Commit Graph

165 Commits

Author SHA1 Message Date
Sergio Benitez 73fed03ef4 New version: 0.2.8. 2017-06-01 22:10:05 -07:00
Sergio Benitez 614297eb9b Update codegen lints for latest nightly. 2017-06-01 22:10:05 -07:00
Sergio Benitez 5f2b2ee3df New version: 0.2.7. 2017-05-26 20:37:54 -07:00
Sergio Benitez cdc866665c Update codegen for latest nightly. 2017-05-26 20:37:40 -07:00
Sergio Benitez 299a422cbc Optimize MediaType::Display, ContentType::Into<Header>, and precheck.
Differential and causal profiling determined that 35% of `Hello, world!`
dispatch time was spent rendering `Content-Type` due to many calls to `fmt` in
`MediaType::Display` and an allocation in `ContentType::Into<Header>`. This
change reduces the number of calls to `fmt` to 1 in `MediaType::Display` and
removes the allocation in `Into<Header>` for known media types.

This change also caches a `Rocket` "precheck" so that pre-dispatch checks are
done only a single time for a given `Rocket` instance, further reducing
`MockRequest::dispatch_with` time for "Hello, world!" by roughly 15%.
2017-05-23 16:41:38 -07:00
Sergio Benitez 9b955747e4 Remove config global state. Use Responder::respond_to.
This commit includes two major changes to core:

  1. Configuration state is no longer global. The `config::active()`
     function has been removed. The active configuration can be
     retrieved via the `config` method on a `Rocket` instance.

  2. The `Responder` trait has changed. `Responder::respond(self)` has
     been removed in favor of `Responder::respond_to(self, &Request)`.
     This allows responders to dynamically adjust their response based
     on the incoming request.

Additionally, it includes the following changes to core and codegen:

  * The `Request::guard` method was added to allow for simple
    retrivial of request guards.
  * The `Request::limits` method was added to retrieve configured
    limits.
  * The `File` `Responder` implementation now uses a fixed size body
    instead of a chunked body.
  * The `Outcome::of<R: Responder>(R)` method was removed while
    `Outcome::from<R: Responder(&Request, R)` was added.
  * The unmounted and unmanaged limits are more cautious: they will only
    emit warnings when the `Rocket` receiver is known.

This commit includes one major change to contrib:

  1. To use contrib's templating, the fairing returned by
     `Template::fairing()` must be attached to the running Rocket
     instance.

Additionally, the `Display` implementation of `Template` was removed. To
directly render a template to a `String`, the new `Template::show`
method can be used.
2017-05-19 03:29:08 -07:00
Sergio Benitez 0d18faf91e Add a docstring to the emitted static route info.
Resolves #258.
2017-04-18 22:05:56 -07:00
Sergio Benitez e6bbeacb1c New version: 0.2.6. 2017-04-17 16:21:56 -07:00
Sergio Benitez 3c51d30e66 Avoid collision in FromForm derive by using weird names.
Fixes #265.
2017-04-17 16:11:44 -07:00
Sergio Benitez 9b7f58448a New version: 0.2.5. 2017-04-16 14:29:04 -07:00
Sergio Benitez 8a789c5d04 Update minimum nightly version in codegen. 2017-04-16 14:23:34 -07:00
Sergio Benitez 08fbe06b10 Fix lints for latest nightly. 2017-04-16 14:13:18 -07:00
Sergio Benitez 2e54a1f74d Don't use &str where RawStr is now preferred. 2017-04-14 00:43:57 -07:00
Sergio Benitez 5259e3fd5c Disallow invalid form field names. 2017-04-04 17:00:48 -07:00
Sergio Benitez 7c19bf784d Allow form field renaming via #[form(field = "name")] attribute. 2017-04-03 19:06:30 -07:00
Sergio Benitez 351658801e Allow unreachable_code in generated route functions for new ! error types. 2017-04-03 16:46:13 -07:00
Sergio Benitez f5ec470a7d Use the `RawStr` type for raw parameter strings.
This is a breaking change.

