Commit Graph

421 Commits

Author SHA1 Message Date
Sergio Benitez
4e06ee64aa Test 'secret_key' validation, now on pre-launch.
Prior to this commit, it was not possible to test Rocket crates in
production mode without setting a global secret key or bypassing secret
key checking - the testing script did the latter. The consequence is
that it became impossible to test secret key related failures because
the tests passed regardless.

This commit undoes this. As a consequence, all tests are now aware of
the difference between debug and release configurations, the latter of
which validates 'secret_key' by default. New 'Client::debug()' and
'Client::debug_with()' simplify creating an instance of 'Client' with
configuration in debug mode to avoid undesired test failures.

The summary of changes in this commit are:

  * Config 'secret_key' success and failure are now tested.
  * 'secret_key' validation was moved to pre-launch from 'Config:from()'.
  * 'Config::from()' only extracts the config.
  * Added 'Config::try_from()' for non-panicking extraction.
  * 'Config' now knows the profile it was extracted from.
  * The 'Config' provider sets a profile of 'Config.profile'.
  * 'Rocket', 'Client', 'Fairings', implement 'Debug'.
  * 'fairing::Info' implements 'Copy', 'Clone'.
  * 'Fairings' keeps track of, logs attach fairings.
  * 'Rocket::reconfigure()' was added to allow modifying a config.

Internally, the testing script was refactored to properly test the
codebase with the new changes. In particular, it no longer sets a rustc
'cfg' to avoid secret-key checking.

Resolves #1543.
Fixes #1564.
2021-03-09 21:57:26 -08:00
Sergio Benitez
83ffe0f7bc Remove 'Config::profile()'. CFG 'secret_key' field.
This commit makes the `Config.secret_key` conditionally compile on the
`secrets` feature. The net effect is simplified internal code, fewer
corner-cases, and easier to write tests.

This commit removes the `Provider::profile()` implementation of
`Config`. This means that the `Config` provider no longer sets a
profile, a likely confusing behavior. The `Config::figment()` continues
to function as before.
2021-03-09 21:40:53 -08:00
Jeb Rosen
d778c2cb10 Drop embedded async 'Client' in async runtime. 2021-03-06 01:40:43 -08:00
Sergio Benitez
68b244ebdc Forward catcher, handler failure to 500 catcher.
This changes core routing so that panics in all handlers are handled by
emitting a long message explaining that panics are bad and invoking the
500 error catcher. If the 500 error catcher fails, Rocket's default 500
catcher is used.
2021-03-06 01:39:31 -08:00
Jeb Rosen
a0784b4b15 Catch and gracefully handle panics in routes and catchers. 2021-03-05 22:58:28 -08:00
Sergio Benitez
7784cc982a Allow multiple and uncased field renamings. 2021-03-05 18:09:12 -08:00
Sergio Benitez
5ed3c13240 Remove 'extern crate's in generated URI macro.
Resolves #1554.
2021-03-05 14:21:52 -08:00
Sergio Benitez
4d0042c395 Allow '<path..>' to match zero segments.
This changes core routing so that '<path..>' in a route URI matches zero
or more segments. Previously, '<path..>' matched _1_ or more.

  * Routes '$a' and '$b/<p..>' collide if $a and $b previously collided.
  * For example, '/' now collides with '/<p..>'.
  * Request '$a' matches route '$b/<p..>' if $a previously matched $b.
  * For example, request '/' matches route '/<p..>'.

Resolves #985.
2021-03-05 02:01:24 -08:00
Sergio Benitez
08ae0d0b8c Use upstream 'async-trait'. 2021-03-04 22:10:59 -08:00
Sergio Benitez
3bce76f5af Use 'Client::debug()' in more tests. 2021-03-04 21:53:22 -08:00
Sergio Benitez
67fef233a0 Fix 'rocket::local' docstring import spacing. 2021-03-04 21:53:22 -08:00
Sergio Benitez
58f365dac4 Always return 'Segments' from 'Request::segments()'.
The iterator may be empty. This changes the return type of
'Request::segments()' from 'Option<Segments>' to simply 'Segments'.

