Commit Graph

307 Commits

Author SHA1 Message Date
Sergio Benitez 9c678e606b Track and log catcher names. 2021-03-15 02:27:53 -07:00
Sergio Benitez 304e65ac72 Catch panics that occur before future is returned.
In the course of resolving this issue, double-boxing of handlers was
discovered and removed.
2021-03-15 02:20:48 -07:00
Sergio Benitez 70b42e6f0e Remove second lifetime from 'FromRequest'.
While offering some utility, the lifetime did not carry its weight, and
in practice offered no further ability to borrow. This greatly
simplifies request guard implementations.
2021-03-14 19:57:59 -07:00
Sergio Benitez e532f4e2b3 Disallow defaults in strict forms.
Partially resolves #1536.
2021-03-11 02:03:13 -08:00
Sergio Benitez a0e4c9677c Allow dynamic route names. Log 'StaticFiles' root. 2021-03-10 18:40:38 -08:00
Sergio Benitez 191b93498e Remove boxed futures in server, use async fn. 2021-03-10 16:31:32 -08:00
Sergio Benitez 3c25326917 Log only non-empty fairing classes. 2021-03-10 02:30:13 -08:00
Sergio Benitez 497c4765f2 Fix typo in 'Rocket::ignite()' docs. 2021-03-10 02:16:59 -08:00
Sergio Benitez bc38196f8d Generate a secret key in debug only if it is zero.
This prevents printing a secret key warning if a secret key was
generated, as is done by Rocket itself. This does not change any
behaviors in non-debug profiles.
2021-03-10 02:13:50 -08:00
Sergio Benitez 4e06ee64aa Test 'secret_key' validation, now on pre-launch.
Prior to this commit, it was not possible to test Rocket crates in
production mode without setting a global secret key or bypassing secret
key checking - the testing script did the latter. The consequence is
that it became impossible to test secret key related failures because
the tests passed regardless.

This commit undoes this. As a consequence, all tests are now aware of
the difference between debug and release configurations, the latter of
which validates 'secret_key' by default. New 'Client::debug()' and
'Client::debug_with()' simplify creating an instance of 'Client' with
configuration in debug mode to avoid undesired test failures.

The summary of changes in this commit are:

  * Config 'secret_key' success and failure are now tested.
  * 'secret_key' validation was moved to pre-launch from 'Config:from()'.
  * 'Config::from()' only extracts the config.
  * Added 'Config::try_from()' for non-panicking extraction.
  * 'Config' now knows the profile it was extracted from.
  * The 'Config' provider sets a profile of 'Config.profile'.
  * 'Rocket', 'Client', 'Fairings', implement 'Debug'.
  * 'fairing::Info' implements 'Copy', 'Clone'.
  * 'Fairings' keeps track of, logs attach fairings.
  * 'Rocket::reconfigure()' was added to allow modifying a config.

Internally, the testing script was refactored to properly test the
codebase with the new changes. In particular, it no longer sets a rustc
'cfg' to avoid secret-key checking.

Resolves #1543.
Fixes #1564.
2021-03-09 21:57:26 -08:00
Sergio Benitez 83ffe0f7bc Remove 'Config::profile()'. CFG 'secret_key' field.
This commit makes the `Config.secret_key` conditionally compile on the
`secrets` feature. The net effect is simplified internal code, fewer
corner-cases, and easier to write tests.

This commit removes the `Provider::profile()` implementation of
`Config`. This means that the `Config` provider no longer sets a
profile, a likely confusing behavior. The `Config::figment()` continues
to function as before.
2021-03-09 21:40:53 -08:00
Jeb Rosen d778c2cb10 Drop embedded async 'Client' in async runtime. 2021-03-06 01:40:43 -08:00
Sergio Benitez 68b244ebdc Forward catcher, handler failure to 500 catcher.
This changes core routing so that panics in all handlers are handled by
emitting a long message explaining that panics are bad and invoking the
500 error catcher. If the 500 error catcher fails, Rocket's default 500
catcher is used.
2021-03-06 01:39:31 -08:00
Jeb Rosen a0784b4b15 Catch and gracefully handle panics in routes and catchers. 2021-03-05 22:58:28 -08:00
Sergio Benitez 4d0042c395 Allow '<path..>' to match zero segments.
This changes core routing so that '<path..>' in a route URI matches zero
or more segments. Previously, '<path..>' matched _1_ or more.

