So. Many. Changes.
This is an insane commit: simultaneously one of the best (because of all
the wonderful improvements!) and one of the worst (because it is just
massive) in the project's history.
Routing:
* All UTF-8 characters are accepted everywhere in route paths. (#998)
* `path` is now `uri` in `route` attribute: `#[route(GET, path = "..")]`
becomes `#[route(GET, uri = "..")]`.
Forms Revamp
* All form related types now reside in a new `form` module.
* Multipart forms are supported. (resolves#106)
* Collections are supported in forms and queries. (resolves#205)
* Nested structures in forms and queries are supported. (resolves#313)
* Form fields can be ad-hoc validated with `#[field(validate = expr)]`.
* `FromFormValue` is now `FromFormField`, blanket implements `FromForm`.
* Form field values are always percent-decoded apriori.
Temporary Files
* A new `TempFile` data and form guard allows streaming data directly to a
file which can then be persisted.
* A new `temp_dir` config parameter specifies where to store `TempFile`.
* The limits `file` and `file/$ext`, where `$ext` is the file extension,
determines the data limit for a `TempFile`.
Capped
* A new `Capped` type is used to indicate when data has been truncated due to
incoming data limits. It allows checking whether data is complete or
truncated.
* `DataStream` methods return `Capped` types.
* `DataStream` API has been revamped to account for `Capped` types.
* Several `Capped<T>` types implement `FromData`, `FromForm`.
* HTTP 413 (Payload Too Large) errors are now returned when data limits are
exceeded. (resolves#972)
Hierarchical Limits
* Data limits are now hierarchical, delimited with `/`. A limit of `a/b/c`
falls back to `a/b` then `a`.
Core
* `&RawStr` no longer implements `FromParam`.
* `&str` implements `FromParam`, `FromData`, `FromForm`.
* `FromTransformedData` was removed.
* `FromData` gained a lifetime for use with request-local data.
* The default error HTML is more compact.
* `&Config` is a request guard.
* The `DataStream` interface was entirely revamped.
* `State` is only exported via `rocket::State`.
* A `request::local_cache!()` macro was added for storing values in
request-local cache without consideration for type uniqueness by using a
locally generated anonymous type.
* `Request::get_param()` is now `Request::param()`.
* `Request::get_segments()` is now `Request::segments()`, takes a range.
* `Request::get_query_value()` is now `Request::query_value()`, can parse any
`FromForm` including sequences.
* `std::io::Error` implements `Responder` like `Debug<std::io::Error>`.
* `(Status, R)` where `R: Responder` implements `Responder` by overriding the
`Status` of `R`.
* The name of a route is printed first during route matching.
* `FlashMessage` now only has one lifetime generic.
HTTP
* `RawStr` implements `serde::{Serialize, Deserialize}`.
* `RawStr` implements _many_ more methods, in particular, those related to the
`Pattern` API.
* `RawStr::from_str()` is now `RawStr::new()`.
* `RawStr::url_decode()` and `RawStr::url_decode_lossy()` only allocate as
necessary, return `Cow`.
* `Status` implements `Default` with `Status::Ok`.
* `Status` implements `PartialEq`, `Eq`, `Hash`, `PartialOrd`, `Ord`.
* Authority and origin part of `Absolute` can be modified with new
`Absolute::{with,set}_authority()`, `Absolute::{with,set}_origin()` methods.
* `Origin::segments()` was removed in favor of methods split into query and
path parts and into raw and decoded versions.
* The `Segments` iterator is smarter, returns decoded `&str` items.
* `Segments::into_path_buf()` is now `Segments::to_path_buf()`.
* A new `QuerySegments` is the analogous query segment iterator.
* Once set, `expires` on private cookies is not overwritten. (resolves#1506)
* `Origin::path()` and `Origin::query()` return `&RawStr`, not `&str`.
Codegen
* Preserve more spans in `uri!` macro.
* Preserve spans `FromForm` field types.
* All dynamic parameters in a query string must typecheck as `FromForm`.
* `FromFormValue` derive removed; `FromFormField` added.
* The `form` `FromForm` and `FromFormField` field attribute is now named
`field`. `#[form(field = ..)]` is now `#[field(name = ..)]`.
Contrib
* `Json` implements `FromForm`.
* `MsgPack` implements `FromForm`.
* The `json!` macro is exported as `rocket_contrib::json::json!`.
* Added clarifying docs to `StaticFiles`.
Examples
* `form_validation` and `form_kitchen_sink` removed in favor of `forms`.
* The `hello_world` example uses unicode in paths.
* The `json` example only allocates as necessary.
Internal
* Codegen uses new `exports` module with the following conventions:
- Locals starts with `__` and are lowercased.
- Rocket modules start with `_` and are lowercased.
- `std` types start with `_` and are titlecased.
- Rocket types are titlecased.
* A `header` module was added to `http`, contains header types.
* `SAFETY` is used as doc-string keyword for `unsafe` related comments.
* The `Uri` parser no longer recognizes Rocket route URIs.
This commit completely overhauls Rocket's configuration systems, basing
it on the new Figment library. It includes many breaking changes
pertaining to configuration. They are:
* "Environments" are replaced by "profiles".
* 'ROCKET_PROFILE' takes the place of 'ROCKET_ENV'.
* Profile names are now arbitrary, but 'debug' and 'release' are given
special treatment as default profiles for the debug and release
compilation profiles.
* A 'default' profile now sits along-side the meta 'global' profile.
* The concept of "extras" is no longer present; users can extract any
values they want from the configured 'Figment'.
