the `FromSegments`
implementation by checking for additional risky characters: ':', '>', '<' as the
last character, and '\' on Windows. This is in addition to the already present
checks for '.' and '*' as the first character.

The behavior for a failing check has also changed. Previously, Rocket would skip
segments that contained illegal characters. In this commit, the implementation
instead return an error.

The `Error` type of the `PathBuf::FromSegment` implementations was changed to a
new `SegmentError` type that indicates the condition that failed.

Closes #134.
2017-01-13 13:25:33 -08:00
Sergio Benitez
41aecc3e7f Expose the remote address via remote() in Request.
This commit also includes the following changes:

  * `FromRequest` for `SocketAddr` implemented: extracts remote address.
  * All built-in `FromRequest` implementations are documented.
  * Request preprocessing overrides remote IP with value from X-Real-IP header.
  * `MockRequest` allows setting the remote address with `remote()`.

Resolves #38.
2017-01-13 07:50:51 -08:00
Sergio Benitez
c6fbc44888 Add TODO about improving builder finalize error. 2017-01-12 02:43:00 -08:00
Sergio Benitez
ddda8fe79b Add workers config parameter. 2017-01-12 02:38:14 -08:00
Sergio Benitez
fb24ee315c Overhaul configuration and custom ignition.
* Add Config::new() and Config::build() for simpler Config creation.
  * Add set_{param} methods to Config.
  * Add ConfigBuilder type for easy building of configurations.
  * Remove builder methods from Config.
  * PartialEq in Config doesn't consider path or session key.
  * Rocket::custom takes Config by value.
  * Rocket::custom takes second (enable_logging) boolean argument.
  * Rocket::custom properly sets the custom config as the active config.
2017-01-11 18:35:09 -08:00
Dru Sellers
a6084ab3e2 Change the type for port to u16 in config. 2017-01-09 16:48:27 -08:00
Sergio Benitez
21a1bde7c0 Add Header methods to get name and value as strs. 2017-01-06 01:03:08 -06:00
Sergio Benitez
6165a6705c Add more comments on dispatch logic. 2017-01-06 00:42:24 -06:00
Sergio Benitez
8f8dde812d Remove unnecessary fields in Redirect Response. 2017-01-06 00:42:10 -06:00
Sergio Benitez
042dcadf43 Expose DataStream directly to allow for stream composition. 2017-01-05 15:13:13 -06:00
Sergio Benitez
2da08a975c Make Content-Type case-preserving; add 'params' method. 2017-01-05 02:14:44 -06:00
Sergio Benitez
24805bbf16 Treat header names as case-preserving in HeaderMap.
Fixes #92.
2017-01-02 21:33:36 -06:00
Sergio Benitez
82f6f78189 Add UncasedAscii{Ref} type(s) that are case-preserving strings. 2017-01-02 21:32:29 -06:00
Liigo Zhuang
0af01abe5f Fix decoding of String form values.
@liigo originated a fix and found the problem in #82.
2016-12-31 01:06:22 -06:00
Sergio Benitez
83bbea7d4a Fix decoding of form value Strings. 2016-12-31 00:48:31 -06:00
Greg Edwards
d19cb0349c Only override request methods via '_method' on POST. 2016-12-31 00:00:47 -06:00
Sergio Benitez
a1878ad080 Properly resolve dynamic segments, take 2.
Fixes #86.
2016-12-30 23:51:23 -06:00
Sergio Benitez
1f373cc83a Rename 'content_type' Route field to 'format'. 2016-12-30 20:15:28 -06:00
Sergio Benitez
20f13f0bc1 Add CSV as a known Content-Type. 2016-12-27 15:42:27 -06:00
Sergio Benitez
71419933a5 Ignore _method field in derived FromForm.
Fixes #45.
2016-12-26 02:41:57 -06:00
Sean Griffin
eb8d973abd Fix typo in Outcome formatting: Succcess -> Success. 2016-12-25 21:37:06 -06:00