Internally also adds a 'Client::debug()' for easier request testing.
2021-03-04 21:53:22 -08:00
Sergio Benitez
5977fe1236 Impl 'Deref' to 'Request' for 'LocalRequest'. 2021-03-04 21:53:22 -08:00
Sergio Benitez
630f2c1105 Remove unused 'RouteUriError::Segment' variant. 2021-03-04 02:49:29 -08:00
Sergio Benitez
a3946377f7 Use 'UriPart::Kind' to avoid unreachable match arms. 2021-03-04 02:48:07 -08:00
Sergio Benitez
7628546ca2 Improve 'FromForm' derive error spans. 2021-03-04 02:11:06 -08:00
Sergio Benitez
398a044eb0 Complete forms documentation. Improve 'validate'.
* Add a `msg!()` macro to easily change a field validation message.
  * Allow a field to refer to itself via `self.field`.
  * Improve the various field validation traits.
2021-03-04 02:08:40 -08:00
Sergio Benitez
78e2f8a3c9 Revamp codegen, fixing inconscpicuous bugs.
This commit completely revamps the way that codegen handles route URI
"parameters". The changes are largely internal. In summary, codegen code
is better organized, better written, and less subject to error.

There are three breaking changes:
  * `path` is now `uri` in `route` attribute: `#[route(GET, path = "..")]`
    becomes `#[route(GET, uri = "..")]`.
  * the order of execution for path and query guards relative to
    each-other is now unspecified
  * URI normalization now normalizes the query part as well.

Several error messages were improved. A couple of bugs were fixed:
  * Prior to this commit, Rocket would optimistically try to parse every
    segment of a URI as an ident, in case one was needed in the future.
    A bug in rustc results in codegen "panicking" if the segment
    couldn't _lex_ as an ident. This panic didn't manifest until far
    after expansion, unfortunately. This wasn't a problem before as we
    only allowed ident-like segments (ASCII), but now that we allow any
    UTF-8, the bug surfaced. This was fixed by never attempting to parse
    non-idents as idents.
  * Prior to this commit, it was impossible to generate typed URIs for
    paths that ignored path parameters via the recently added syntax
    `<_>`: the macro would panic. This was fixed by, well, handling
    these ignored parameters.

Some minor additions:
  * Added `RawStr::find()`, expanding its `Pattern`-based API.
  * Added an internal mechanism to dynamically determine if a `UriPart`
    is `Path` or `Query`.
2021-03-04 02:01:25 -08:00
Sergio Benitez
63a14525d8 UTF-8 routes. Forms revamp. Temp files. Capped.
So. Many. Changes.

This is an insane commit: simultaneously one of the best (because of all
the wonderful improvements!) and one of the worst (because it is just
massive) in the project's history.

Routing:
  * All UTF-8 characters are accepted everywhere in route paths. (#998)
  * `path` is now `uri` in `route` attribute: `#[route(GET, path = "..")]`
    becomes `#[route(GET, uri = "..")]`.

Forms Revamp
  * All form related types now reside in a new `form` module.
  * Multipart forms are supported. (resolves #106)
  * Collections are supported in forms and queries. (resolves #205)
  * Nested structures in forms and queries are supported. (resolves #313)
  * Form fields can be ad-hoc validated with `#[field(validate = expr)]`.
  * `FromFormValue` is now `FromFormField`, blanket implements `FromForm`.
  * Form field values are always percent-decoded apriori.

Temporary Files
  * A new `TempFile` data and form guard allows streaming data directly to a
    file which can then be persisted.
  * A new `temp_dir` config parameter specifies where to store `TempFile`.
  * The limits `file` and `file/$ext`, where `$ext` is the file extension,
    determines the data limit for a `TempFile`.

Capped
  * A new `Capped` type is used to indicate when data has been truncated due to
    incoming data limits. It allows checking whether data is complete or
    truncated.
  * `DataStream` methods return `Capped` types.
  * `DataStream` API has been revamped to account for `Capped` types.
  * Several `Capped<T>` types implement `FromData`, `FromForm`.
  * HTTP 413 (Payload Too Large) errors are now returned when data limits are
    exceeded. (resolves #972)

Hierarchical Limits
  * Data limits are now hierarchical, delimited with `/`. A limit of `a/b/c`
    falls back to `a/b` then `a`.

Core
  * `&RawStr` no longer implements `FromParam`.
  * `&str` implements `FromParam`, `FromData`, `FromForm`.
  * `FromTransformedData` was removed.
  * `FromData` gained a lifetime for use with request-local data.
  * The default error HTML is more compact.
  * `&Config` is a request guard.
  * The `DataStream` interface was entirely revamped.
  * `State` is only exported via `rocket::State`.
  * A `request::local_cache!()` macro was added for storing values in
    request-local cache without consideration for type uniqueness by using a
    locally generated anonymous type.
  * `Request::get_param()` is now `Request::param()`.
  * `Request::get_segments()` is now `Request::segments()`, takes a range.
  * `Request::get_query_value()` is now `Request::query_value()`, can parse any
    `FromForm` including sequences.
  * `std::io::Error` implements `Responder` like `Debug<std::io::Error>`.
  * `(Status, R)` where `R: Responder` implements `Responder` by overriding the
    `Status` of `R`.
  * The name of a route is printed first during route matching.
  * `FlashMessage` now only has one lifetime generic.

