The core improvement is that `Rocket::launch()` now resolves to
`Ok(Rocket<Ignite>)` on nominal shutdown. Furthermore, shutdown never
terminates the running process.
Other changes directly related to shutdown:
* Runtime worker thread names are now irrelevant to graceful shutdown.
* `ErrorKind::Runtime` was removed; `ErrorKind::Shutdown` was added.
* The `force` config value is only read from the default provider.
* If `force`, Rocket's constructed async runtime is terminated.
Other related changes:
* The exported `hyper` module docs properly reflect public re-exports.
The previous implementation allowed a trivial DoS attack in which the
client need simply maintain open connections with incomplete handshakes.
This commit resolves that by allowing a server worker to progress as
soon as a TCP connection has been established. This comes at the expense
of a more complex implementation necessitated by deficiencies in Hyper.
Potentially resolves#2118.
Previously, the heartbeat message, in its raw form, was ":\n\n". This
commit changes the message to be ":\n".
The former message, when parsed as Server-Sent Events, contained an
empty comment (as desired) _and_ a new line (erroneously). The new line
resulted in emitting any event that was presently being emitted, even if
it wasn't complete. That is, emitting an event partly, such as the
event's data but not its name. Removing the extra new line resolves this
issue and ensures that events aren't interrupted by the heartbeat.
Fixes#2152.
Prior to this commit, 'Vec', 'HashMap', and 'BTreeMap' would parse
leniently irrespetive of the requested parsing strategy. This commit
changes their behavior so that the parsing strategy is respected.
Resolves#2131.
In cc98f98, logging was changed to use a new 'write_out!' macro that
internally used 'write!' instead of 'print!' to log. This had an
unfortunate side-effect: 'libtest' via 'cargo test' no longer captures
the log output of tests.
The reason this occurs is due to the way that Cargo, or rather
`libtest`, captures log output: it uses hidden, unstable functions that
replace a special sink that `print!`, and _only_ `print!` writes to.
Using `write!` directly, as the commit does, bypasses this sink, and so
`cargo` never captures the output.
As a compromise, we only use the better implementation when we're not
compiled with `debug_assertions` or running tests, so at least tests run
in debug-mode won't spew output.
Also updates 'tokio-rustls' to a compatible version.
Additionally depends on 'rustls-pemfile' which includes functionality
that was previously part of 'rustls' itself.
This commit removes the 'CookieJar::get_private_pending()' method in
favor of the already existing and correct 'CookieJar::get_pending()'
method. Previously, the 'CookieJar::get_private_pending()' method
attempted to decrypt the value of a pending cookie, which in reality is
plaintext, thus failing. Because the pending value is plaintext, the
'CookieJar::get_pending()' method suffices.
Documentation has been updated to refer to 'CookieJar::get_pending()'.
Fixes#2063.
The primary aim of this commit is to reduce confusion between
'content::Json' and 'rocket::serde::json::Json' be renaming the former
to 'content::RawJson'. The complete changes in this PR are:
* All responders in the 'content' module are prefixed with 'Raw'.
* The 'content::Custom' responder was removed entirely.
* The 'Plain' responder is now 'RawText'.
* The 'content' API docs point to the 'serde' responders.
* The docs and examples were updated accordingly.
Previously, TLS, via 'Config::tls', was configurable even if the 'tls'
feature was disabled. This commit changes this so that the 'Config::tls'
field and TLS config structures are only available if 'tls' is enabled.
As 'FromForm' doesn't provide access to the raw, undecoded string,
'MsgPack' cannot implement 'FromForm::from_value()'. This means that it
is not presently possible to parse a MessagePack form from a query
string. As such, the 'UriDisplay<Query>' implementation was removed.
The 'UriDisplay<Query>' for JSON was fixed such that a round-trip of a
'Json<T>' as a form works as expected.
The 'FromFrom' derive now allows type generics in all positions using
the same automatic discovery technique as with 'Responder'. (In fact,
the technique was created for this derive.) Furthermore, 'FromForm' can
now be derived for unit structs.
Also adds a new 'try_with' form field validator.
Resolves#1695.
This commit presents and applies a new technique for bounding type
generics in derives. In short, for a generic `T` used in a field type of
`Field<T>`, where an eventual bound of `Responder` required, the derive
generates a bound of `Field<T>: Responder`. This removes the need for
any manually provided bounds while simultaneously allowing more
structures to typecheck. For example, generics in header components are
now fully supported.
The 'Json' type now implements:
* Clone
* PartialEq
* Eq
* PartialOrd
* Ord
* Hash
* UriDisplay<Query>
Method calls that resolve to a method in the set of traits above
previously resolved to the `Deref` target. For example, `foo.clone()`,
where `foo: Json<T>`, previously resolved to `<T as Clone>::clone()` but
now resolves to `<Json<T> as Clone>::clone()`.
'Missing' allows constructing a 'FileServer' even if the supplied path
does not exist. 'IndexFile' allows serving a single file as the index of
the mount path.
The syntax 'TypedStream![T + '_]' expands to:
impl TypedStream<Item = T> + '_
This allows seamlessly borrowing in typed streams.
Also adds 'Event::empty()', for convenience.
The improvements are:
* Point directly and immediately to the 'Responder' derive.
* Provide more discussion on lifetimes.
* Format documentation for easier scanning.
This allows responses to be sent to the client even when data is only
partially read, significantly improving the experience for the client
from one with a "connection closed" error to one with a proper response.
The consequence is a lifetime in 'Data'.
