mirror of
https://github.com/actix/actix-extras.git
synced 2024-11-27 17:22:57 +01:00
revert local-network change
see https://github.com/actix/actix-extras/pull/320#issuecomment-1501189129
This commit is contained in:
parent
8c93f5314b
commit
8a31f3020e
@ -2,7 +2,6 @@
|
|||||||
|
|
||||||
## Unreleased - 2022-xx-xx
|
## Unreleased - 2022-xx-xx
|
||||||
|
|
||||||
- Rename `Cors::{allow_private_network_access => allow_local_network_access}()` and its unstable flag (`draft-private-network-access` => `draft-local-network-access`).
|
|
||||||
- Minimum supported Rust version (MSRV) is now 1.60.
|
- Minimum supported Rust version (MSRV) is now 1.60.
|
||||||
|
|
||||||
## 0.6.4 - 2022-10-28
|
## 0.6.4 - 2022-10-28
|
||||||
|
@ -18,7 +18,7 @@ rustdoc-args = ["--cfg", "docsrs"]
|
|||||||
all-features = true
|
all-features = true
|
||||||
|
|
||||||
[features]
|
[features]
|
||||||
draft-local-network-access = []
|
draft-private-network-access = []
|
||||||
|
|
||||||
[dependencies]
|
[dependencies]
|
||||||
actix-utils = "3"
|
actix-utils = "3"
|
||||||
|
@ -101,8 +101,8 @@ impl Cors {
|
|||||||
preflight: true,
|
preflight: true,
|
||||||
send_wildcard: false,
|
send_wildcard: false,
|
||||||
supports_credentials: true,
|
supports_credentials: true,
|
||||||
#[cfg(feature = "draft-local-network-access")]
|
#[cfg(feature = "draft-private-network-access")]
|
||||||
allow_local_network_access: false,
|
allow_private_network_access: false,
|
||||||
vary_header: true,
|
vary_header: true,
|
||||||
block_on_origin_mismatch: true,
|
block_on_origin_mismatch: true,
|
||||||
};
|
};
|
||||||
@ -422,18 +422,18 @@ impl Cors {
|
|||||||
|
|
||||||
/// Allow private network access.
|
/// Allow private network access.
|
||||||
///
|
///
|
||||||
/// If true, injects the `Access-Control-Allow-Local-Network: true` header in responses if the
|
/// If true, injects the `Access-Control-Allow-Private-Network: true` header in responses if the
|
||||||
/// request contained the `Access-Control-Request-Local-Network: true` header.
|
/// request contained the `Access-Control-Request-Private-Network: true` header.
|
||||||
///
|
///
|
||||||
/// For more information on this behavior, see the draft [Local Network Access] spec.
|
/// For more information on this behavior, see the draft [Private Network Access] spec.
|
||||||
///
|
///
|
||||||
/// Defaults to `false`.
|
/// Defaults to `false`.
