Sessions
--------
This commit removes the `Session` type in favor of methods on the
`Cookies` types that allow for adding, removing, and getting private
(signed and encrypted) cookies. These methods provide a superset of
the functionality of `Session` while also being a minimal addition to
the existing API. They can be used to implement the previous `Session`
type as well as other forms of session storage. The new methods are:
* Cookie::add_private(&mut self, Cookie)
* Cookie::remove_private(&mut self, Cookie)
* Cookie::get_private(&self, &str)
Resolves#20
Testing
-------
This commit removes the `rocket::testing` module. It adds the
`rocket::local` module which provides a `Client` type for local
dispatching of requests against a `Rocket` instance. This `local`
package subsumes the previous `testing` package.
Rocket Examples
---------------
The `forms`, `optional_result`, and `hello_alt_methods` examples have
been removed. The following example have been renamed:
* extended_validation -> form_validation
* hello_ranks -> ranking
* from_request -> request_guard
* hello_tls -> tls
Other Changes
-------------
This commit also includes the following smaller changes:
* Config::{development, staging, production} constructors have been
added for easier creation of default `Config` structures.
* The `Config` type is exported from the root.
* `Request` implements `Clone` and `Debug`.
* `Request::new` is no longer exported.
* A `Response::body_bytes` method was added to easily retrieve a
response's body as a `Vec<u8>`.
This is a breaking change.
The `testing` feature no longer exists. Testing structures can now be
accessed without any features enabled.
Prior to this change, Rocket would panic when draining from a network
stream failed. With this change, Rocket force closes the stream on any
error.
This change also ensures that the `Fairings` launch output only prints
if at least one fairing has been attached.
This is a breaking change. `Request::content_type` now returns a borrow
to `ContentType`. `FromRequest` for `ContentType` is no longer
implemented. Instead, `FromRequest` for `&ContentType` is implemented.
This commit introduces TLS support, provided by `rustls` and a fork of
`hyper-rustls`. TLS support is enabled via the `tls` feature and
activated when the `tls` configuration parameter is set. A new
`hello_tls` example illustrates its usage.
This commit also introduces more robust and complete configuration
settings via environment variables. In particular, quoted string,
array, and table (dictionaries) based configuration parameters can now
be set via environment variables.
Resolves#28.
This is a breaking change.
This commit changes the meaning of the `format` route attribute when
used on non-payload carrying requests (GET, HEAD, CONNECT, TRACE, and
OPTIONS) so that it matches against the preferred media type in the
`Accept` header of the request. The preferred media type is computed
according to the HTTP 1.1 RFC, barring a few specificty rules to come.
This commit includes the following additions:
* A `session` example was added.
* `Config::take_session_key` was removed.
* If a `session_key` is not supplied, one is automatically generated.
* The `Session` type implements signed, encrypted sessions.
* A `Session` can be retrieved via its request guard.
This commit involves several breaking changes:
* `session_key` config param must be a 256-bit base64 encoded string.
* `FromRequest` is implemented for `Cookies`, not `Cookie`.
* Only a single `Cookies` instance can be retrieved at a time.
* `Config::take_session_key` returns a `Vec<u8>`.
* `Into<Header>` is implemented for `&Cookie`, not `Cookie`.
This commit changes the way Rocket parses form items. In particular, it now
(liberally) validates form strings, returning a Bad Request on malformed inputs
and Unprocessable Entity on bad parses.
The 'FormItems' iterator was modified to accomodate this. The iterator is now
initialized using 'from': 'FormItems::from(form_string)'. The iterator can be
queried to check for a complete parse using either 'completed()' or
'exhausted()', the latter of which will consume valid keys/values and return
true only if the entire string was consumed.
The 'FromForm' trait now takes a mutable borrow to a 'FormItems' iterator.
The 'Form' and 'FormForm' implementation for 'Form' were modified to use the new
iterfaces and check for 'exhausted' after a parse, returning a Bad Request error
if the iterator cannot be exhausted.
Resolves#46.
A few interesting notes on this breakage:
* `Cookie` how has a lifetime. It should be `'static'` everywhere.
* The `SetCookie` header is no longer reexported.
* Instead, `Cookie` implements `Into<Header>` for Set-Cookie.
Sergio Benitez
Giovanni Capuano