Commit Graph

599 Commits

Author SHA1 Message Date
Sergio Benitez c90812051e Rename 'Outcome::Failure' to 'Outcome::Error'.
The primary motivation is to deconflate the leading `F`s in `Failure` and
`Forward`. In particular, when using a generics, we used `F` for forward, which
could easily be confused for `F` for `Failure`. This resolves the conflation.
2023-10-31 12:17:28 -05:00
Ruben Schmidmeister 58adc48965 Set 'color-scheme' in default catcher HTML. 2023-10-16 15:29:51 -07:00
Sergio Benitez ae68742048 Update dependencies.
* notify: 5 -> 6
  * indexmap: 1 -> 2
  * cookie: 0.18.0-rc.0 -> 0.18
2023-10-09 17:03:21 -07:00
Sergio Benitez 47faac6080 Document that '&[u8]' is a form guard. 2023-10-02 11:59:03 -07:00
Sergio Benitez 5d31ad4efb Update 'cookie' to 0.18. 2023-09-28 23:50:29 -07:00
Sergio Benitez f41474dd61 Fix broken links between codegen and http crates.
Also resolves link warnings emitted by rustdoc.

Closes #2594
2023-09-20 17:17:22 -07:00
Sergio Benitez ddeac5ddcf Remove unnecessary braces. 2023-08-14 14:16:56 -04:00
Sergio Benitez c337f75f32 Fix 'get_pending()' docs, functionality.
The `get_pending()` method now properly decrypts private cookies that were
present in the jar originally.

Resolves #2591.
2023-08-10 16:22:28 -04:00
Sergio Benitez c2936fcb1e Update 'yansi' to 1.0.0-rc. 2023-07-11 13:18:35 -07:00
Sergio Benitez e3f1b53efa Update 'state' to 0.6. 2023-05-25 11:54:27 -07:00
Sergio Benitez b6b060f75c Document built-in data guards. 2023-05-18 18:22:40 -07:00
Sergio Benitez 29cd271f8a Only extract needed values in 'async_main'.
Previously, `async_main` would extract a full `Config`. This mean that values
like `address` were read and parsed even when they were unused. Should they
exist and be malformed, a configuration error would needlessly arise.

This commit fixes this by only extract values that are subsequently used.
2023-05-18 17:33:57 -07:00
Sergio Benitez f1f533c1e5 Improve and fix panic in 'AdHoc::normalizer()'.
The normalizer now handles more cases.
2023-05-05 11:41:44 -07:00
Sergio Benitez 311a82e3d7 Add 'Error::pretty_print()'. 2023-05-05 11:41:10 -07:00
Sergio Benitez 615e70fdad Log config provenance in debug.
This helps identify configuration issues by printing the source of every
configuration value used by Rocket.
2023-05-04 18:32:27 -07:00
Sergio Benitez db535812b0 Factor out 'Catcher' rank computation. 2023-05-04 18:32:25 -07:00
Sergio Benitez d24b5d4d6d Handle more cases in 'AdHoc::normalizer()'.
The compatibility normalizer previously missed or was overly egregious
in several cases. This commit resolves those issue. In particular:

  * Only request URIs that would not match any route are normalized.

  * Synthetic routes are added to the igniting `Rocket` so that requests
    with URIs of the form `/foo` match routes with URIs of the form
    `/foo/<b..>`, as they did prior to the trailing slash overhaul.

Tests are added for all of these cases.
2023-05-04 17:30:37 -07:00
Sergio Benitez 541952bc58 Paint route URI query parts yellow. 2023-05-04 17:30:23 -07:00
Sergio Benitez 56cf905c6e Introduce more flexible mounting.
Prior to this commit, a route with a URI of `/` could not be mounted in
such a way that the resulting effective URI contained a trailing slash.
This commit changes the semantics of mounting so that mounting such a
route to a mount point with a trailing slash yields an effective URI
with a trailing slash. When mounted to points without a trailing slash,
the effective URI does not have a trailing slash.

This commit also introduces the `Route::rebase()` and
`Catcher::rebase()` methods for easier rebasing of existing routes and
catchers.

Finally, this commit improves logging such that mount points of `/`
are underlined in the logs.

Tests and docs were added and modified as necessary.

Resolves #2533.
2023-05-03 20:03:45 -07:00
Sergio Benitez 9b0564ed27 Tidy custom forward status changes, update docs. 2023-04-11 12:55:57 -07:00
Benedikt Weber 055ad107df Allow status customization in 'Forward' outcomes.
Prior to this commit, all forward outcomes resulted in a 404. This
commit changes request and data guards so that they are able to provide
a `Status` on `Forward` outcomes. The router uses this status, if the
final outcome is to forward, to identify the catcher to invoke.