Sergio Benitez
591963106e Update NamedFile documentation. 2016-12-23 12:02:17 -08:00
Sergio Benitez
16f70480f5 Actually send the file via NamedFile. 2016-12-23 11:51:11 -08:00
Sergio Benitez
12302bcadb Document default FromParam impls. 2016-12-23 02:39:34 -08:00
Sergio Benitez
7d97bf04ea Prepend http:// to address:port in launch message. 2016-12-22 05:27:23 -08:00
Sergio Benitez
595cc5be57 Emit warning about disabled session keys. 2016-12-22 01:29:58 -08:00
Sergio Benitez
2dc1ba29f0 Adds tests for JSON example. Emit warning from JSON FromData.
This also includes a tiny change to the `mk-docs` script to build a
blank index at the root of the docs.
2016-12-21 22:56:58 -08:00
Sergio Benitez
b9742c1202 Fix broken links in docs. 2016-12-21 01:33:45 -08:00
Sergio Benitez
80632689f4 Document Request. 2016-12-21 01:30:45 -08:00
Sergio Benitez
dedf5094fe Remove URIBuf. 2016-12-21 00:20:14 -08:00
Sergio Benitez
62fe734492 URI uses Cow iternally. 2016-12-21 00:09:22 -08:00
Sergio Benitez
f3b7b7db5e Add example for FromData. 2016-12-20 18:07:14 -08:00
Sergio Benitez
c61e40f5a3 Document config ParsingError. 2016-12-20 17:27:46 -08:00
Sergio Benitez
0acb9eab83 Document Response. Update Config tests. 2016-12-20 17:27:31 -08:00
Sergio Benitez
6e2913fc5c Cleanup Responder documentation. 2016-12-20 13:40:02 -08:00
Sergio Benitez
abdb8c2aa1 Document ResponseBuilder. 2016-12-19 23:29:20 -08:00
Sergio Benitez
d44c61f1af Redocument ContentType. 2016-12-19 20:40:21 -08:00
Sergio Benitez
ddbd7966f7 Document Body. Derive Clone/Copy/PartialEq appropriately in response module. 2016-12-19 20:10:24 -08:00
Sergio Benitez
1851187a2d Reword http module documentation. 2016-12-19 19:50:27 -08:00
Sergio Benitez
f101069610 Document Status and StatusClass. 2016-12-19 19:46:49 -08:00
Sergio Benitez
3414266a8a Document Header and HeaderMap. 2016-12-19 18:04:31 -08:00
Sergio Benitez
8d8d504b59 Document Config. Cleaner lib/handler docs. 2016-12-19 16:51:59 -08:00
Sergio Benitez
dd7e95b3c5 Panic on illegal, dynamic mount points. 2016-12-17 10:51:44 -08:00
Sergio Benitez
f1c7d3e27c Minor code improvements via clippy. 2016-12-17 09:18:30 -08:00
Sergio Benitez
e2fcd75325 Use forked compiletest for latest nightly. 2016-12-16 15:14:11 -08:00
Sergio Benitez
2e25ce04dc Automatically handle HEAD requests. 2016-12-16 05:17:16 -08:00
Sergio Benitez
6815a56cb5 Rework Request: add lifetime to future proof, remove unsafe. 2016-12-16 03:07:23 -08:00
Sergio Benitez
5f311c3654 Implement Responder for Response. 2016-12-15 20:57:14 -08:00
Sergio Benitez
368e5105a9 Return a Response from testing's dispatch_with. 2016-12-15 20:53:54 -08:00
Sergio Benitez
77cfed0d21 Fix minor README/comment typos. 2016-12-15 17:22:33 -08:00
Sergio Benitez
08f41816d1 Remove dependence from Hyper in Request/MockRequest. 2016-12-15 16:34:19 -08:00
Sergio Benitez
a73a082153 New HeaderMap type for grouping Headers. 2016-12-15 12:37:17 -08:00
Sergio Benitez
d3e2d829c7 Remove all Hyper* types in favor of hyper::*. 2016-12-15 09:24:29 -08:00
Sergio Benitez
0cc379b82f Parse and test params in ContentType. 2016-12-15 08:49:10 -08:00
Sergio Benitez
44f5f1998d New HTTP types: ContentType, Status. Responder/Handler/ErrorHandler changed.
This is a complete rework of `Responder`s and of the http backend in
general. This gets Rocket one step closer to HTTP library independence,
enabling many future features such as transparent async I/O, automatic
HEAD request parsing, pre/post hooks, and more.