  * Routes '$a' and '$b/<p..>' collide if $a and $b previously collided.
  * For example, '/' now collides with '/<p..>'.
  * Request '$a' matches route '$b/<p..>' if $a previously matched $b.
  * For example, request '/' matches route '/<p..>'.

Resolves #985.
2021-03-05 02:01:24 -08:00
Sergio Benitez 08ae0d0b8c Use upstream 'async-trait'. 2021-03-04 22:10:59 -08:00
Sergio Benitez 3bce76f5af Use 'Client::debug()' in more tests. 2021-03-04 21:53:22 -08:00
Sergio Benitez 67fef233a0 Fix 'rocket::local' docstring import spacing. 2021-03-04 21:53:22 -08:00
Sergio Benitez 58f365dac4 Always return 'Segments' from 'Request::segments()'.
The iterator may be empty. This changes the return type of
'Request::segments()' from 'Option<Segments>' to simply 'Segments'.

Internally also adds a 'Client::debug()' for easier request testing.
2021-03-04 21:53:22 -08:00
Sergio Benitez 5977fe1236 Impl 'Deref' to 'Request' for 'LocalRequest'. 2021-03-04 21:53:22 -08:00
Sergio Benitez 630f2c1105 Remove unused 'RouteUriError::Segment' variant. 2021-03-04 02:49:29 -08:00
Sergio Benitez 398a044eb0 Complete forms documentation. Improve 'validate'.
* Add a `msg!()` macro to easily change a field validation message.
  * Allow a field to refer to itself via `self.field`.
  * Improve the various field validation traits.
2021-03-04 02:08:40 -08:00
Sergio Benitez 78e2f8a3c9 Revamp codegen, fixing inconscpicuous bugs.
This commit completely revamps the way that codegen handles route URI
"parameters". The changes are largely internal. In summary, codegen code
is better organized, better written, and less subject to error.

There are three breaking changes:
  * `path` is now `uri` in `route` attribute: `#[route(GET, path = "..")]`
    becomes `#[route(GET, uri = "..")]`.
  * the order of execution for path and query guards relative to
    each-other is now unspecified
  * URI normalization now normalizes the query part as well.

Several error messages were improved. A couple of bugs were fixed:
  * Prior to this commit, Rocket would optimistically try to parse every
    segment of a URI as an ident, in case one was needed in the future.
    A bug in rustc results in codegen "panicking" if the segment
    couldn't _lex_ as an ident. This panic didn't manifest until far
    after expansion, unfortunately. This wasn't a problem before as we
    only allowed ident-like segments (ASCII), but now that we allow any
    UTF-8, the bug surfaced. This was fixed by never attempting to parse
    non-idents as idents.
  * Prior to this commit, it was impossible to generate typed URIs for
    paths that ignored path parameters via the recently added syntax
    `<_>`: the macro would panic. This was fixed by, well, handling
    these ignored parameters.

Some minor additions:
  * Added `RawStr::find()`, expanding its `Pattern`-based API.
  * Added an internal mechanism to dynamically determine if a `UriPart`
    is `Path` or `Query`.
2021-03-04 02:01:25 -08:00
Sergio Benitez 63a14525d8 UTF-8 routes. Forms revamp. Temp files. Capped.
So. Many. Changes.

This is an insane commit: simultaneously one of the best (because of all
the wonderful improvements!) and one of the worst (because it is just
massive) in the project's history.

Routing:
  * All UTF-8 characters are accepted everywhere in route paths. (#998)
  * `path` is now `uri` in `route` attribute: `#[route(GET, path = "..")]`
    becomes `#[route(GET, uri = "..")]`.

Forms Revamp
  * All form related types now reside in a new `form` module.
  * Multipart forms are supported. (resolves #106)
  * Collections are supported in forms and queries. (resolves #205)
  * Nested structures in forms and queries are supported. (resolves #313)
  * Form fields can be ad-hoc validated with `#[field(validate = expr)]`.
  * `FromFormValue` is now `FromFormField`, blanket implements `FromForm`.
  * Form field values are always percent-decoded apriori.

Temporary Files
  * A new `TempFile` data and form guard allows streaming data directly to a
    file which can then be persisted.
  * A new `temp_dir` config parameter specifies where to store `TempFile`.
  * The limits `file` and `file/$ext`, where `$ext` is the file extension,
    determines the data limit for a `TempFile`.