The `&str` type no longer implements `FromParam`. The `&RawStr` type
should be used in its place.
2017-03-31 00:18:58 -07:00
Sergio Benitez 0c44e44641 Use the `RawStr` type for all form raw strings.
This is a breaking change.

This commit introduces `RawStr` to forms. In particular, after this
commit, the `&str` type no longer implements `FromFormValue`, and so it
cannot be used as a field in forms. Instad, the `&RawStr` can be used.

The `FormItems` iterator now returns an `(&RawStr, &RawStr)` pair.
2017-03-30 23:06:53 -07:00
Sergio Benitez f57d984e2e New version: 0.2.4. 2017-03-30 19:56:12 -07:00
Sergio Benitez f7bc1ce24f Update codegen for latest nightly. 2017-03-30 19:56:12 -07:00
Sergio Benitez 1fb1cdfc58 Use MediaType instead of ContentType for Route format. 2017-03-28 00:12:59 -07:00
Sergio Benitez 13359d4f50 Reformulate ContentType as a wrapper around MediaType. 2017-03-23 22:41:42 -07:00
Sergio Benitez 09550b6e7c New version: 0.2.3. 2017-03-22 19:47:52 -07:00
Sergio Benitez bf67a32cd9 Update minimum rustc version for codegen. 2017-03-22 18:57:46 -07:00
Sergio Benitez 7808ad1649 Update codegen for latest nightly. 2017-03-20 13:55:40 -07:00
Sergio Benitez 393225cedf Use ansi_term::Color, not Colour. 2017-03-08 15:08:13 -08:00
Sergio Benitez 722ee93f8b Update to cookie 0.7. Use 256-bit session_keys.
This commit involves several breaking changes:
  * `session_key` config param must be a 256-bit base64 encoded string.
  * `FromRequest` is implemented for `Cookies`, not `Cookie`.
  * Only a single `Cookies` instance can be retrieved at a time.
  * `Config::take_session_key` returns a `Vec<u8>`.
  * `Into<Header>` is implemented for `&Cookie`, not `Cookie`.
2017-03-07 01:19:06 -08:00
Sergio Benitez 6be902162d New version: 0.2.2. 2017-02-26 18:31:15 -08:00
Sergio Benitez 56a631d4ba Update codegen for latest nightly. 2017-02-26 18:26:02 -08:00
Sergio Benitez d99de8e05b New version: 0.2.1. 2017-02-24 13:57:33 -08:00
Sergio Benitez 7d2695d19f Use type index to find type span in unmanaged_state lint.
Fixes #179.
2017-02-08 00:56:17 -08:00
Sergio Benitez c7db553286 New version: 0.2.0. 2017-02-06 05:35:19 -08:00
Sergio Benitez 8eef42a256 Compile-time enforce paths as absolute, non-empty, valid segments. 2017-02-06 04:03:30 -08:00
Sergio Benitez 92f22ca63b Fix false positives in unmounted_routes lint due to 'launch'. 2017-02-05 02:11:32 -08:00
Sergio Benitez e966925455 Use full URI in codegen routes; log query params in routes. 2017-02-05 01:34:48 -08:00
Sergio Benitez ecd72f686e Record instances in lint from launch calls. 2017-02-04 13:52:23 -08:00
Sergio Benitez d23a0fa80a Move lint note message to correct spot. 2017-02-03 17:38:51 -08:00
Sergio Benitez a6c27b7243 Document codegen lints. 2017-02-02 23:06:35 -08:00
Sergio Benitez b69527c392 Reenable the options decorator. 2017-02-02 15:02:32 -08:00
Sergio Benitez 58678e53fb Update codegen for latest nightly. 2017-02-02 14:45:43 -08:00
Sergio Benitez d4eda278a2 Parallelize testing. Fix compiletest dependencies. 2017-02-02 00:41:47 -08:00
Sergio Benitez ed429cd487 Change FromForm signature. Emit 422 form errors on bad form strings.
This commit changes the way Rocket parses form items. In particular, it now
(liberally) validates form strings, returning a Bad Request on malformed inputs
and Unprocessable Entity on bad parses.