Summary of changes:

  * `Responder::response` no longer takes in `FreshHyperResponse`.
    Instead, it returns a new `Response` type.
  * The new `Response` type now encapsulates a full HTTP response. As a
    result, `Responder`s now return it.
  * The `Handler` type now returns an `Outcome` directly.
  * The `ErrorHandler` returns a `Result`. It can no longer forward,
    which made no sense previously.
  * `Stream` accepts a chunked size parameter.
  * `StatusCode` removed in favor of new `Status` type.
  * `ContentType` significantly modified.
  * New, lightweight `Header` type that plays nicely with `Response`.
2016-12-15 00:47:31 -08:00
Sergio Benitez
6bc0fa8871 Make note about implementing auto HEAD handling. 2016-12-11 21:20:30 -08:00
Sergio Benitez
e6fa01607f Link to Stream in Responder docs. 2016-12-11 01:40:03 -08:00
Sergio Benitez
3dc82e2349 HTML escape < in Responder docs. 2016-12-10 17:58:52 -08:00
Sergio Benitez
4f89e232aa HTML escape < in FromParam docs. 2016-12-10 17:41:44 -08:00
Sergio Benitez
470dc7f63c Improve FromParam documentation. 2016-12-10 02:55:25 -08:00
Sergio Benitez
a818976b08 Add example implementation for Responder. 2016-12-09 20:59:58 -08:00
Sergio Benitez
d0136235d7 Remove with_status and StatusResponder in favor of status module. 2016-12-09 19:53:13 -08:00
Sergio Benitez
a2e99985b0 Fix data buffer indexing bug. Add from_request example. 2016-11-21 00:45:44 -08:00
Sergio Benitez
b38942ad00 Avoid double logger initialization by removing logger init in Rocket::custom. 2016-11-11 14:04:00 -08:00
Sergio Benitez
ba88fcdc95 Document FromRequest. Clarify FromFormValue::default. 2016-11-06 17:07:47 +01:00
Sergio Benitez
006a35a8a9 Add an example to Rocket::catch docs. 2016-11-05 19:35:21 +01:00
Sergio Benitez
2cc0251a22 Further document the Catcher type. Register a catcher in the manual example. 2016-11-05 19:31:50 +01:00
Sergio Benitez
a5599aac9c Hide all of the logger macros, for now. 2016-11-04 15:38:06 +01:00
Sergio Benitez
4d189df884 Fix the tests for latest changes. 2016-11-04 15:11:59 +01:00
Sergio Benitez
d7353c8c2d Document the Rocket type. Add expect method to Outcome. Add custom method to Rocket. 2016-11-04 14:35:04 +01:00
Sergio Benitez
dd030334e4 Document the Error type. 2016-11-03 19:00:52 +01:00
Sergio Benitez
32e22fc8e1 Document the content module, complete response documentation. 2016-11-03 18:54:37 +01:00
Sergio Benitez
553082f026 Document all of the core response types. 2016-11-03 17:05:41 +01:00
Sergio Benitez
129268506e Document Responder. Further document Flash. Implement Debug for most Responder types. 2016-11-03 15:09:01 +01:00
Sergio Benitez
c2d3bdccdb Document the Failure and Flash responses. 2016-11-02 18:48:43 +01:00
Sergio Benitez
004cae7627 Fix codegen tests for new lib. Make UTF8 charset the default for text content types. 2016-11-02 17:39:41 +01:00
Sergio Benitez
c98d047038 Add URI::percent_decoding helper method. Safeguard Pathbuf FromSegments implementation. 2016-11-02 16:55:56 +01:00
Sergio Benitez
4326c9103e Propogate error types in FromParam and FromSegment parses. 2016-10-31 18:51:19 +01:00
Sergio Benitez
639cd425ee Add Debug bound to associated parsing Errors. 2016-10-31 18:31:39 +01:00
Sergio Benitez
785d0d2a6a Fix URI display for root path. 2016-10-31 17:32:43 +01:00
Sergio Benitez
d91e3e0454 Add the [global] psuedo-environment for global configuration. 2016-10-31 17:00:32 +01:00
Sergio Benitez
da7cb44671 Add more testing module documentation. Fix test for latest nightly. 2016-10-31 10:21:19 +01:00
Sergio Benitez
5766766659 Use a 'Sync' type for the session key. 2016-10-25 17:07:39 +02:00
Sergio Benitez
25d55b4b0f Disallow use of data parameter with non-payload methods. 2016-10-25 16:42:10 +02:00
Sergio Benitez
fb67681adc Don't reexport IntoOutcome trait. 2016-10-25 13:39:31 +02:00
Sergio Benitez
81113ecf50 Remove public qualification from private data modules. 2016-10-25 13:35:02 +02:00
Sergio Benitez
1849365eda Inline the Data struct in docs. 2016-10-25 13:27:16 +02:00
Sergio Benitez
6a8d64f69b Move the data module into the top-level namespace. 2016-10-25 13:24:07 +02:00
Sergio Benitez
f5a5ea3a22 Rename data to content in response. Remove DataOutcome. 2016-10-25 13:03:50 +02:00
Sergio Benitez
5447f81f77 Remove RequestOutcome, ResponseOutcome in favor of Outcome. Remove Failure response type. 2016-10-25 11:17:49 +02:00
Sergio Benitez
2f04027c5f Document the testing module. 2016-10-25 10:16:34 +02:00
Sergio Benitez
11b6158276 Refine request module API docs. 2016-10-24 10:09:50 +02:00
Sergio Benitez
e70fcd78b9 Properly escape ticks for markdown in Form docs. 2016-10-21 09:06:40 -07:00
Sergio Benitez
2da43e24f7 Document most of the request module. 2016-10-21 02:56:57 -07:00
Sergio Benitez
81f45608a1 Document outcome module. 2016-10-19 00:30:02 -07:00
Sergio Benitez
2a0535e1f7 Document the config module. 2016-10-18 12:04:56 -07:00
Sergio Benitez
5a1a303c59 Document the http module. 2016-10-17 19:29:58 -07:00
Sergio Benitez
762b38efe9 Add fragment support to URI type. 2016-10-17 17:21:29 -07:00
Sergio Benitez
a145a11848 Add tests to the hello_world, helllo_ranks, and hello_person examples. 2016-10-17 15:14:57 -07:00
Sergio Benitez
33f0274f62 Remove unused Rocket::config method. 2016-10-16 03:21:34 -07:00
Sergio Benitez
bc5ecb31df Implement a small testing framework in the 'testing' module. 2016-10-16 03:16:16 -07:00
Sergio Benitez
3008820494 Seperate request dispatch into hyper and non-hyper parts. 2016-10-16 00:03:08 -07:00
Sergio Benitez
471239c567 Protect the session_key from external libs. Clean-up config docs. 2016-10-15 18:58:57 -07:00
Sergio Benitez
cf9f746ee2 Remove question_mark feature: it's been stabalized! 2016-10-14 19:07:22 -07:00
Sergio Benitez
1323e7a420 Add config::get(), for global config access. Use it for Template. 2016-10-14 18:57:36 -07:00
Sergio Benitez
722f613686 Use Outcome as the result of all fallible conversions. 2016-10-13 18:39:23 -07:00
Sergio Benitez
b4305cb430 Use 'Content-Type' for format routing. Simplify 'raw_upload' example. 2016-10-12 19:08:19 -07:00
Sergio Benitez
2f35b23514 Remove non-streaming requests. Use streaming requests everywhere.
This commit includes the following important API changes:

