rename private-network-access feature (#320)

* update CI with concurrency options * cors: rename private-network => local-network * modernize CI * clippy * run api diff job on all features
2024-11-23 15:51:06 +01:00 · 2023-04-09 19:35:30 +01:00 · 2023-04-09 19:35:30 +01:00 · 111d95eaea
commit 111d95eaea
parent 8729f60f79
13 changed files with 163 additions and 166 deletions
--- a/.github/workflows/ci-post-merge.yml
+++ b/.github/workflows/ci-post-merge.yml
@ -1,8 +1,14 @@
 name: CI (post-merge)

 on:
-  push:
-    branches: [master]
+  push: { branches: [master] }
+
+permissions:
+  contents: read # to fetch code (actions/checkout)
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true

 jobs:
  build_and_test_linux_nightly:
@ -27,39 +33,26 @@ jobs:
    steps:
      - uses: actions/checkout@v3

-      - name: Install ${{ matrix.version }}
-        uses: actions-rs/toolchain@v1
+      - name: Install Rust (${{ matrix.version }})
+        uses: actions-rust-lang/setup-rust-toolchain@v1
        with:
-          toolchain: ${{ matrix.version }}-${{ matrix.target.triple }}
-          profile: minimal
-          override: true
+          toolchain: ${{ matrix.version }}

-      - name: Install cargo-hack
-        uses: taiki-e/install-action@cargo-hack
-
-      - name: Generate Cargo.lock
-        uses: actions-rs/cargo@v1
-        with:
-          command: generate-lockfile
-      - name: Cache Dependencies
-        uses: Swatinem/rust-cache@v2.1.0
+      - uses: taiki-e/cache-cargo-install-action@v1
+        with: { tool: cargo-hack }

      - name: check minimal
-        uses: actions-rs/cargo@v1
-        with: { command: ci-min }
+        run: cargo ci-min

      - name: check minimal + examples
-        uses: actions-rs/cargo@v1
-        with: { command: ci-check-min-examples }
+        run: cargo ci-check-min-examples

      - name: check default
-        uses: actions-rs/cargo@v1
-        with: { command: ci-check }
+        run: cargo ci-check

      - name: tests
-        uses: actions-rs/cargo@v1
        timeout-minutes: 40
-        with: { command: ci-test }
+        run: cargo ci-test

      - name: Clear the cargo caches
        run: |
@ -86,18 +79,13 @@ jobs:
    steps:
      - uses: actions/checkout@v3

-      - name: Install ${{ matrix.version }}
-        run: |
-          rustup install ${{ matrix.version }}-${{ matrix.target.triple }}
-          rustup override set ${{ matrix.version }}-${{ matrix.target.triple }}
+      - name: Install Rust (${{ matrix.version }})
+        uses: actions-rust-lang/setup-rust-toolchain@v1
+        with:
+          toolchain: ${{ matrix.version }}

-      - name: Install cargo-hack
-        uses: taiki-e/install-action@cargo-hack
-
-      - name: Generate Cargo.lock
-        run: cargo generate-lockfile
-      - name: Cache Dependencies
-        uses: Swatinem/rust-cache@v2.1.0
+      - uses: taiki-e/cache-cargo-install-action@v1
+        with: { tool: cargo-hack }

      - name: check minimal
        run: cargo ci-min
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@ -1,10 +1,15 @@
 name: CI

 on:
-  pull_request:
-    types: [opened, synchronize, reopened]
-  push:
-    branches: [master]
+  pull_request: {}
+  push: { branches: [master] }
+
+permissions:
+  contents: read # to fetch code (actions/checkout)
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true

 jobs:
  build_and_test_linux:
@ -35,33 +40,18 @@ jobs:
    steps:
      - uses: actions/checkout@v3

-      - name: Install ${{ matrix.version }}
-        run: |
-          rustup install ${{ matrix.version }}-${{ matrix.target.triple }}
-          rustup override set ${{ matrix.version }}-${{ matrix.target.triple }}
+      - name: Install Rust (${{ matrix.version }})
+        uses: actions-rust-lang/setup-rust-toolchain@v1
+        with:
+          toolchain: ${{ matrix.version }}

-      - name: Install cargo-hack
-        uses: taiki-e/install-action@cargo-hack
+      - uses: taiki-e/cache-cargo-install-action@v1
+        with: { tool: cargo-hack }

