Commit Graph

2268 Commits

Author SHA1 Message Date
Sergio Benitez
ee4aa81847 Allow '[' and ']' in URI paths.
This is strictly noncompliant and they should be encoded, but browsers
routinely send them unencoded, so we allow them to avoid trouble.
2022-05-04 09:44:24 -07:00
Sergio Benitez
4c6c0b497c Avoid more platform dependent errors in UI tests. 2022-05-03 14:33:11 -07:00
Sergio Benitez
55ea5dfb35 Avoid platform dependent errors in UI tests. 2022-05-03 13:56:25 -07:00
Sergio Benitez
07460df279 Rework TLS listener/connection implementations.
The previous implementation allowed a trivial DoS attack in which the
client need simply maintain open connections with incomplete handshakes.
This commit resolves that by allowing a server worker to progress as
soon as a TCP connection has been established. This comes at the expense
of a more complex implementation necessitated by deficiencies in Hyper.

Potentially resolves #2118.
2022-05-03 13:56:25 -07:00
Sergio Benitez
e9d46b917e Fully 'drop()' I/O struct in 'CancellableIo'.
This should improve the reliability of graceful shutdown.
2022-05-03 13:55:43 -07:00
Sergio Benitez
bf84b1cdb5 Enable TCP_NODELAY on TCP-based connections.
We may want a more fine-grained approach to immediately transmitting
application data, but Hyper does not yet expose a suitable API.

Resolves #2062.
2022-04-28 13:22:06 -07:00
Sergio Benitez
613366f4bb Fix UI tests. 2022-04-27 13:59:20 -07:00
Sergio Benitez
6fc24789e9 Fix SSE heartbeat so it never interrupts events.
Previously, the heartbeat message, in its raw form, was ":\n\n". This
commit changes the message to be ":\n".

The former message, when parsed as Server-Sent Events, contained an
empty comment (as desired) _and_ a new line (erroneously). The new line
resulted in emitting any event that was presently being emitted, even if
it wasn't complete. That is, emitting an event partly, such as the
event's data but not its name. Removing the extra new line resolves this
issue and ensures that events aren't interrupted by the heartbeat.

Fixes #2152.
2022-04-27 13:59:03 -07:00
Sergio Benitez
b117210ca6 Update 'rustls-pemfile' to 1.0. 2022-04-26 22:09:10 -07:00
Sergio Benitez
810f472524 Update 'uuid' to 1.0. 2022-04-26 22:04:47 -07:00
Sergio Benitez
6bdd2f8186 Consider form parsing strategy for 'Vec', 'Map'.
Prior to this commit, 'Vec', 'HashMap', and 'BTreeMap' would parse
leniently irrespetive of the requested parsing strategy. This commit
changes their behavior so that the parsing strategy is respected.

Resolves #2131.
2022-04-21 08:17:58 -07:00
Konrad Borowski
7bbe0457a5 Use new 2021 edition functionality.
* Remove `TryInto` and `TryFrom` imports.
  * Replace `IntoIter::new()` with `.into_iter()`.
2022-04-19 18:35:55 -07:00
Konrad Borowski
4d258739f5 Migrate Rocket to Rust 2021 edition. 2022-04-19 18:35:38 -07:00
Sergio Benitez
4d83f73f86 Implement 'Eq' for 'MediaType', 'ContentType'.
This also fixes the 'Hash' implementation to match the docs.

Resolves #2132.
2022-04-19 13:58:30 -07:00
Sergio Benitez
38bd5663c2 Use non-deprecated 'rmp_serde::from_slice'. 2022-04-19 13:20:44 -07:00
Sergio Benitez
bc2315943b Allow 'unused_doc_comments' on generated doctests. 2022-04-19 13:13:33 -07:00
Sergio Benitez
2a7eac01bb Fix 'Segments::to_path_buf()' on Windows. 2022-04-19 13:06:02 -07:00
Sergio Benitez
82cd53de36 Add 'must_use' to 'Rocket'.
Closes #2146.
2022-04-19 13:03:58 -07:00
Sergio Benitez
49d138de14 Set 'RUSTC_BOOTSTRAP' to for '--no-run' on stable.
This is used by the testing script to run compile-only tests.
2022-04-18 21:15:58 -07:00
Sergio Benitez
fc633dfcd8 Fix UI tests for latest stable, nightly. 2022-04-18 21:15:54 -07:00
Sergio Benitez
ccf0b802bc Disallow ':' in PathBuf guard on Windows.
Fixes #1949.
2022-04-18 18:27:41 -07:00
Sergio Benitez
1b37d571c2 Rework 'local_cache!' so it returns unique refs.
Fixes #1987.
2022-04-18 18:12:54 -07:00
Sergio Benitez
8573b6069f Use 'print' for logging in debug.
In cc98f98, logging was changed to use a new 'write_out!' macro that
internally used 'write!' instead of 'print!' to log. This had an
unfortunate side-effect: 'libtest' via 'cargo test' no longer captures
the log output of tests.