HTTP
  * `RawStr` implements `serde::{Serialize, Deserialize}`.
  * `RawStr` implements _many_ more methods, in particular, those related to the
    `Pattern` API.
  * `RawStr::from_str()` is now `RawStr::new()`.
  * `RawStr::url_decode()` and `RawStr::url_decode_lossy()` only allocate as
    necessary, return `Cow`.
  * `Status` implements `Default` with `Status::Ok`.
  * `Status` implements `PartialEq`, `Eq`, `Hash`, `PartialOrd`, `Ord`.
  * Authority and origin part of `Absolute` can be modified with new
    `Absolute::{with,set}_authority()`, `Absolute::{with,set}_origin()` methods.
  * `Origin::segments()` was removed in favor of methods split into query and
    path parts and into raw and decoded versions.
  * The `Segments` iterator is smarter, returns decoded `&str` items.
  * `Segments::into_path_buf()` is now `Segments::to_path_buf()`.
  * A new `QuerySegments` is the analogous query segment iterator.
  * Once set, `expires` on private cookies is not overwritten. (resolves #1506)
  * `Origin::path()` and `Origin::query()` return `&RawStr`, not `&str`.

Codegen
  * Preserve more spans in `uri!` macro.
  * Preserve spans `FromForm` field types.
  * All dynamic parameters in a query string must typecheck as `FromForm`.
  * `FromFormValue` derive removed; `FromFormField` added.
  * The `form` `FromForm` and `FromFormField` field attribute is now named
    `field`. `#[form(field = ..)]` is now `#[field(name = ..)]`.

Contrib
  * `Json` implements `FromForm`.
  * `MsgPack` implements `FromForm`.
  * The `json!` macro is exported as `rocket_contrib::json::json!`.
  * Added clarifying docs to `StaticFiles`.

Examples
  * `form_validation` and `form_kitchen_sink` removed in favor of `forms`.
  * The `hello_world` example uses unicode in paths.
  * The `json` example only allocates as necessary.

Internal
  * Codegen uses new `exports` module with the following conventions:
    - Locals starts with `__` and are lowercased.
    - Rocket modules start with `_` and are lowercased.
    - `std` types start with `_` and are titlecased.
    - Rocket types are titlecased.
  * A `header` module was added to `http`, contains header types.
  * `SAFETY` is used as doc-string keyword for `unsafe` related comments.
  * The `Uri` parser no longer recognizes Rocket route URIs.
2021-03-04 01:51:21 -08:00
Jeb Rosen
9d45e786bb Update 'rand' dependency to 0.8. 2021-02-28 16:34:38 -08:00
Rudi Floren
e332ee83da Add missing lifetime parameter in codegen for routes and catchers.
This is linted against by `elided_lifetimes_in_paths`, which is not
enabled by default but is part of the `rust_2018_idioms` lint group.
2021-02-28 15:59:45 -08:00
Jeb Rosen
87f03d3b26 Update UI tests for latest nightly and 'pear' error messages. 2021-02-26 22:15:37 -08:00
ami-GS
38e4067a58 Fix invalid JSON syntax in doc examples: remove trailing commas. 2021-02-20 12:01:44 -08:00
Jeb Rosen
453fa037da Update UI tests for latest stable. 2021-02-20 12:01:44 -08:00
Sergio Benitez
aaea84d750 Check profile in jail to avoid env races. 2021-02-19 12:49:39 -08:00
Sergio Benitez
2a49368313 Update UI tests for latest nightly. 2021-02-09 17:17:44 -08:00
Sergio Benitez
0af25bfb6d Move derive attribute after derive. 2021-02-09 17:17:26 -08:00
Sergio Benitez
e325e2fce4 Fix soundness issue: make 'Formatter' panic-safe.
Fixes #1534.
2021-02-09 16:58:34 -08:00
Sergio Benitez
c24f15c18f Add regression test for #1503.
Closes #1503.
2021-01-14 15:15:57 -08:00
Sergio Benitez
407e346a6a Clean up 'on_launch_fairing_can_inspect_port' test. 2021-01-13 17:20:44 -08:00
Filip Gospodinov
48fd83a31d Run launch fairings after effective port is known. 2021-01-13 17:20:33 -08:00
Sergio Benitez
43ade920c5 Warn when deprecated profiles are set. 2021-01-13 16:21:36 -08:00
Sergio Benitez
28976a5bd3 Preserve 'secret_key' in 'Config' provider data.
Also fixes emission of 'secret_key' warnings when 'secrets' feature is
disabled.