      - name: workaround MSRV issues
        if: matrix.version != 'stable'
        run: |
-          cargo install cargo-edit --version=0.8.0
-          cargo add env_logger@0.9 --dev -p=actix-cors
-          cargo add env_logger@0.9 --dev -p=actix-identity
-          cargo add env_logger@0.9 --dev -p=actix-redis
-          cargo add env_logger@0.9 --dev -p=actix-session
-          cargo add env_logger@0.9 --dev -p=actix-settings
-
-      - name: Generate Cargo.lock
-        run: cargo generate-lockfile
-      - name: Cache Dependencies
-        uses: Swatinem/rust-cache@v2.1.0
-
-      - name: workaround MSRV issues
-        if: matrix.version != 'stable'
-        run: |
-          cargo update -p=time --precise=0.3.13
+          cargo update -p=time:0.3.20 --precise=0.3.16

      - name: check minimal
        run: cargo ci-min
@ -102,33 +92,21 @@ jobs:
    steps:
      - uses: actions/checkout@v3

-      - name: Install ${{ matrix.version }}
-        run: |
-          rustup install ${{ matrix.version }}-${{ matrix.target.triple }}
-          rustup override set ${{ matrix.version }}-${{ matrix.target.triple }}
+      - name: Install Rust (${{ matrix.version }})
+        uses: actions-rust-lang/setup-rust-toolchain@v1
+        with:
+          toolchain: ${{ matrix.version }}

-      - name: Install cargo-hack
-        uses: taiki-e/install-action@cargo-hack
+      - uses: taiki-e/cache-cargo-install-action@v1
+        with: { tool: cargo-hack }
+        
+      - uses: taiki-e/cache-cargo-install-action@v1
+        with: { tool: cargo-hack }

      - name: workaround MSRV issues
        if: matrix.version != 'stable'
        run: |
-          cargo install cargo-edit --version=0.8.0
-          cargo add env_logger@0.9 --dev -p=actix-cors
-          cargo add env_logger@0.9 --dev -p=actix-identity
-          cargo add env_logger@0.9 --dev -p=actix-redis
-          cargo add env_logger@0.9 --dev -p=actix-session
-          cargo add env_logger@0.9 --dev -p=actix-settings
-
-      - name: Generate Cargo.lock
-        run: cargo generate-lockfile
-      - name: Cache Dependencies
-        uses: Swatinem/rust-cache@v2.1.0
-
-      - name: workaround MSRV issues
-        if: matrix.version != 'stable'
-        run: |
-          cargo update -p=time --precise=0.3.13
+          cargo update -p=time:0.3.20 --precise=0.3.16

      - name: check minimal
        run: cargo ci-min
@ -155,14 +133,8 @@ jobs:
      - uses: actions/checkout@v3

      - name: Install Rust (nightly)
-        run: |
-          rustup install nightly
-          rustup override set nightly
-
-      - name: Generate Cargo.lock
-        run: cargo generate-lockfile
-      - name: Cache Dependencies
-        uses: Swatinem/rust-cache@v2.1.0
+        uses: actions-rust-lang/setup-rust-toolchain@v1
+        with: { toolchain: nightly }

      - name: doc tests
        timeout-minutes: 40
--- a/.github/workflows/coverage.yml
+++ b/.github/workflows/coverage.yml
@ -3,8 +3,14 @@
 name: Coverage

 on:
-  push:
-    branches: [master]
+  push: { branches: [master] }
+
+permissions:
+  contents: read # to fetch code (actions/checkout)
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true

 jobs:
  coverage:
--- a/.github/workflows/lint.yml
+++ b/.github/workflows/lint.yml
@ -1,8 +1,13 @@
 name: Lint

-on:
-  pull_request:
-    types: [opened, synchronize, reopened]
+on: [pull_request]
+
+permissions:
+  contents: read # to fetch code (actions/checkout)
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true

 jobs:
  fmt:
@ -10,11 +15,12 @@ jobs:
    steps:
      - uses: actions/checkout@v3

-      - name: Install Rust
-        run: |
-          rustup override set nightly
-          rustup update nightly
-          rustup component add rustfmt
+      - name: Install Rust (nightly)
+        uses: actions-rust-lang/setup-rust-toolchain@v1
+        with:
+          toolchain: nightly
+          components: rustfmt
+
      - name: Check with rustfmt
        run: cargo fmt --all -- --check