The 'FormItems' iterator was modified to accomodate this. The iterator is now
initialized using 'from': 'FormItems::from(form_string)'. The iterator can be
queried to check for a complete parse using either 'completed()' or
'exhausted()', the latter of which will consume valid keys/values and return
true only if the entire string was consumed.

The 'FromForm' trait now takes a mutable borrow to a 'FormItems' iterator.

The 'Form' and 'FormForm' implementation for 'Form' were modified to use the new
iterfaces and check for 'exhausted' after a parse, returning a Bad Request error
if the iterator cannot be exhausted.

Resolves #46.
2017-02-01 18:22:51 -08:00
Sergio Benitez 3235e1e5e6 Make 'false' the default value for bools in forms. 2017-02-01 00:12:11 -08:00
Sergio Benitez c0235d0cde Condense cases in 'def_id_opt'. 2017-01-31 17:38:25 -08:00
Sergio Benitez c1697509ba Improve lints: gather info on per-instance basis. 2017-01-31 02:01:30 -08:00
Sergio Benitez 4eaf9ba9c5 Add lints to catch unmanaged state and unmounted routes.
* The `unmanaged_state` lint emits a warning when a `State<T>` request
    guard is used without an accompanying `manage` call for `T`.

  * The `unmounted_route` lint emits a warning when a route declared via
    a Rocket attribute is not mounted via a call to `mount`.

There is one known shortcoming of these lints at present: _any_ call to
`manage` or `mount` marks state/routes as managed/mounted. This can be
an issue when an application uses more than one `Rocket` instance, with
different calls to `mount` and `manage` in each. The lints should
perform their analyses on a per-instance basis.
2017-01-29 01:13:52 -08:00
Sergio Benitez 0063f2524e Remove unused macro_use in codegen. 2017-01-27 00:06:16 -08:00
Sergio Benitez 0a0b64b9b6 New version: 0.1.6. 2017-01-26 11:26:50 -08:00
Sergio Benitez 307469dc3a Refuse to build on non-nightly with a nice message. 2017-01-15 01:16:47 -08:00
Sergio Benitez 08278e8f0e New version: 0.1.5. 2017-01-14 08:45:03 -08:00
Sergio Benitez 4bc5c20a45 Fix security checks in `PathBuf::FromSegments`.
In #134, @tunz discovered that Rocket does not properly prevent path traversal
or local file inclusion attacks. The issue is caused by a failure to check for
some dangerous characters after decoding. In this case, the path separator '/'
was left as-is after decoding. As such, an attacker could construct a path with
containing any number of `..%2f..` sequences to traverse the file system.

This commit resolves the issue by ensuring that the decoded segment does not
contains any `/` characters. It further hardens the `FromSegments`
implementation by checking for additional risky characters: ':', '>', '<' as the
last character, and '\' on Windows. This is in addition to the already present
checks for '.' and '*' as the first character.

The behavior for a failing check has also changed. Previously, Rocket would skip
segments that contained illegal characters. In this commit, the implementation
instead return an error.

The `Error` type of the `PathBuf::FromSegment` implementations was changed to a
new `SegmentError` type that indicates the condition that failed.