The reason this occurs is due to the way that Cargo, or rather
`libtest`, captures log output: it uses hidden, unstable functions that
replace a special sink that `print!`, and _only_ `print!` writes to.
Using `write!` directly, as the commit does, bypasses this sink, and so
`cargo` never captures the output.

As a compromise, we only use the better implementation when we're not
compiled with `debug_assertions` or running tests, so at least tests run
in debug-mode won't spew output.
2022-04-14 15:01:51 -07:00
Sergio Benitez
ae0ccf43f1 Fix parsing docs for 'Lenient'.
Resolves #2039.
2022-03-09 14:09:22 -08:00
Sergio Benitez
4fcb57b704 Log HTTP/2 availability at start-up. 2022-03-08 15:24:14 -08:00
Edgar Onghena
ff7cf68461 Make HTTP/2 optional via 'http2' feature.
Closes #2030.
2022-03-08 15:13:24 -08:00
arlecchino
cc98f98aa7 Implement and log with panic-free 'write_out!'.
Resolves #2019.
2022-03-08 14:41:01 -08:00
Sergio Benitez
2cbaf05153 Update UI tests for latest stable. 2022-03-07 12:16:21 -08:00
Juraj Fiala
71e96d0d0d Fix typo: 'Tera' -> 'Handlebars'. 2022-03-03 15:48:00 -08:00
Sergio Benitez
b5b842f0bf Use fully working examples in dyn_templates.
Closes #1992.
2022-03-03 15:41:29 -08:00
Alex Sears
91e3b4397a Fix 'observe' and 'retrieve' typos in cookie docs. 2022-02-23 14:40:01 -08:00
Aurora
3bd65e7e18 Use docstring '///' comment in 'Responder' docs. 2022-02-23 14:36:03 -08:00
Aditya
72e1bce2f2 Fix link to OWASP path traversal docs in guide. 2022-02-23 14:25:31 -08:00
J. Cohen
42df0f3679 Fix spacing in 'overview' code examples. 2022-02-23 14:23:35 -08:00
Joshua Nitschke
eba469b558 Fix 'form' data limit name in configuration guide. 2022-02-23 14:21:37 -08:00
David Venhoek
83e7fe1157 Log launch messages at info level.
Fixes #1828.
Closes #1871.
2022-02-23 14:16:18 -08:00
=?UTF-8?q?R=C3=A9mi=20Lauzier?=
f82d760b52 Use 'matches!' macro where possible. 2022-02-23 14:11:44 -08:00
=?UTF-8?q?R=C3=A9mi=20Lauzier?=
928d51ca6e Fix typo in suggestion issue template. 2022-02-23 14:11:20 -08:00
xelivous
13d8e74655 Fix flash message display in todo example. 2022-02-23 13:55:02 -08:00
Sergio Benitez
5593685455 Add sqlite aux files to gitignore. 2022-02-23 13:53:26 -08:00
Matthew Pomes
a05b3e138c Explicitly doc enabling 'json' feature in guide.
Co-authored-by: Marshall Bowers <elliott.codes@gmail.com>
2022-02-23 13:38:50 -08:00
Sergio Benitez
8825f936ef Add 'includeSubdomains' in HSTS preload header.
Resolves #2049.
Closes #2050.

Co-authored-by: Soham Roy <sohamroy@sohamroy.me>
2022-02-22 18:19:09 -08:00
Sergio Benitez
fda05bddd2 Update 'rustls' to 0.20.
Also updates 'tokio-rustls' to a compatible version.

Additionally depends on 'rustls-pemfile' which includes functionality
that was previously part of 'rustls' itself.
2022-02-22 17:30:42 -08:00
Sergio Benitez
502b11c177 Update 'x509-parser' to 0.13. 2022-02-22 13:01:05 -08:00
Sergio Benitez
2f59515752 Update 'x509-parser' to 0.12.
Closes #2100.
2022-02-22 12:51:59 -08:00
Gabriel Fontes
66d18bf665 Explicitly import 'Result' in 'context!'. 2022-02-17 16:33:36 -08:00
arlecchino
1ba41b3990 Remove 'CookieJar::get_private_pending()'.
This commit removes the 'CookieJar::get_private_pending()' method in
favor of the already existing and correct 'CookieJar::get_pending()'
method. Previously, the 'CookieJar::get_private_pending()' method
attempted to decrypt the value of a pending cookie, which in reality is
plaintext, thus failing. Because the pending value is plaintext, the
'CookieJar::get_pending()' method suffices.

Documentation has been updated to refer to 'CookieJar::get_pending()'.

Fixes #2063.
2022-02-17 11:04:30 -08:00
arlecchino
442b668a7a Update 'cookie' to '0.16'. 2022-02-17 10:57:37 -08:00
Sergio Benitez
d25a8308e5 Update 'mongodb' to '2' in 'db_pools'. 2022-02-16 11:07:05 -08:00
Sergio Benitez
543560a1f2 Update 'deadpool' dependencies in 'db_pools'. 2022-02-16 11:07:00 -08:00