The net effect is that guards can now customize the status code of a
forward and thus the error catcher invoked if the final outcome of a
request is to forward.

Resolves #1560.
2023-04-11 12:47:20 -07:00
Sergio Benitez b61ac6eb18 Expose 'Route', 'Catcher' collision and matching.
This commit exposes four new methods:

  * `Route::collides_with(&Route)`
  * `Route::matches(&Request)`
  * `Catcher::collides_with(&Catcher)`
  * `Catcher::matches(Status, &Request)`

Each method checks the corresponding condition: whether two routes
collide, whether a route matches a request, whether two catchers
collide, and whether a catcher matches an error arising from a request.

This functionality is used internally by Rocket to make routing
decisions. By exposing these methods, external libraries can use
guaranteed consistent logic to check the same routing conditions.

Resolves #1561.
2023-04-10 22:00:54 -07:00
Sergio Benitez 0c80f7d9e0 Return 'Path' from 'Catcher::base()'. 2023-04-10 13:42:20 -07:00
Sergio Benitez c13a6c6a79 Emit warning when 'String' is used as a parameter.
The warning is only emitted when Rocket is compiled in debug.
2023-04-10 13:38:51 -07:00
Sergio Benitez 3a44b1b28e Hide 'RouteUri' fields to ensure URI coherence.
Prior to this commit, several `RouteUri` fields were public, allowing
those values to be changed at will. These changes were at times not
reflected by the rest of the library, meaning that the values in the
route URI structure for a route became incoherent with the reflected
values. This commit makes all fields private, forcing all changes to go
through methods that can ensure coherence. All values remain accessible
via getter methods.
2023-04-10 13:26:54 -07:00
Sergio Benitez 51ed332127 Make trailing slashes significant during routing.
This commit modifies request routing in a backwards incompatible manner.
The change is summarized as: trailing slashes are now significant and
never transparently disregarded. This has the following implications,
all representing behavior that differs from that before this change:

  * Route URIs with trailing slashes (`/foo/`, `/<a>/`) are legal.
  * A request `/foo/` is routed to route `/foo/` but not `/foo`.
  * Similarly, a request `/bar/` is routed to `/<a>/` but not `/<a>`.
  * A request `/bar/foo` is not routed to `/<a>/<b>/<c..>`.

A new `AdHoc::uri_normalizer()` fairing was added that recovers the
previous behavior.

In addition to the above, the `Options::NormalizeDirs` `FileServer`
option is now enabled by default to remain consistent with the above
changes and reduce breaking changes at the `FileServer` level.
2023-04-10 12:40:39 -07:00
Sergio Benitez 908a918e8b Fuzz to validate routing collision safety.
The fuzzing target introduced in this commit attemps to assert
"collision safety". Formally, this is the property that:

  matches(request, route) := request is matched to route
  collides(route1, route2) := there is a a collision between routes

  forall requests req. !exist routes r1, r2 s.t.
    matches(req, r1) AND matches(req, r2) AND not collides(r1, r2)

Alternatively:

  forall requests req, routes r1, r2.
    matches(req, r1) AND matches(req, r2) => collides(r1, r2)

The target was run for 20 CPU hours without failure.
2023-04-07 20:27:56 -07:00
Sergio Benitez ac0a77bae2 Allow dynamic parameters to match empty segments.
The net effect of this commit is three-fold:

  * A request to `/` now matches `/<a>`. `/foo/` matches `/<a>/<b>`.
  * A segment matched to a dynamic parameter may be empty.
  * A request to `/foo/` no longer matches `/foo` or `/<a>`. Instead,
    such a request would match `/foo/<a>` or `/foo/`.

The `&str` and `String` parameter guards were updated to reflect this
change: they now error, with a newly introduced error type `Empty` in
the `rocket::error` module, when the parameter is empty. As this was the
only built-in parameter guard that would be effected by this change (all
other guards already required nonempty parameters to succeed), the
majority of applications will see no effect as a result.