@ -24,9 +30,31 @@ jobs:
      - uses: actions/checkout@v3

      - name: Install Rust
-        run: |
-          rustup override set stable
-          rustup update stable
-          rustup component add rustfmt
+        uses: actions-rust-lang/setup-rust-toolchain@v1
+        with: { components: clippy }
+
      - name: Check with Clippy
        run: cargo clippy --workspace --tests --all-features
+
+  public-api-diff:
+    runs-on: ubuntu-latest
+    steps:
+      - name: checkout ${{ github.base_ref }}
+        uses: actions/checkout@v3
+        with:
+          ref: ${{ github.base_ref }}
+
+      - name: checkout ${{ github.head_ref }}
+        uses: actions/checkout@v3
+
+      - uses: actions-rust-lang/setup-rust-toolchain@v1
+        with: { toolchain: nightly }
+
+      - uses: taiki-e/cache-cargo-install-action@v1
+        with: { tool: cargo-public-api }
+
+      - name: generate API diff
+        run: |
+          for f in $(find -mindepth 2 -maxdepth 2 -name Cargo.toml); do
+            cargo public-api --manifest-path "$f" --all-features diff ${{ github.event.pull_request.base.sha }}..${{ github.sha }}
+          done
--- a/.github/workflows/upload-doc.yml
+++ b/.github/workflows/upload-doc.yml
@ -1,8 +1,14 @@
 name: Upload Documentation

 on:
-  push:
-    branches: [master]
+  push: { branches: [master] }
+
+permissions:
+  contents: read # to fetch code (actions/checkout)
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true

 jobs:
  build:
--- a/actix-cors/CHANGES.md
+++ b/actix-cors/CHANGES.md
@ -2,6 +2,7 @@

 ## Unreleased - 2022-xx-xx

+- Rename `Cors::{allow_private_network_access => allow_local_network_access}()` and its unstable flag (`draft-private-network-access` => `draft-local-network-access`).
 - Minimum supported Rust version (MSRV) is now 1.60.

 ## 0.6.4 - 2022-10-28
--- a/actix-cors/Cargo.toml
+++ b/actix-cors/Cargo.toml
@ -18,7 +18,7 @@ rustdoc-args = ["--cfg", "docsrs"]
 all-features = true

 [features]
-draft-private-network-access = []
+draft-local-network-access = []

 [dependencies]
 actix-utils = "3"
--- a/actix-cors/src/builder.rs
+++ b/actix-cors/src/builder.rs
@ -101,8 +101,8 @@ impl Cors {
            preflight: true,
            send_wildcard: false,
            supports_credentials: true,
-            #[cfg(feature = "draft-private-network-access")]
-            allow_private_network_access: false,
+            #[cfg(feature = "draft-local-network-access")]
+            allow_local_network_access: false,
            vary_header: true,
            block_on_origin_mismatch: true,
        };
@ -422,19 +422,19 @@ impl Cors {

    /// Allow private network access.
    ///
-    /// If true, injects the `Access-Control-Allow-Private-Network: true` header in responses if the
-    /// request contained the `Access-Control-Request-Private-Network: true` header.
+    /// If true, injects the `Access-Control-Allow-Local-Network: true` header in responses if the
+    /// request contained the `Access-Control-Request-Local-Network: true` header.
    ///
-    /// For more information on this behavior, see the draft [Private Network Access] spec.
+    /// For more information on this behavior, see the draft [Local Network Access] spec.
    ///
    /// Defaults to `false`.
    ///
-    /// [Private Network Access]: https://wicg.github.io/private-network-access
-    #[cfg(feature = "draft-private-network-access")]
-    #[cfg_attr(docsrs, doc(cfg(feature = "draft-private-network-access")))]
-    pub fn allow_private_network_access(mut self) -> Cors {
+    /// [Private Network Access]: https://wicg.github.io/local-network-access
+    #[cfg(feature = "draft-local-network-access")]
+    #[cfg_attr(docsrs, doc(cfg(feature = "draft-local-network-access")))]
+    pub fn allow_local_network_access(mut self) -> Cors {
        if let Some(cors) = cors(&mut self.inner, &self.error) {
-            cors.allow_private_network_access = true;
+            cors.allow_local_network_access = true;
        }