Capped
  * A new `Capped` type is used to indicate when data has been truncated due to
    incoming data limits. It allows checking whether data is complete or
    truncated.
  * `DataStream` methods return `Capped` types.
  * `DataStream` API has been revamped to account for `Capped` types.
  * Several `Capped<T>` types implement `FromData`, `FromForm`.
  * HTTP 413 (Payload Too Large) errors are now returned when data limits are
    exceeded. (resolves #972)

Hierarchical Limits
  * Data limits are now hierarchical, delimited with `/`. A limit of `a/b/c`
    falls back to `a/b` then `a`.

Core
  * `&RawStr` no longer implements `FromParam`.
  * `&str` implements `FromParam`, `FromData`, `FromForm`.
  * `FromTransformedData` was removed.
  * `FromData` gained a lifetime for use with request-local data.
  * The default error HTML is more compact.
  * `&Config` is a request guard.
  * The `DataStream` interface was entirely revamped.
  * `State` is only exported via `rocket::State`.
  * A `request::local_cache!()` macro was added for storing values in
    request-local cache without consideration for type uniqueness by using a
    locally generated anonymous type.
  * `Request::get_param()` is now `Request::param()`.
  * `Request::get_segments()` is now `Request::segments()`, takes a range.
  * `Request::get_query_value()` is now `Request::query_value()`, can parse any
    `FromForm` including sequences.
  * `std::io::Error` implements `Responder` like `Debug<std::io::Error>`.
  * `(Status, R)` where `R: Responder` implements `Responder` by overriding the
    `Status` of `R`.
  * The name of a route is printed first during route matching.
  * `FlashMessage` now only has one lifetime generic.

HTTP
  * `RawStr` implements `serde::{Serialize, Deserialize}`.
  * `RawStr` implements _many_ more methods, in particular, those related to the
    `Pattern` API.
  * `RawStr::from_str()` is now `RawStr::new()`.
  * `RawStr::url_decode()` and `RawStr::url_decode_lossy()` only allocate as
    necessary, return `Cow`.
  * `Status` implements `Default` with `Status::Ok`.
  * `Status` implements `PartialEq`, `Eq`, `Hash`, `PartialOrd`, `Ord`.
  * Authority and origin part of `Absolute` can be modified with new
    `Absolute::{with,set}_authority()`, `Absolute::{with,set}_origin()` methods.
  * `Origin::segments()` was removed in favor of methods split into query and
    path parts and into raw and decoded versions.
  * The `Segments` iterator is smarter, returns decoded `&str` items.
  * `Segments::into_path_buf()` is now `Segments::to_path_buf()`.
  * A new `QuerySegments` is the analogous query segment iterator.
  * Once set, `expires` on private cookies is not overwritten. (resolves #1506)
  * `Origin::path()` and `Origin::query()` return `&RawStr`, not `&str`.

Codegen
  * Preserve more spans in `uri!` macro.
  * Preserve spans `FromForm` field types.
  * All dynamic parameters in a query string must typecheck as `FromForm`.
  * `FromFormValue` derive removed; `FromFormField` added.
  * The `form` `FromForm` and `FromFormField` field attribute is now named
    `field`. `#[form(field = ..)]` is now `#[field(name = ..)]`.

Contrib
  * `Json` implements `FromForm`.
  * `MsgPack` implements `FromForm`.
  * The `json!` macro is exported as `rocket_contrib::json::json!`.
  * Added clarifying docs to `StaticFiles`.

Examples
  * `form_validation` and `form_kitchen_sink` removed in favor of `forms`.
  * The `hello_world` example uses unicode in paths.
  * The `json` example only allocates as necessary.