Resolves #1505.
Fixes #1510.
2021-01-13 16:01:39 -08:00
Jeb Rosen
92af8fca72 Update to 'tokio' 1.0, 'hyper' 0.14. 2021-01-13 15:22:16 -08:00
Sergio Benitez
031948c1da Remove superfluous semicolons. 2021-01-13 14:30:08 -08:00
Brendon Federko
cb33429ce4 Enable 'std' 'indexmap' feature. 2021-01-12 14:52:37 -08:00
Brendon Federko
e68a951a54 Upodate tests for latest stable. 2021-01-12 14:52:34 -08:00
Sergio Benitez
9671115796 Use 'workers' value from 'Config::figment()'.
This commit also improves config pretty-printing and warning messages.
It also fixes an issue that resulted in config value deprecation
warnings not being emitted. The 'workers' value is now a 'usize', not a
'u16'; contrib pool sizes now default to 'workers * 2'.

Closes #1470.
2020-12-24 15:58:48 -08:00
Jeb Rosen
1f1f44f336 Update UI tests for latest stable. 2020-11-21 12:42:57 -08:00
Sergio Benitez
fa77435187 Bust cache on 'Request::{add,replace}_header()'.
Also changes 'Header::name()' to return '&UncasedStr'.

Resolves #518.
2020-11-05 21:03:58 -08:00
Sergio Benitez
86ff66a69c Streamline raw identifier support in codegen. 2020-11-03 12:07:23 -08:00
Jeb Rosen
97f6bc5dc0 Support raw identifiers in forms, routes, uri.
Resolves #881.
2020-11-03 01:42:37 -08:00
Sergio Benitez
b5e4dded8a Accept browser-sent unencoded query characters.
Closes #941.

Co-authored-by: Vladimir Ignatev <ya.na.pochte@gmail.com>
2020-11-02 15:08:33 -08:00
Sergio Benitez
949bb01e2d Generate path encoding set using 'const fn'.
Co-authored-by: Jakub Wieczorek <jakub.adam.wieczorek@gmail.com>
2020-11-01 21:26:31 -08:00
Sergio Benitez
337e8843a4 Use 'Option', 'Result' directly in 'uri!' query.
Prior to this commit, the conversion 'T -> Option<T>' was applied in
both the path and query parts of a URI in the 'uri' macro via the
'FromUriParam' trait with no implementation for 'Option<T>' directly.
This meant that it was impossible to directly render an 'Option<T>'.
This was exactly desired for the path part, where rendering a 'None'
would yield an incorrect URI, but the restriction was too strict for the
query part, where a 'None' is entirely valid. This commit makes changes
the conversion so that it only applied to path parts and adds the
identity conversions for 'Option<T>' and 'Result<T, E>' for query parts.

The side effect is a breaking change: due to conflicting impls, the 'T'
to 'Option<T>' conversion was removed for query parts. Thus, all 'uri!'
query route arguments of type 'Option' or 'Result' must now be wrapped
in 'Some' or 'Ok'. Due to new 'Option<T> <-> Result<T, E>' conversions,
either 'Some' _and_ 'Ok' work in both contexts.

Closes #1420.
2020-11-01 10:30:30 -08:00
Sergio Benitez
edc91f65b7 Mimic Rocket's config in custom providers example. 2020-10-30 03:08:26 -07:00
Sergio Benitez
55b651bd70 Use 'rocket::custom()' for 'State' tests. 2020-10-30 02:49:00 -07:00
Jonty
b7565172eb Impl 'Clone' for 'State'.
Resolves #1411.
2020-10-30 02:16:24 -07:00
Sergio Benitez
a6f5a63535 Add tests for ignored parameters '<_>'.
Co-authored-by: timokoesters <timo@koesters.xyz>
2020-10-30 00:47:41 -07:00
Sergio Benitez
8e8fb4cae8 Allow ignored route path segments.
Co-authored-by: timokoesters <timo@koesters.xyz>
2020-10-30 00:06:39 -07:00