For applications wanting the previous functionality, a new
`AdHoc::uri_normalizer()` fairing was introduced.
2023-04-07 20:00:09 -07:00
Sergio Benitez 0a56312607 Implement more conservative URI normalization.
* Trailing slashes are now allowed in all normalized URI paths, except
    for route attribute URIs: `/foo/` is considered normalized.
  * Query parts of URIs may now be empty: `/foo?` and `/foo/?` are now
    considered normalized.
  * The `base` field of `Catcher` is now only accessible via a new
    getter method: `Catcher::base()`.
  * `RawStr::split()` returns a `DoubleEndedIterator`.
  * Introduced a second normalization for `Origin`, "nontrailing", and
    associated methods: `Origin::normalize_nontrailing()`, and
    `Origin::is_normalized_nontrailing()`.
  * Added `Origin::has_trailing_slash()`.
  * The `Segments<Path>` iterator will now return an empty string if
    there is a trailing slash in the referenced path.
  * `Segments::len()` is now `Segments::num()`.
  * Added `RawStr::trim()`.

Resolves #2512.
2023-04-07 19:59:57 -07:00
Sergio Benitez a82508b403 Set 'Secure' cookie flag by default under TLS.
If TLS is enabled and active, Rocket will now set the `Secure` cookie
attribute by default.

Resolves #2425.
2023-04-05 13:15:24 -07:00
Sergio Benitez 89534129de Add 'TempFile::open()' to stream its data.
Resolves #2296.
2023-04-05 12:45:48 -07:00
Sergio Benitez c48ce64a77 Standardize 'response::status' responders.
This commit modifies all of the non-empty responders in the
`response::status` module so that they look like `Status<R>(pub R)`.
Prior to this commit, some responders looked like this, while others
contained an `Option<R>`.

Resolves #2351.
2023-04-05 10:51:05 -07:00
Sergio Benitez 03433c10ea Allow specifying 'Status' in custom form errors.
Resolves #1694.
2023-04-05 09:56:49 -07:00
Sergio Benitez c3520fb4a1 Pin I/O handlers. Allow 'FnOnce' in 'ws' handlers.
This modifies the 'IoHandler::io()' method so that it takes a
'Pin<Box<Self>>', allowing handlers to move internally and assume that
the data is pinned.

The change is then used in the 'ws' contrib crate to allow 'FnOnce'
handlers instead of 'FnMut'. The net effect is that streams, such as
those crated by 'Stream!', are now allowed to move internally.
2023-04-04 15:33:46 -07:00
Sergio Benitez 5e7a75e1a5 Use 'parking_lot' 'Mutex' in fairing's 'Once'. 2023-04-04 15:11:09 -07:00
Sergio Benitez 887558be60 Emit warnings when data limits are reached.
Aid in debugging incorrectly configured data limits.
2023-04-03 13:27:33 -07:00
Sergio Benitez aa6ad7030a Allow setting mTLS certificates on local 'Client'.
This allows testing with client certificates.

Co-authored-by: Brett Buford <blbuford@gmail.com>
2023-03-31 11:13:40 -07:00
Sergio Benitez 64a7bfb37c Fix header lookups for connection upgrades. 2023-03-30 16:08:14 -07:00
Sergio Benitez 2a63b1a41f Downgrade I/O stream closing to warning.
Since active I/O streams will be closed by graceful shutdown, an error,
as was previously emitted, was necessarily alarmist. This reduces the
severity of the log message to a warning.
2023-03-30 12:46:34 -07:00
Sergio Benitez d97c83d7e0 Finalize support for external connection upgrades. 2023-03-29 17:06:08 -07:00
Mai-Lapyst 19e7e82fd6 Initial connection upgrade API implementation. 2023-03-29 17:06:04 -07:00
Sergio Benitez 372e9671eb Clarify 'Responder' async I/O usage in docs.
Resolves #2286.
2023-03-26 19:32:49 -07:00
Sergio Benitez a474fde85b Implement 'De(Serialize)' for 'Status'.
Resolves #2366.
2023-03-26 19:18:04 -07:00
Sergio Benitez 91f6288ea4 New version: 0.5.0-rc.3.
New contrib versions: 0.1.0-rc.3.
2023-03-23 16:56:17 -07:00
Sergio Benitez 14b8a082b4 Fix doc re-export inlines in crate root. 2023-03-23 16:33:11 -07:00
Jacob Sharf 89919aa3cb Fix several typos. 2023-03-23 16:27:08 -07:00
inyourface34456 0e6b786096 Fix typo in docs.
Fixes #2734.
2023-03-23 16:27:08 -07:00
Sergio Benitez 219a8a5468 Fix a bunch of typos. 2023-03-23 16:27:08 -07:00
badoken 569bc09a1d Support raw byte slices '&[u8]' in form fields.
Resolves #2148.
2023-03-23 15:31:24 -07:00
Unpublished 2f74380d69 Replace 'atty' with 'is-terminal'. 2023-03-23 14:57:54 -07:00