Internal
  * Codegen uses new `exports` module with the following conventions:
    - Locals starts with `__` and are lowercased.
    - Rocket modules start with `_` and are lowercased.
    - `std` types start with `_` and are titlecased.
    - Rocket types are titlecased.
  * A `header` module was added to `http`, contains header types.
  * `SAFETY` is used as doc-string keyword for `unsafe` related comments.
  * The `Uri` parser no longer recognizes Rocket route URIs.
2021-03-04 01:51:21 -08:00
Jeb Rosen 9d45e786bb Update 'rand' dependency to 0.8. 2021-02-28 16:34:38 -08:00
ami-GS 38e4067a58 Fix invalid JSON syntax in doc examples: remove trailing commas. 2021-02-20 12:01:44 -08:00
Sergio Benitez aaea84d750 Check profile in jail to avoid env races. 2021-02-19 12:49:39 -08:00
Sergio Benitez 0af25bfb6d Move derive attribute after derive. 2021-02-09 17:17:26 -08:00
Sergio Benitez c24f15c18f Add regression test for #1503.
Closes #1503.
2021-01-14 15:15:57 -08:00
Sergio Benitez 407e346a6a Clean up 'on_launch_fairing_can_inspect_port' test. 2021-01-13 17:20:44 -08:00
Filip Gospodinov 48fd83a31d Run launch fairings after effective port is known. 2021-01-13 17:20:33 -08:00
Sergio Benitez 43ade920c5 Warn when deprecated profiles are set. 2021-01-13 16:21:36 -08:00
Sergio Benitez 28976a5bd3 Preserve 'secret_key' in 'Config' provider data.
Also fixes emission of 'secret_key' warnings when 'secrets' feature is
disabled.

Resolves #1505.
Fixes #1510.
2021-01-13 16:01:39 -08:00
Jeb Rosen 92af8fca72 Update to 'tokio' 1.0, 'hyper' 0.14. 2021-01-13 15:22:16 -08:00
Sergio Benitez 9671115796 Use 'workers' value from 'Config::figment()'.
This commit also improves config pretty-printing and warning messages.
It also fixes an issue that resulted in config value deprecation
warnings not being emitted. The 'workers' value is now a 'usize', not a
'u16'; contrib pool sizes now default to 'workers * 2'.

Closes #1470.
2020-12-24 15:58:48 -08:00
Sergio Benitez fa77435187 Bust cache on 'Request::{add,replace}_header()'.
Also changes 'Header::name()' to return '&UncasedStr'.

Resolves #518.
2020-11-05 21:03:58 -08:00
Sergio Benitez edc91f65b7 Mimic Rocket's config in custom providers example. 2020-10-30 03:08:26 -07:00
Sergio Benitez 55b651bd70 Use 'rocket::custom()' for 'State' tests. 2020-10-30 02:49:00 -07:00
Jonty b7565172eb Impl 'Clone' for 'State'.
Resolves #1411.
2020-10-30 02:16:24 -07:00
Sergio Benitez a6f5a63535 Add tests for ignored parameters '<_>'.
Co-authored-by: timokoesters <timo@koesters.xyz>
2020-10-30 00:47:41 -07:00
Sergio Benitez 8e8fb4cae8 Allow ignored route path segments.
Co-authored-by: timokoesters <timo@koesters.xyz>
2020-10-30 00:06:39 -07:00
Sergio Benitez 23738446f0 Impl 'std::error::Error' for 'Error'.
Resolves #1460.
2020-10-27 16:04:25 -07:00
Sergio Benitez 8570afff3e Use threaded scheduler in tests.
This prevents async I/O timeouts in attach fairings.

Co-authored-by: Jeb Rosen <jeb@jebrosen.com>
2020-10-26 13:29:36 -07:00
Sergio Benitez 09f0087034 Split server parts of 'Rocket' into 'server.rs'. 2020-10-22 18:00:07 -07:00
Sergio Benitez 198b6f0e97 Fix various broken rustdoc links. 2020-10-22 03:53:07 -07:00
Sergio Benitez 08510302da Add 'Rocket::catchers()', rearrange other getters. 2020-10-22 03:41:02 -07:00
Sergio Benitez ec9b5816a8 Remove 'rocket::inspect()', 'Cargo'.
This commit reverts most of dea940c7 and d89c7024. The "fix" is to run
attach fairings on a new thread. If a runtime is already running, it is
used. Otherwise, the future is executed in a single-threaded executor.
2020-10-22 03:27:04 -07:00
Sergio Benitez 17fd7f4286 Update minimum rustc to 1.46. 2020-10-21 19:56:12 -07:00
Sergio Benitez bbfe2ba5cc Point all docs and doc links to 'master' branch. 2020-10-21 04:54:24 -07:00
George Cheng 0673986c32 Impl 'FromRequest' for 'IpAddr'.
Closes #1414.
2020-10-20 20:51:26 -07:00