  * The `form` route parameter has been removed.
  * The `data` route parameter has been added.
  * Forms are not handled via the `data` parameter and `Form` type.
  * Removed the `data` parameter from `Request`.
  * Added `FromData` conversion trate and default implementation.
  * Added `DataOutcome` enum, which is the return type of `from_data`.
  * 'FromData' is now used to automatically derive the `data` parameter.
  * Moved `form` into `request` module.
  * Removed `Failure::new` in favor of direct value construction.

This commit includes the following important package additions:

  * Added a 'raw_upload' example.
  * `manual_routes` example uses `Data` parameter.
  * Now building and running tests with `--all-features` flag.
  * All exmaples have been updated to latest API.
  * Now using upstream Tera.

This commit includes the following important fixes:

  * Any valid ident is now allowed in single-parameter route parameters.
  * Lifetimes are now properly stripped in code generation.
  * `FromForm` derive now works on empty structs.
2016-10-12 00:14:42 -07:00
Sergio Benitez
d8db812856 Implement streaming requests. 2016-10-09 04:29:02 -07:00
Sergio Benitez
07204a25dd Remove Rocket::from_hyp in favor of Rocket::new. 2016-10-08 21:37:28 -07:00
Sergio Benitez
a7b180c911 Remove Empty response. 2016-10-08 20:57:39 -07:00
Sergio Benitez
619b1d787e Rename Response::new to complete. Add Response::failure using newly added Failure response. 2016-10-08 20:53:04 -07:00
Sergio Benitez
0144b70fac Cleanup documentation related code. 2016-10-08 04:42:22 -07:00
Sergio Benitez
e30e4e6c7f Make 'http' public. 2016-10-08 04:29:20 -07:00
Sergio Benitez
c4b817ae0b Cleanup dispatch messages and comments. 2016-10-07 23:37:29 -07:00
Sergio Benitez
8c0d11feab Completely new raw API.
Summary of changes:

  * Request no longer has a lifetime parameter.
  * Handler type now includes a `Data` parameter.
  * Response is now an enum that is either `Complete` or `Forward`.
  * Outcome enum is now one of: Success, Failure, Forward.
  * Outcome::Foward for Responses must include StatusCode.
  * Responders are now final: they cannot forward to requests. (!!)
  * Responsers may only forward to catchers. (!!)
  * Response no longer provides wrapping methods.
  * Route is now cloneable.

This change is fundamental to enabling streaming requests.
2016-10-07 23:20:49 -07:00
Sergio Benitez
59623d936f Add a default template for every known error code. 2016-10-07 21:31:52 -07:00
Sergio Benitez
37e6a367b8 Move the form module under request and outcome to top-level. 2016-10-07 19:27:50 -07:00
Sergio Benitez
be3530bb44 Make Outcome generic on its encapsulated type. 2016-10-07 19:09:05 -07:00
Sergio Benitez
6578de4615 Always inline appropriate Request methods. 2016-10-06 21:04:35 -07:00