This is a breaking change.
This commit introduces `RawStr` to forms. In particular, after this
commit, the `&str` type no longer implements `FromFormValue`, and so it
cannot be used as a field in forms. Instad, the `&RawStr` can be used.
The `FormItems` iterator now returns an `(&RawStr, &RawStr)` pair.
This commit involves several breaking changes:
* `session_key` config param must be a 256-bit base64 encoded string.
* `FromRequest` is implemented for `Cookies`, not `Cookie`.
* Only a single `Cookies` instance can be retrieved at a time.
* `Config::take_session_key` returns a `Vec<u8>`.
* `Into<Header>` is implemented for `&Cookie`, not `Cookie`.
This commit changes the way Rocket parses form items. In particular, it now
(liberally) validates form strings, returning a Bad Request on malformed inputs
and Unprocessable Entity on bad parses.
The 'FormItems' iterator was modified to accomodate this. The iterator is now
initialized using 'from': 'FormItems::from(form_string)'. The iterator can be
queried to check for a complete parse using either 'completed()' or
'exhausted()', the latter of which will consume valid keys/values and return
true only if the entire string was consumed.
The 'FromForm' trait now takes a mutable borrow to a 'FormItems' iterator.
The 'Form' and 'FormForm' implementation for 'Form' were modified to use the new
iterfaces and check for 'exhausted' after a parse, returning a Bad Request error
if the iterator cannot be exhausted.
Resolves#46.
In #134, @tunz discovered that Rocket does not properly prevent path traversal
or local file inclusion attacks. The issue is caused by a failure to check for
some dangerous characters after decoding. In this case, the path separator '/'
was left as-is after decoding. As such, an attacker could construct a path with
containing any number of `..%2f..` sequences to traverse the file system.
This commit resolves the issue by ensuring that the decoded segment does not
contains any `/` characters. It further hardens the `FromSegments`
implementation by checking for additional risky characters: ':', '>', '<' as the
last character, and '\' on Windows. This is in addition to the already present
checks for '.' and '*' as the first character.
The behavior for a failing check has also changed. Previously, Rocket would skip
segments that contained illegal characters. In this commit, the implementation
instead return an error.
The `Error` type of the `PathBuf::FromSegment` implementations was changed to a
new `SegmentError` type that indicates the condition that failed.
Closes#134.
This commit includes the following important API changes:
* The `form` route parameter has been removed.
* The `data` route parameter has been added.
* Forms are not handled via the `data` parameter and `Form` type.
* Removed the `data` parameter from `Request`.
* Added `FromData` conversion trate and default implementation.
* Added `DataOutcome` enum, which is the return type of `from_data`.
* 'FromData' is now used to automatically derive the `data` parameter.
* Moved `form` into `request` module.
* Removed `Failure::new` in favor of direct value construction.
This commit includes the following important package additions:
* Added a 'raw_upload' example.
* `manual_routes` example uses `Data` parameter.
* Now building and running tests with `--all-features` flag.
* All exmaples have been updated to latest API.
* Now using upstream Tera.
This commit includes the following important fixes:
* Any valid ident is now allowed in single-parameter route parameters.
* Lifetimes are now properly stripped in code generation.
* `FromForm` derive now works on empty structs.
Summary of changes:
* Request no longer has a lifetime parameter.
* Handler type now includes a `Data` parameter.
* Response is now an enum that is either `Complete` or `Forward`.
* Outcome enum is now one of: Success, Failure, Forward.
* Outcome::Foward for Responses must include StatusCode.
* Responders are now final: they cannot forward to requests. (!!)
* Responsers may only forward to catchers. (!!)
* Response no longer provides wrapping methods.
* Route is now cloneable.
This change is fundamental to enabling streaming requests.
* All From* trait methods are now named like the trait.
* All From* traits have an associated Error type.
* Document all of the `form` module.
* Add codegen tests for auto-derived forms.
* The param parsing traits now live under Request.
Sergio Benitez