        self
@ -514,8 +514,8 @@ impl Default for Cors {
            preflight: true,
            send_wildcard: false,
            supports_credentials: false,
-            #[cfg(feature = "draft-private-network-access")]
-            allow_private_network_access: false,
+            #[cfg(feature = "draft-local-network-access")]
+            allow_local_network_access: false,
            vary_header: true,
            block_on_origin_mismatch: true,
        };
--- a/actix-cors/src/inner.rs
+++ b/actix-cors/src/inner.rs
@ -64,8 +64,8 @@ pub(crate) struct Inner {
    pub(crate) preflight: bool,
    pub(crate) send_wildcard: bool,
    pub(crate) supports_credentials: bool,
-    #[cfg(feature = "draft-private-network-access")]
-    pub(crate) allow_private_network_access: bool,
+    #[cfg(feature = "draft-local-network-access")]
+    pub(crate) allow_local_network_access: bool,
    pub(crate) vary_header: bool,
    pub(crate) block_on_origin_mismatch: bool,
 }
@ -222,19 +222,19 @@ pub(crate) fn add_vary_header(headers: &mut HeaderMap) {
            val.extend(hdr.as_bytes());
            val.extend(b", Origin, Access-Control-Request-Method, Access-Control-Request-Headers");

-            #[cfg(feature = "draft-private-network-access")]
-            val.extend(b", Access-Control-Allow-Private-Network");
+            #[cfg(feature = "draft-local-network-access")]
+            val.extend(b", Access-Control-Allow-Local-Network");

            val.try_into().unwrap()
        }

-        #[cfg(feature = "draft-private-network-access")]
+        #[cfg(feature = "draft-local-network-access")]
        None => HeaderValue::from_static(
            "Origin, Access-Control-Request-Method, Access-Control-Request-Headers, \
-            Access-Control-Allow-Private-Network",
+            Access-Control-Allow-Local-Network",
        ),

-        #[cfg(not(feature = "draft-private-network-access"))]
+        #[cfg(not(feature = "draft-local-network-access"))]
        None => HeaderValue::from_static(
            "Origin, Access-Control-Request-Method, Access-Control-Request-Headers",
        ),
--- a/actix-cors/src/lib.rs
+++ b/actix-cors/src/lib.rs
@ -7,9 +7,9 @@
 //! This CORS middleware automatically handles `OPTIONS` preflight requests.
 //!
 //! # Crate Features
-//! - `draft-private-network-access`: ⚠️ Unstable. Adds opt-in support for the [Private Network
-//!   Access] spec extensions. This feature is unstable since it will follow any breaking changes in
-//!   the draft spec until it is finalized.
+//! - `draft-local-network-access`: ⚠️ Unstable. Adds opt-in support for the [Local Network Access]
+//!   spec extensions. This feature is unstable since it will follow any breaking changes in the
+//!   draft spec until it is finalized.
 //!
 //! # Example
 //! ```no_run
@ -46,7 +46,7 @@
 //! }
 //! ```
 //!
-//! [Private Network Access]: https://wicg.github.io/private-network-access
+//! [Local Network Access]: https://wicg.github.io/local-network-access

 #![forbid(unsafe_code)]
 #![deny(rust_2018_idioms, nonstandard_style)]
--- a/actix-cors/src/middleware.rs
+++ b/actix-cors/src/middleware.rs
@ -93,14 +93,14 @@ impl<S> CorsMiddleware<S> {
            res.insert_header((header::ACCESS_CONTROL_ALLOW_HEADERS, headers.clone()));
        }

-        #[cfg(feature = "draft-private-network-access")]
-        if inner.allow_private_network_access
+        #[cfg(feature = "draft-local-network-access")]
+        if inner.allow_local_network_access
            && req
                .headers()
-                .contains_key("access-control-request-private-network")
+                .contains_key("access-control-request-local-network")
        {
            res.insert_header((
-                header::HeaderName::from_static("access-control-allow-private-network"),
+                header::HeaderName::from_static("access-control-allow-local-network"),
                HeaderValue::from_static("true"),
            ));
        }
@ -149,7 +149,6 @@ impl<S> CorsMiddleware<S> {
                let expose_all_request_headers = res
                    .headers()
                    .keys()
-                    .into_iter()
                    .map(|name| name.as_str())
                    .collect::<HashSet<_>>();

