Sessions
--------
This commit removes the `Session` type in favor of methods on the
`Cookies` types that allow for adding, removing, and getting private
(signed and encrypted) cookies. These methods provide a superset of
the functionality of `Session` while also being a minimal addition to
the existing API. They can be used to implement the previous `Session`
type as well as other forms of session storage. The new methods are:
* Cookie::add_private(&mut self, Cookie)
* Cookie::remove_private(&mut self, Cookie)
* Cookie::get_private(&self, &str)
Resolves#20
Testing
-------
This commit removes the `rocket::testing` module. It adds the
`rocket::local` module which provides a `Client` type for local
dispatching of requests against a `Rocket` instance. This `local`
package subsumes the previous `testing` package.
Rocket Examples
---------------
The `forms`, `optional_result`, and `hello_alt_methods` examples have
been removed. The following example have been renamed:
* extended_validation -> form_validation
* hello_ranks -> ranking
* from_request -> request_guard
* hello_tls -> tls
Other Changes
-------------
This commit also includes the following smaller changes:
* Config::{development, staging, production} constructors have been
added for easier creation of default `Config` structures.
* The `Config` type is exported from the root.
* `Request` implements `Clone` and `Debug`.
* `Request::new` is no longer exported.
* A `Response::body_bytes` method was added to easily retrieve a
response's body as a `Vec<u8>`.
This commit also adds the `base` field to `Route` which allows the
base mount point to be retrieved. Finally, this commits adds an
implementation of `FromRequest` for `Route` which returns the active
route if one is available or forwards otherwise.
This commit is a breaking change: it makes `Request` and `MockRequest`
invariant over the lifetime `'r`. While this shouldn't affect most
applications, it may affect some.
Resolves#108.
Differential and causal profiling determined that 35% of `Hello, world!`
dispatch time was spent rendering `Content-Type` due to many calls to `fmt` in
`MediaType::Display` and an allocation in `ContentType::Into<Header>`. This
change reduces the number of calls to `fmt` to 1 in `MediaType::Display` and
removes the allocation in `Into<Header>` for known media types.
This change also caches a `Rocket` "precheck" so that pre-dispatch checks are
done only a single time for a given `Rocket` instance, further reducing
`MockRequest::dispatch_with` time for "Hello, world!" by roughly 15%.
This commit includes two major changes to core:
1. Configuration state is no longer global. The `config::active()`
function has been removed. The active configuration can be
retrieved via the `config` method on a `Rocket` instance.
2. The `Responder` trait has changed. `Responder::respond(self)` has
been removed in favor of `Responder::respond_to(self, &Request)`.
This allows responders to dynamically adjust their response based
on the incoming request.
Additionally, it includes the following changes to core and codegen:
* The `Request::guard` method was added to allow for simple
retrivial of request guards.
* The `Request::limits` method was added to retrieve configured
limits.
* The `File` `Responder` implementation now uses a fixed size body
instead of a chunked body.
* The `Outcome::of<R: Responder>(R)` method was removed while
`Outcome::from<R: Responder(&Request, R)` was added.
* The unmounted and unmanaged limits are more cautious: they will only
emit warnings when the `Rocket` receiver is known.
This commit includes one major change to contrib:
1. To use contrib's templating, the fairing returned by
`Template::fairing()` must be attached to the running Rocket
instance.
Additionally, the `Display` implementation of `Template` was removed. To
directly render a template to a `String`, the new `Template::show`
method can be used.
Modifying the `Rocket` structure just before launch doesn't make sense for
several reasons: 1) those affects can't influence the launch, and 2) they won't
be observed in tests. Thus, an `Attach` fairing kind was added that ameliorates
these issues.
This is a breaking change.
The `testing` feature no longer exists. Testing structures can now be
accessed without any features enabled.
Prior to this change, Rocket would panic when draining from a network
stream failed. With this change, Rocket force closes the stream on any
error.
This change also ensures that the `Fairings` launch output only prints
if at least one fairing has been attached.
This is a breaking change to `IntoOutcome`.
The MsgPack and JSON types now use `into_outcome` to generate the final
`Outcome` from their `FromData` implementations.
Resolves#98.
This is a breaking change. A call to `Response::headers()` can be
replaced with `Response::headers().iter()`. A call to
`Response::header_values()` can be replaced with
`Response::headers().get()`.
This is a breaking change. `Request::content_type` now returns a borrow
to `ContentType`. `FromRequest` for `ContentType` is no longer
implemented. Instead, `FromRequest` for `&ContentType` is implemented.
This commit introduces TLS support, provided by `rustls` and a fork of
`hyper-rustls`. TLS support is enabled via the `tls` feature and
activated when the `tls` configuration parameter is set. A new
`hello_tls` example illustrates its usage.
This commit also introduces more robust and complete configuration
settings via environment variables. In particular, quoted string,
array, and table (dictionaries) based configuration parameters can now
be set via environment variables.
Resolves#28.
This is a breaking change.