Closes #134.
2017-01-13 13:25:33 -08:00
Sergio Benitez b109bb41ff One more clippy warning (in FromForm derive). 2017-01-09 20:45:34 -08:00
Josh Holmer 59043e262a Fix more codegen clippy warnings. 2017-01-09 20:33:54 -08:00
Josh Holmer 17bbd41f73 Fix clippy warnings caused by codegen. 2017-01-09 17:36:47 -08:00
Sergio Benitez e230ce9b95 Don't overwrite catcher response status if it is set.
Resolves #113.
2017-01-06 01:32:43 -06:00
Sergio Benitez 2da08a975c Make Content-Type case-preserving; add 'params' method. 2017-01-05 02:14:44 -06:00
Sergio Benitez 855d9b7b00 New version: 0.1.4. 2017-01-04 11:18:49 -06:00
Sergio Benitez b202fb9748 Update codegen for 2017-01-03 nightly. 2017-01-04 11:18:22 -06:00
Sergio Benitez 6fdc6f025f New version: 0.1.3. 2016-12-31 01:31:11 -06:00
Sergio Benitez a1878ad080 Properly resolve dynamic segments, take 2.
Fixes #86.
2016-12-30 23:51:23 -06:00
Sergio Benitez 524a2d889d Fix typo in build warning message. 2016-12-30 20:06:48 -06:00
Sergio Benitez 366eb5d158 Test methods via route attribute. 2016-12-30 01:46:47 -06:00
Sergio Benitez 2de006d9f9 Allow head decorator and options via route decorator. 2016-12-30 01:41:46 -06:00
Sergio Benitez bad0c20cda Check for rustc version incompatibility when building codegen. 2016-12-30 00:22:05 -06:00
Sergio Benitez 337173eaf4 Use register_custom_derive to remove custom_derive deprecation warning. 2016-12-29 22:06:35 -06:00
Sergio Benitez 9da512c60c Warn, but don't error, on unknown route formats.
Partially fixes #66.
2016-12-27 15:30:33 -06:00
Sergio Benitez 71419933a5 Ignore _method field in derived FromForm.
Fixes #45.
2016-12-26 02:41:57 -06:00
Sergio Benitez fb7a756cf1 New version: 0.1.2. 2016-12-24 14:15:00 -08:00
Sergio Benitez 9cebab5037 Fix get_raw_segments index argument in route codegen.
Fixes #41.
2016-12-24 11:58:24 -08:00
Sergio Benitez 14f79c3733 New version: 0.1.1. NamedFile hotfix. 2016-12-23 12:30:44 -08:00
Sergio Benitez 2a1426779c Limit keywords for crates.io. 2016-12-23 05:12:39 -08:00
Sergio Benitez a94fcf41db New version: 0.1.0. First public release! 2016-12-23 05:03:07 -08:00
Sergio Benitez 22a058d2d5 Add Cargo metadata to contrib and codegen crates. 2016-12-23 04:20:46 -08:00
Sergio Benitez d56ea65f27 Fix versions for packaging. 2016-12-23 03:55:59 -08:00
Sergio Benitez b6e3cb6c05 Document segments and debug env var in codegen. 2016-12-23 02:37:57 -08:00
Sergio Benitez 2c26777c75 Expose a single function in codegen to docs build. 2016-12-22 04:15:29 -08:00
Sergio Benitez 7da41112cf Document the codegen crate. 2016-12-22 02:26:02 -08:00
Sergio Benitez 7cf3cb6bc6 Only enable codegen logging with env var. 2016-12-22 00:53:43 -08:00
Sergio Benitez 76073718c7 New version: 0.1.0 release candidate. 2016-12-22 00:05:05 -08:00
Sergio Benitez 62fe734492 URI uses Cow iternally. 2016-12-21 00:09:22 -08:00
Sergio Benitez 1fae041ef5 PR merged. Update to main compiletest. 2016-12-16 15:47:58 -08:00
Sergio Benitez e2fcd75325 Use forked compiletest for latest nightly. 2016-12-16 15:14:11 -08:00
Sergio Benitez 2e25ce04dc Automatically handle HEAD requests. 2016-12-16 05:17:16 -08:00
Sergio Benitez 44f5f1998d New HTTP types: ContentType, Status. Responder/Handler/ErrorHandler changed.
This is a complete rework of `Responder`s and of the http backend in
general. This gets Rocket one step closer to HTTP library independence,
enabling many future features such as transparent async I/O, automatic
HEAD request parsing, pre/post hooks, and more.