@ -174,15 +173,15 @@ impl<S> CorsMiddleware<S> {
            );
        }

-        #[cfg(feature = "draft-private-network-access")]
-        if inner.allow_private_network_access
+        #[cfg(feature = "draft-local-network-access")]
+        if inner.allow_local_network_access
            && res
                .request()
                .headers()
-                .contains_key("access-control-request-private-network")
+                .contains_key("access-control-request-local-network")
        {
            res.headers_mut().insert(
-                header::HeaderName::from_static("access-control-allow-private-network"),
+                header::HeaderName::from_static("access-control-allow-local-network"),
                HeaderValue::from_static("true"),
            );
        }
--- a/actix-cors/tests/tests.rs
+++ b/actix-cors/tests/tests.rs
@ -264,15 +264,15 @@ async fn test_response() {
            .get(header::ACCESS_CONTROL_ALLOW_ORIGIN)
            .map(HeaderValue::as_bytes)
    );
-    #[cfg(not(feature = "draft-private-network-access"))]
+    #[cfg(not(feature = "draft-local-network-access"))]
    assert_eq!(
        resp.headers().get(header::VARY).map(HeaderValue::as_bytes),
        Some(&b"Origin, Access-Control-Request-Method, Access-Control-Request-Headers"[..]),
    );
-    #[cfg(feature = "draft-private-network-access")]
+    #[cfg(feature = "draft-local-network-access")]
    assert_eq!(
        resp.headers().get(header::VARY).map(HeaderValue::as_bytes),
-        Some(&b"Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Access-Control-Allow-Private-Network"[..]),
+        Some(&b"Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Access-Control-Allow-Local-Network"[..]),
    );

    #[allow(clippy::needless_collect)]
@ -317,7 +317,7 @@ async fn test_response() {
        .method(Method::OPTIONS)
        .to_srv_request();
    let resp = test::call_service(&cors, req).await;
-    #[cfg(not(feature = "draft-private-network-access"))]
+    #[cfg(not(feature = "draft-local-network-access"))]
    assert_eq!(
        resp.headers()
            .get(header::VARY)
@ -325,10 +325,10 @@ async fn test_response() {
            .unwrap(),
        b"Accept, Origin, Access-Control-Request-Method, Access-Control-Request-Headers",
    );
-    #[cfg(feature = "draft-private-network-access")]
+    #[cfg(feature = "draft-local-network-access")]
    assert_eq!(
        resp.headers().get(header::VARY).map(HeaderValue::as_bytes).unwrap(),
-        b"Accept, Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Access-Control-Allow-Private-Network",
+        b"Accept, Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Access-Control-Allow-Local-Network",
    );

    let cors = Cors::default()
@ -478,7 +478,7 @@ async fn vary_header_on_all_handled_responses() {
    assert!(resp
        .headers()
        .contains_key(header::ACCESS_CONTROL_ALLOW_METHODS));
-    #[cfg(not(feature = "draft-private-network-access"))]
+    #[cfg(not(feature = "draft-local-network-access"))]
    assert_eq!(
        resp.headers()
            .get(header::VARY)
@ -487,14 +487,14 @@ async fn vary_header_on_all_handled_responses() {
            .unwrap(),
        "Origin, Access-Control-Request-Method, Access-Control-Request-Headers",
    );
-    #[cfg(feature = "draft-private-network-access")]
+    #[cfg(feature = "draft-local-network-access")]
    assert_eq!(
        resp.headers()
            .get(header::VARY)
            .expect("response should have Vary header")
            .to_str()
            .unwrap(),
-        "Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Access-Control-Allow-Private-Network",
+        "Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Access-Control-Allow-Local-Network",
    );