This commit introduces `RawStr` to forms. In particular, after this
commit, the `&str` type no longer implements `FromFormValue`, and so it
cannot be used as a field in forms. Instad, the `&RawStr` can be used.
The `FormItems` iterator now returns an `(&RawStr, &RawStr)` pair.
This is a breaking change.
This commit changes the meaning of the `format` route attribute when
used on non-payload carrying requests (GET, HEAD, CONNECT, TRACE, and
OPTIONS) so that it matches against the preferred media type in the
`Accept` header of the request. The preferred media type is computed
according to the HTTP 1.1 RFC, barring a few specificty rules to come.
This is a breaking change. It modifies collisions with respect to query
parameters as well as the default ranking of routes.
A route that does not specify query parameters will now match against
requests with _and without_ query parameters, assuming all other
elements of the route match as well. A route that _does_ specify query
parameters will only match requests with query parameters; this remains
true.
To accommodate this change in the most natural manner possible, the
default rankings of routes have changed as illustrated below:
|-------------+-------+----------+---------------|
| static path | query | new rank | previous rank |
|-------------+-------+----------+---------------|
| yes | yes | -4 | 0 |
| yes | no | -3 | 0 |
| no | yes | -2 | 1 |
| no | no | -1 | 1 |
|-------------+-------+----------+---------------|
In other words, the most specific routes, with preference for paths over
queries, are ranked highest (lower number).
This is a (minor) breaking change. If `rocket.launch()` is the last expression
in a function, the return type will change from `()` to `LaunchError`. A simple
workaround that preserves the previous functionality is to simply add a
semicolon after `launch()`: `rocket.launch();`.
resolves#34
This commit includes the following additions:
* A `session` example was added.
* `Config::take_session_key` was removed.
* If a `session_key` is not supplied, one is automatically generated.
* The `Session` type implements signed, encrypted sessions.
* A `Session` can be retrieved via its request guard.
This commit involves several breaking changes:
* `session_key` config param must be a 256-bit base64 encoded string.
* `FromRequest` is implemented for `Cookies`, not `Cookie`.
* Only a single `Cookies` instance can be retrieved at a time.
* `Config::take_session_key` returns a `Vec<u8>`.
* `Into<Header>` is implemented for `&Cookie`, not `Cookie`.
This commit changes the way Rocket parses form items. In particular, it now
(liberally) validates form strings, returning a Bad Request on malformed inputs
and Unprocessable Entity on bad parses.
The 'FormItems' iterator was modified to accomodate this. The iterator is now
initialized using 'from': 'FormItems::from(form_string)'. The iterator can be
queried to check for a complete parse using either 'completed()' or
'exhausted()', the latter of which will consume valid keys/values and return
true only if the entire string was consumed.
The 'FromForm' trait now takes a mutable borrow to a 'FormItems' iterator.
The 'Form' and 'FormForm' implementation for 'Form' were modified to use the new
iterfaces and check for 'exhausted' after a parse, returning a Bad Request error
if the iterator cannot be exhausted.
Resolves#46.
This commit changes the routing algorithm. In particular, it enforces
precise matching of formats. With this change, a route with a specified
format only matches requests that have the same format specified. A
route with no format specified matches any request's format. This is
contrast to the previous behavior, where a route without a specified
format would match requests regardless of their format or whether one
was specified.
This commit also changes the following:
* The return type of the 'content_type' method of 'Request' is now
'Option<ContentType>'.
* The 'ContentType' request guard forwards when the request has no
specified ContentType.
* The 'add_header' and 'replace_header' methods take the header
argument generically.
Closes#120.
A few interesting notes on this breakage:
* `Cookie` how has a lifetime. It should be `'static'` everywhere.
* The `SetCookie` header is no longer reexported.
* Instead, `Cookie` implements `Into<Header>` for Set-Cookie.
In #134, @tunz discovered that Rocket does not properly prevent path traversal
or local file inclusion attacks. The issue is caused by a failure to check for
some dangerous characters after decoding. In this case, the path separator '/'
was left as-is after decoding. As such, an attacker could construct a path with
containing any number of `..%2f..` sequences to traverse the file system.
This commit resolves the issue by ensuring that the decoded segment does not
contains any `/` characters. It further hardens the `FromSegments`
implementation by checking for additional risky characters: ':', '>', '<' as the
last character, and '\' on Windows. This is in addition to the already present
checks for '.' and '*' as the first character.
The behavior for a failing check has also changed. Previously, Rocket would skip
segments that contained illegal characters. In this commit, the implementation
instead return an error.
The `Error` type of the `PathBuf::FromSegment` implementations was changed to a
new `SegmentError` type that indicates the condition that failed.
Closes#134.
This commit also includes the following changes:
* `FromRequest` for `SocketAddr` implemented: extracts remote address.
* All built-in `FromRequest` implementations are documented.
* Request preprocessing overrides remote IP with value from X-Real-IP header.
* `MockRequest` allows setting the remote address with `remote()`.
Resolves#38.