Summary of changes:

  * `Responder::response` no longer takes in `FreshHyperResponse`.
    Instead, it returns a new `Response` type.
  * The new `Response` type now encapsulates a full HTTP response. As a
    result, `Responder`s now return it.
  * The `Handler` type now returns an `Outcome` directly.
  * The `ErrorHandler` returns a `Result`. It can no longer forward,
    which made no sense previously.
  * `Stream` accepts a chunked size parameter.
  * `StatusCode` removed in favor of new `Status` type.
  * `ContentType` significantly modified.
  * New, lightweight `Header` type that plays nicely with `Response`.
2016-12-15 00:47:31 -08:00
Sergio Benitez 5fca86c84f New version: 0.0.11. 2016-12-11 22:23:08 -08:00
Sergio Benitez 0731cd6150 Update rocket_codegen for latest nightly. 2016-12-06 00:31:01 -08:00
Sergio Benitez aff3f643f1 Skip testing todo example: Diesel is broken again. 2016-11-21 13:39:28 -08:00
Sergio Benitez 004cae7627 Fix codegen tests for new lib. Make UTF8 charset the default for text content types. 2016-11-02 17:39:41 +01:00
Sergio Benitez 4326c9103e Propogate error types in FromParam and FromSegment parses. 2016-10-31 18:51:19 +01:00
Sergio Benitez 639cd425ee Add Debug bound to associated parsing Errors. 2016-10-31 18:31:39 +01:00
Sergio Benitez 25d55b4b0f Disallow use of data parameter with non-payload methods. 2016-10-25 16:42:10 +02:00
Sergio Benitez 6a8d64f69b Move the data module into the top-level namespace. 2016-10-25 13:24:07 +02:00
Sergio Benitez 722f613686 Use Outcome as the result of all fallible conversions. 2016-10-13 18:39:23 -07:00
Sergio Benitez 2f35b23514 Remove non-streaming requests. Use streaming requests everywhere.
This commit includes the following important API changes:

  * The `form` route parameter has been removed.
  * The `data` route parameter has been added.
  * Forms are not handled via the `data` parameter and `Form` type.
  * Removed the `data` parameter from `Request`.
  * Added `FromData` conversion trate and default implementation.
  * Added `DataOutcome` enum, which is the return type of `from_data`.
  * 'FromData' is now used to automatically derive the `data` parameter.
  * Moved `form` into `request` module.
  * Removed `Failure::new` in favor of direct value construction.

This commit includes the following important package additions:

  * Added a 'raw_upload' example.
  * `manual_routes` example uses `Data` parameter.
  * Now building and running tests with `--all-features` flag.
  * All exmaples have been updated to latest API.
  * Now using upstream Tera.

This commit includes the following important fixes:

  * Any valid ident is now allowed in single-parameter route parameters.
  * Lifetimes are now properly stripped in code generation.
  * `FromForm` derive now works on empty structs.
2016-10-12 00:14:42 -07:00
Sergio Benitez 619b1d787e Rename Response::new to complete. Add Response::failure using newly added Failure response. 2016-10-08 20:53:04 -07:00
Sergio Benitez 8c0d11feab Completely new raw API.
Summary of changes:

  * Request no longer has a lifetime parameter.
  * Handler type now includes a `Data` parameter.
  * Response is now an enum that is either `Complete` or `Forward`.
  * Outcome enum is now one of: Success, Failure, Forward.
  * Outcome::Foward for Responses must include StatusCode.
  * Responders are now final: they cannot forward to requests. (!!)
  * Responsers may only forward to catchers. (!!)
  * Response no longer provides wrapping methods.
  * Route is now cloneable.

This change is fundamental to enabling streaming requests.
2016-10-07 23:20:49 -07:00
Sergio Benitez 37e6a367b8 Move the form module under request and outcome to top-level. 2016-10-07 19:27:50 -07:00
Sergio Benitez d321e1de8d Add query param to complete decorator test. 2016-10-07 18:45:55 -07:00
Sergio Benitez bcb9bd860b Allow different lifetimes in handler Request reference and its contents. 2016-10-06 20:38:13 -07:00
Sergio Benitez 639a78a8d6 Add a bad_request response type. Use it when form's aren't utf8. 2016-10-06 00:16:15 -07:00