    // follow-up regular request
@ -504,7 +504,7 @@ async fn vary_header_on_all_handled_responses() {
        .to_srv_request();
    let resp = test::call_service(&cors, req).await;
    assert_eq!(resp.status(), StatusCode::OK);
-    #[cfg(not(feature = "draft-private-network-access"))]
+    #[cfg(not(feature = "draft-local-network-access"))]
    assert_eq!(
        resp.headers()
            .get(header::VARY)
@ -513,14 +513,14 @@ async fn vary_header_on_all_handled_responses() {
            .unwrap(),
        "Origin, Access-Control-Request-Method, Access-Control-Request-Headers",
    );
-    #[cfg(feature = "draft-private-network-access")]
+    #[cfg(feature = "draft-local-network-access")]
    assert_eq!(
        resp.headers()
            .get(header::VARY)
            .expect("response should have Vary header")
            .to_str()
            .unwrap(),
-        "Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Access-Control-Allow-Private-Network",
+        "Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Access-Control-Allow-Local-Network",
    );

    let cors = Cors::default()
@ -536,7 +536,7 @@ async fn vary_header_on_all_handled_responses() {
        .to_srv_request();
    let resp = test::call_service(&cors, req).await;
    assert_eq!(resp.status(), StatusCode::BAD_REQUEST);
-    #[cfg(not(feature = "draft-private-network-access"))]
+    #[cfg(not(feature = "draft-local-network-access"))]
    assert_eq!(
        resp.headers()
            .get(header::VARY)
@ -545,21 +545,21 @@ async fn vary_header_on_all_handled_responses() {
            .unwrap(),
        "Origin, Access-Control-Request-Method, Access-Control-Request-Headers",
    );
-    #[cfg(feature = "draft-private-network-access")]
+    #[cfg(feature = "draft-local-network-access")]
    assert_eq!(
        resp.headers()
            .get(header::VARY)
            .expect("response should have Vary header")
            .to_str()
            .unwrap(),
-        "Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Access-Control-Allow-Private-Network",
+        "Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Access-Control-Allow-Local-Network",
    );

    // regular request no origin
    let req = TestRequest::default().method(Method::PUT).to_srv_request();
    let resp = test::call_service(&cors, req).await;
    assert_eq!(resp.status(), StatusCode::OK);
-    #[cfg(not(feature = "draft-private-network-access"))]
+    #[cfg(not(feature = "draft-local-network-access"))]
    assert_eq!(
        resp.headers()
            .get(header::VARY)
@ -568,14 +568,14 @@ async fn vary_header_on_all_handled_responses() {
            .unwrap(),
        "Origin, Access-Control-Request-Method, Access-Control-Request-Headers",
    );
-    #[cfg(feature = "draft-private-network-access")]
+    #[cfg(feature = "draft-local-network-access")]
    assert_eq!(
        resp.headers()
            .get(header::VARY)
            .expect("response should have Vary header")
            .to_str()
            .unwrap(),
-        "Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Access-Control-Allow-Private-Network",
+        "Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Access-Control-Allow-Local-Network",
    );
 }

@ -634,12 +634,12 @@ async fn expose_all_request_header_values() {
    assert!(cd_hdr.contains("access-control-allow-origin"));
 }

-#[cfg(feature = "draft-private-network-access")]
+#[cfg(feature = "draft-local-network-access")]
 #[actix_web::test]
 async fn private_network_access() {
    let cors = Cors::permissive()
        .allowed_origin("https://public.site")
-        .allow_private_network_access()
+        .allow_local_network_access()
        .new_transform(fn_service(|req: ServiceRequest| async move {
            let res = req.into_response(
                HttpResponse::Ok()
@ -664,11 +664,11 @@ async fn private_network_access() {
        .insert_header((header::ORIGIN, "https://public.site"))
        .insert_header((header::ACCESS_CONTROL_REQUEST_METHOD, "POST"))
        .insert_header((header::ACCESS_CONTROL_ALLOW_CREDENTIALS, "true"))
-        .insert_header(("Access-Control-Request-Private-Network", "true"))
+        .insert_header(("Access-Control-Request-Local-Network", "true"))
        .to_srv_request();
    let res = test::call_service(&cors, req).await;
    assert!(res.headers().contains_key("access-control-allow-origin"));
    assert!(res
        .headers()
-        .contains_key("access-control-allow-private-network"));
+        .contains_key("access-control-allow-local-network"));
 }
--- a/actix-session/src/lib.rs
+++ b/actix-session/src/lib.rs
@ -726,10 +726,7 @@ pub mod test_helpers {

        impl ServiceResponseExt for ServiceResponse {
            fn get_cookie(&self, cookie_name: &str) -> Option<actix_web::cookie::Cookie<'_>> {
-                self.response()
-                    .cookies()
-                    .into_iter()
-                    .find(|c| c.name() == cookie_name)
+                self.response().cookies().find(|c| c.name() == cookie_name)
            }
        }
    }