Commit Graph

26 Commits

Author SHA1 Message Date
Sergio Benitez
b8f9011c04 Fix 'LocalRequest::clone()' soundness issue.
The existing implementation of 'LocalRequest::clone()' mistakenly copied
the internal 'Request' pointer from the existing 'LocalRequest' to the
cloned 'LocalRequest'. This resulted in an aliased '*mut Request'
pointer, a clear soundness issue. The fix in this commit is to clone the
internal 'Request', replacing the internal pointer with the newly cloned
'Request' when producing the cloned 'LocalRequest'. A fix that removes
all 'unsafe' code should be explored.

Fixes #1312.
2020-05-27 01:09:12 -07:00
Sergio Benitez
95c981de79 Test all guide code examples.
Every code example is now fully runnable and testable. As a result, all
examples are now tested and include imports. Relevant imports are shown
by default. Code examples can be expanded to show all imports.

Fixes #432.
2020-02-15 04:02:19 -08:00
Sergio Benitez
f35e3c4aca Set cookies even on error responses.
Fixes #1213.
2020-01-23 21:10:04 -08:00
Jeb Rosen
3e4f8453ce Remove use of the 'decl_macro' feature.
Also removes one internal use in the 'typed-uris' codegen test.
2019-07-19 11:39:56 -07:00
Jeb Rosen
34cb1c14b8 Migrate core to Rust 2018. 2019-06-25 13:45:23 -04:00
jeb
6bf751fb22 Reexport derive macros alongside derived traits. 2019-05-22 22:19:47 -07:00
Sergio Benitez
9f75e0f443 Clean up 'conditionally-set-server-header' test. 2019-05-08 20:18:10 -07:00
lu4nm3
0a978fdb5d Set default 'Server' header only if it isn't set.
Closes #996.
2019-05-08 20:18:10 -07:00
Sergio Benitez
4224419e63 Reduce 'cfg' usage for 'private-cookies' feature. 2018-11-08 23:56:15 -08:00
Linus Unnebäck
53758c6dd7 Introduce the 'private-cookies' feature. 2018-11-08 23:38:18 -08:00
Sergio Benitez
5762208bba Percent-encode characters: '[', ']', '\', '^', '|'.
Fixes #808.
2018-11-02 00:10:01 -07:00
Sergio Benitez
41de1e62fb Implement 'Responder' for 'Status'.
This commit obviates the following removed types:

  * response::Failure
  * response::status::NoContent
  * response::status::Reset

Closes #489.
2018-10-31 03:57:22 -07:00
Sergio Benitez
26db5ecb4e Fix normalization and Windows issues. 2018-10-24 00:01:56 -07:00
Sergio Benitez
f6325798b1 Normalize paths in 'route_guard' test. 2018-10-23 01:23:11 -07:00
Sergio Benitez
2839aca8ce Update features for latest nightly. 2018-10-09 04:31:09 -07:00
Sergio Benitez
61f107f550 Reimplement route attribute as a proc-macro.
This commits also implement the query reform from #608. It also consists
of many, many breaking changes. Among them are:

  * Query parts in route paths use new query reform syntax.
  * Routing for queries is now lenient.
    - Default ranking has changed to reflect query reform.
  * Format routing matching has been fixed.
    - Routes with formats matching "accept" will always collide.
    - Routes with formats matching "content-type" require requests to
      have an equivalent content-type header to match.
    - Requests with imprecise content-types are treated as not having a
      content-type.
  * Generated routes and catchers respect visibility modifiers.
  * Raw getter methods from request were renamed and retooled.
    - In particular, the index parameter is based on segments in the
      route path, not dynamic parameters.
  * The method-based attributes no longer accept a keyed 'path'.
  * The 'rocket_codegen' crate is gone and will no longer be public.
  * The 'FormItems' iterator emits values of type 'FormItem'.
    - The internal form items' string can no longer be retrieved.
  * In general, routes are more strictly validated.
  * Logging from codegen now funnels through logging infrastructure.
  * Routing has been optimized by caching routing metadata.