* The 'Poolable' trait takes an '&Config'.
* The 'secrets' feature is disabled by default.
* It is a hard error if 'secrets' is enabled under the 'release'
profile and no 'secret_key' is configured.
* 'ConfigBuilder' no longer exists: all fields of 'Config' are public
with public constructors for each type.
* 'keep_alive' is disabled with '0', not 'false' or 'off'.
* Inlined error variants into the 'Error' structure.
* 'LoggingLevel' is now 'LogLevel'.
* Limits can now be specified in SI units: "1 MiB".
The summary of other changes are:
* The default config file can be configured with 'ROCKET_CONFIG'.
* HTTP/1 and HTTP/2 keep-alive configuration is restored.
* 'ctrlc' is now a recognized config option.
* 'serde' is now a core dependency.
* TLS misconfiguration errors are improved.
* Several example use '_' as the return type of '#[launch]' fns.
* 'AdHoc::config()' was added for simple config extraction.
* Added more documentation for using 'Limits'.
* Launch information is no longer treated specially.
* The configuration guide was rewritten.
Resolves#852.
Resolves#209.
Closes#1404.
Closes#652.
Prior to this change, Rocket emitted "white" text in much of its logging
output. On terminals with light backgrounds, the text was nearly
illegible. This PR stops using white coloring altogether, opting instead
to use the terminal's default color albeit with bold styling. On dark
terminals, this will likely be a light color, and on light terminals,
this will likely be a dark color. The end result is that Rocket's
logging output should be readable everywhere.
Resolves#639.
This commits also implement the query reform from #608. It also consists
of many, many breaking changes. Among them are:
* Query parts in route paths use new query reform syntax.
* Routing for queries is now lenient.
- Default ranking has changed to reflect query reform.
* Format routing matching has been fixed.
- Routes with formats matching "accept" will always collide.
- Routes with formats matching "content-type" require requests to
have an equivalent content-type header to match.
- Requests with imprecise content-types are treated as not having a
content-type.
* Generated routes and catchers respect visibility modifiers.
* Raw getter methods from request were renamed and retooled.
- In particular, the index parameter is based on segments in the
route path, not dynamic parameters.
* The method-based attributes no longer accept a keyed 'path'.
* The 'rocket_codegen' crate is gone and will no longer be public.
* The 'FormItems' iterator emits values of type 'FormItem'.
- The internal form items' string can no longer be retrieved.
* In general, routes are more strictly validated.
* Logging from codegen now funnels through logging infrastructure.
* Routing has been optimized by caching routing metadata.
Resolves#93.
Resolves#608.
Resolves#693.
Resolves#476.
This is fairly large commit with several entangled logical changes.
The primary change in this commit is to completely overhaul how URI
handling in Rocket works. Prior to this commit, the `Uri` type acted as
an origin API. Its parser was minimal and lenient, allowing URIs that
were invalid according to RFC 7230. By contrast, the new `Uri` type
brings with it a strict RFC 7230 compliant parser. The `Uri` type now
represents any kind of valid URI, not simply `Origin` types. Three new
URI types were introduced:
* `Origin` - represents valid origin URIs
* `Absolute` - represents valid absolute URIs
* `Authority` - represents valid authority URIs
The `Origin` type replaces `Uri` in many cases:
* As fields and method inputs of `Route`
* The `&Uri` request guard is now `&Origin`
* The `uri!` macro produces an `Origin` instead of a `Uri`
The strict nature of URI parsing cascaded into the following changes:
* Several `Route` methods now `panic!` on invalid URIs
* The `Rocket::mount()` method is (correctly) stricter with URIs
* The `Redirect` constructors take a `TryInto<Uri>` type
* Dispatching of a `LocalRequest` correctly validates URIs
Overall, URIs are now properly and uniformly handled throughout Rocket's
codebase, resulting in a more reliable and correct system.
In addition to these URI changes, the following changes are also part of
this commit:
* The `LocalRequest::cloned_dispatch()` method was removed in favor of
chaining `.clone().dispatch()`.
* The entire Rocket codebase uses `crate` instead of `pub(crate)` as a
visibility modifier.
* Rocket uses the `crate_visibility_modifier` and `try_from` features.
A note on unsafety: this commit introduces many uses of `unsafe` in the
URI parser. All of these uses are a result of unsafely transforming byte
slices (`&[u8]` or similar) into strings (`&str`). The parser ensures
that these casts are safe, but of course, we must label their use
`unsafe`. The parser was written to be as generic and efficient as
possible and thus can parse directly from byte sources. Rocket, however,
does not make use of this fact and so would be able to remove all uses
of `unsafe` by parsing from an existing `&str`. This should be
considered in the future.
Fixes#443.
Resolves#263.
The directory structure has changed to better isolate crates serving
core and contrib. The new directory structure is:
contrib/
lib/ - the contrib library
core/
lib/ - the core Rocket library
codegen/ - the "compile extension" codegen library
codegen_next/ - the new proc-macro library
examples/ - unchanged
scripts/ - unchanged
site/ - unchanged
This commit also removes the following files:
appveyor.yml - AppVeyor (Rust on Windows) is far too spotty for use
rustfmt.toml - rustfmt is, unfortunately, not mature enough for use
Finally, all example Cargo crates were marked with 'publish = false'.
Sergio Benitez
Jeb Rosen
Marc Schreiber
Alex Macleod
Jacob Pratt
Richard Petrie
Eric Dattore
Sean Stangl
Beatriz Rizental