Though other non-lifetime-introducing solutions exist, the introduction
of a lifetime to 'Data' is a longstanding desire as it prevents
smuggling 'Data' into a longer-lived context. Use of 'Data' in that
context was unspecified with various runtime consequences. The addition
of a lifetime bound by the request prevents this error statically.
In summary, the changes are:
* Clients receive responses even when data isn't fully read.
* 'Data' becomes 'Data<'r>'. 'FromData' changes accordingly.
* Route 'Outcome's are strictly tied to the request lifetime.
Tangentially, the invalid length form field validation error message has
improved to format length in byte units if it exceeds 1024.
If stars aligned properly, we might imagine writing this:
#[non_exhaustive]
struct Config {
pub field: Foo,
pub other: Bar,
}
...with semantics that would allow the defining crate (here, Rocket), to
construct the structure directly while consumers would need to use
public constructors or struct update syntax:
Config {
field: Foo,
other: Bar,
..Default::default()
}
Alas, this is not the way `non_exhaustive` works on structs. You cannot
use field-update syntax to construct `Config` above. You must use public
constructors. This means builder methods or mutating an already built
struct. This is not what we want.
I don't know why it works this way. I don't see why it must. Something
something Drop.
So we have this hack from the pre-non_exhaustive era.
This resolves syntax ambiguity issues with public typed-stream macros.
Prior to this commit, greedy single-token matching by macro-rules macros
would result in certain tokens at the beginning of the macro input, such
as 'for', inadvertently triggering a '$ty' matching case resulting in
incorrect expansion.
This commit makes the following improvements to core request handling:
* Absolute target URIs are not rejected. Instead, the path and query
parts are passed through the application. This resolves an issue
where certain HTTP/2 requests would be rejected by Rocket.
* Data is never copied from the request. Previously, Rocket would copy
and allocate for incoming headers.
* Non-UTF-8 headers are dropped with a warning instead of being
lossily, and thus perhaps incorrectly, decoded as UTF-8. The final
fix is to properly support non-UTF-8 headers, no matter how in the
minority they are.
Resolves#1498.
This follows the completed graduation of stable contrib features into
core, removing 'rocket_contrib' in its entirety in favor of two new
crates. These crates are versioned independently of Rocket's core
libraries, allowing upgrades to dependencies without consideration for
versions in core libraries.
'rocket_dyn_templates' replaces the contrib 'templates' features. While
largely a 1-to-1 copy, it makes the following changes:
* the 'tera_templates' feature is now 'tera'
* the 'handlebars_templates' feature is now 'handlebars'
* fails to compile if neither 'tera' nor 'handlebars' is enabled
'rocket_sync_db_pools' replaces the contrib 'database' features. It
makes no changes to the replaced features except that the `database`
attribute is properly documented at the crate root.
This changes 'TempFile' doctests so that different file names are used
across them, avoiding race conditions where one test deletes a file
another test just created and thus expects to subsequently exist.
This has the following nice benefits:
* The 'Uuid' wrapper type is gone.
* 'Uuid' implements 'UriDisplay', 'FromUriParam'.
* The 'serialization' example merges in 'uuid'.
Resolves#1299.
The 'SpaceHelmet' fairing is now called 'Shield'. It features the
following changes and improvements:
* Headers which are now ignored by browsers are removed.
* 'XssFilter' is no longer an on-by-default policy.
* A new 'Permission' policy is introduced.
* 'Shield' is attached to all 'Rocket' instances by default.
* Default headers never allocate on 'Clone'.
* Policy headers are rendered once and cached at start-up.
* Improved use of typed URIs in policy types.
A singleton fairing is guaranteed to be the only instance of its type at
launch time. If more than one instance of a singleton fairing is
attached, only the last instance is retained.
Previously, if a panic occurred with an 'Error' on the stack, 'Error'
would panic as usual during unwinding. This resulted in a double panic.
This commit makes 'Error' detect if a panic is already occurring and
omits its own panic if it is.
This has the following nice benefits:
* The 'JsonValue' wrapper type is gone.
* 'Local{Request, Response}' natively support JSON/MessagePack.
* The 'json' and 'msgpack' limits are officially recognized.
* Soon, Rocket application will not require an explicit 'serde' dep.
This marks the beginning of the end of 'rocket_contrib'.
This commit entirely rewrites Rocket's URI parsing routines and
overhauls the 'uri!' macro resolving all known issues and removing any
potential limitations for compile-time URI creation. This commit:
* Introduces a new 'Reference' URI variant for URI-references.
* Modifies 'Redirect' to accept 'TryFrom<Reference>'.
* Introduces a new 'Asterisk' URI variant for parity.
* Allows creation of any URI type from a string literal via 'uri!'.
* Enables dynamic/static prefixing/suffixing of route URIs in 'uri!'.
* Unifies 'Segments' and 'QuerySegments' into one generic 'Segments'.
* Consolidates URI formatting types/traits into a 'uri::fmt' module.
* Makes APIs more symmetric across URI types.
It also includes the following less-relevant changes:
* Implements 'FromParam' for a single-segment 'PathBuf'.
* Adds 'FileName::is_safe()'.
* No longer reparses upstream request URIs.
Resolves#842.
Resolves#853.
Resolves#998.
Sergio Benitez
Dimitri Sabadie
Marc-Stefan Cassola
Konrad Borowski
Edgar Onghena
arlecchino
Alex Sears
Aurora
David Venhoek
Rodolphe Bréard
Gonçalo Ribeiro
Joscha
Mikail Bagishov
ThouCheese
Joakim Soderlund
John-John Tedro
PROgrm_JARvis
timando
toshokan
Jeb Rosen
Matthew Pomes