Resolves #93.
Resolves #608.
Resolves #693.
Resolves #476.
2018-10-09 04:18:04 -07:00
Sergio Benitez
ec4cc3a293 Allow transforms in 'FromData'. Add 'FromDataSimple'.
The new 'FromData' trait allows an implementor to instruct the caller to
maintain state on its stack and later pass a borrow for processing.
Among other things, it greatly simplifies the 'Form' type, removing a
use of unsafe, and allows references in deserialized data guards.
2018-09-26 21:33:02 -07:00
Sergio Benitez
d011cd63fc Remove unnecessary 'use rocket::catch'. 2018-09-16 20:52:07 -07:00
jeb
8e779610c4 Reimplement 'routes!' and 'catchers!' as proc-macros. 2018-09-16 18:52:23 -07:00
Sergio Benitez
351757c6ee Rename 'Rocket::catch()' to 'Rocket::register()'. 2018-09-16 02:25:12 -07:00
Sergio Benitez
112e700836 Reimplement 'catch' attribute as a proc-macro. 2018-09-16 01:32:40 -07:00
Sergio Benitez
e0961e0750 Require all 'AdHoc' fairings to be named. 2018-08-14 09:14:06 -07:00
Sergio Benitez
d7f6d82fe4 Implement 'FromForm[Value]', 'Responder' proc-macro derives.
This completes the migration of custom derives to proc-macros, removing
the need for the `custom_derive` feature in consumer code. This commit
also includes documentation, unit tests, and compile UI tests for each
of the derives.

Additionally, this commit improves the existing `FromForm` and
`FromFormValue` derives. The generated code for `FromForm` now returns
an error value indicating the error condition. The `FromFormValue`
derive now accepts a `form` attribute on variants for specifying the
exact value string to match against.

Closes #590.
Closes #670.
2018-08-06 19:58:07 -07:00
Sergio Benitez
56c6a96f6a Overhaul URI types.
This is fairly large commit with several entangled logical changes.

The primary change in this commit is to completely overhaul how URI
handling in Rocket works. Prior to this commit, the `Uri` type acted as
an origin API. Its parser was minimal and lenient, allowing URIs that
were invalid according to RFC 7230. By contrast, the new `Uri` type
brings with it a strict RFC 7230 compliant parser. The `Uri` type now
represents any kind of valid URI, not simply `Origin` types. Three new
URI types were introduced:

  * `Origin` - represents valid origin URIs
  * `Absolute` - represents valid absolute URIs
  * `Authority` - represents valid authority URIs

The `Origin` type replaces `Uri` in many cases:

  * As fields and method inputs of `Route`
  * The `&Uri` request guard is now `&Origin`
  * The `uri!` macro produces an `Origin` instead of a `Uri`

The strict nature of URI parsing cascaded into the following changes:

  * Several `Route` methods now `panic!` on invalid URIs
  * The `Rocket::mount()` method is (correctly) stricter with URIs
  * The `Redirect` constructors take a `TryInto<Uri>` type
  * Dispatching of a `LocalRequest` correctly validates URIs

Overall, URIs are now properly and uniformly handled throughout Rocket's
codebase, resulting in a more reliable and correct system.

In addition to these URI changes, the following changes are also part of
this commit:

  * The `LocalRequest::cloned_dispatch()` method was removed in favor of
    chaining `.clone().dispatch()`.
  * The entire Rocket codebase uses `crate` instead of `pub(crate)` as a
    visibility modifier.
  * Rocket uses the `crate_visibility_modifier` and `try_from` features.

A note on unsafety: this commit introduces many uses of `unsafe` in the
URI parser. All of these uses are a result of unsafely transforming byte
slices (`&[u8]` or similar) into strings (`&str`). The parser ensures
that these casts are safe, but of course, we must label their use
`unsafe`. The parser was written to be as generic and efficient as
possible and thus can parse directly from byte sources. Rocket, however,
does not make use of this fact and so would be able to remove all uses
of `unsafe` by parsing from an existing `&str`. This should be
considered in the future.

Fixes #443.
Resolves #263.
2018-07-29 00:17:33 -07:00
Beatriz Rizental
965c90afc9 Add 'log = off' config option to disable all logging. 2018-07-07 18:12:25 -07:00
Sergio Benitez
f171dc9d09 Reorganize repository.
The directory structure has changed to better isolate crates serving
core and contrib. The new directory structure is:

  contrib/
    lib/ - the contrib library
  core/
    lib/ - the core Rocket library
    codegen/ - the "compile extension" codegen library
    codegen_next/ - the new proc-macro library
  examples/ - unchanged
  scripts/ - unchanged
  site/ - unchanged

This commit also removes the following files:

  appveyor.yml - AppVeyor (Rust on Windows) is far too spotty for use
  rustfmt.toml - rustfmt is, unfortunately, not mature enough for use

Finally, all example Cargo crates were marked with 'publish = false'.
2018-06-03 18:44:38 +02:00