|
||||||
///
|
///
|
||||||
/// [Private Network Access]: https://wicg.github.io/local-network-access
|
/// [Private Network Access]: https://wicg.github.io/private-network-access
|
||||||
#[cfg(feature = "draft-local-network-access")]
|
#[cfg(feature = "draft-private-network-access")]
|
||||||
pub fn allow_local_network_access(mut self) -> Cors {
|
pub fn allow_private_network_access(mut self) -> Cors {
|
||||||
if let Some(cors) = cors(&mut self.inner, &self.error) {
|
if let Some(cors) = cors(&mut self.inner, &self.error) {
|
||||||
cors.allow_local_network_access = true;
|
cors.allow_private_network_access = true;
|
||||||
}
|
}
|
||||||
|
|
||||||
self
|
self
|
||||||
@ -513,8 +513,8 @@ impl Default for Cors {
|
|||||||
preflight: true,
|
preflight: true,
|
||||||
send_wildcard: false,
|
send_wildcard: false,
|
||||||
supports_credentials: false,
|
supports_credentials: false,
|
||||||
#[cfg(feature = "draft-local-network-access")]
|
#[cfg(feature = "draft-private-network-access")]
|
||||||
allow_local_network_access: false,
|
allow_private_network_access: false,
|
||||||
vary_header: true,
|
vary_header: true,
|
||||||
block_on_origin_mismatch: true,
|
block_on_origin_mismatch: true,
|
||||||
};
|
};
|
||||||
|
@ -64,8 +64,8 @@ pub(crate) struct Inner {
|
|||||||
pub(crate) preflight: bool,
|
pub(crate) preflight: bool,
|
||||||
pub(crate) send_wildcard: bool,
|
pub(crate) send_wildcard: bool,
|
||||||
pub(crate) supports_credentials: bool,
|
pub(crate) supports_credentials: bool,
|
||||||
#[cfg(feature = "draft-local-network-access")]
|
#[cfg(feature = "draft-private-network-access")]
|
||||||
pub(crate) allow_local_network_access: bool,
|
pub(crate) allow_private_network_access: bool,
|
||||||
pub(crate) vary_header: bool,
|
pub(crate) vary_header: bool,
|
||||||
pub(crate) block_on_origin_mismatch: bool,
|
pub(crate) block_on_origin_mismatch: bool,
|
||||||
}
|
}
|
||||||
@ -222,19 +222,19 @@ pub(crate) fn add_vary_header(headers: &mut HeaderMap) {
|
|||||||
val.extend(hdr.as_bytes());
|
val.extend(hdr.as_bytes());
|
||||||
val.extend(b", Origin, Access-Control-Request-Method, Access-Control-Request-Headers");
|
val.extend(b", Origin, Access-Control-Request-Method, Access-Control-Request-Headers");
|
||||||
|
|
||||||
#[cfg(feature = "draft-local-network-access")]
|
#[cfg(feature = "draft-private-network-access")]
|
||||||
val.extend(b", Access-Control-Allow-Local-Network");
|
val.extend(b", Access-Control-Allow-Private-Network");
|
||||||
|
|
||||||
val.try_into().unwrap()
|
val.try_into().unwrap()
|
||||||
}
|
}
|
||||||
|
|
||||||
#[cfg(feature = "draft-local-network-access")]
|
#[cfg(feature = "draft-private-network-access")]
|
||||||
None => HeaderValue::from_static(
|
None => HeaderValue::from_static(
|
||||||
"Origin, Access-Control-Request-Method, Access-Control-Request-Headers, \
|
"Origin, Access-Control-Request-Method, Access-Control-Request-Headers, \
|
||||||
Access-Control-Allow-Local-Network",
|
Access-Control-Allow-Private-Network",
|
||||||
),
|
),
|
||||||
|
|
||||||
#[cfg(not(feature = "draft-local-network-access"))]
|
#[cfg(not(feature = "draft-private-network-access"))]
|
||||||
None => HeaderValue::from_static(
|
None => HeaderValue::from_static(
|
||||||
"Origin, Access-Control-Request-Method, Access-Control-Request-Headers",
|
"Origin, Access-Control-Request-Method, Access-Control-Request-Headers",
|
||||||
),
|
),
|
||||||
|
@ -7,8 +7,8 @@
|
|||||||
//! This CORS middleware automatically handles `OPTIONS` preflight requests.
|
//! This CORS middleware automatically handles `OPTIONS` preflight requests.
|
||||||
//!
|
//!
|
||||||
//! # Crate Features
|
//! # Crate Features
|
||||||
//! - `draft-local-network-access`: ⚠️ Unstable. Adds opt-in support for the [Local Network Access]
|
//! - `draft-private-network-access`: ⚠️ Unstable. Adds opt-in support for the [Private Network
|
||||||
//! spec extensions. This feature is unstable since it will follow any breaking changes in the
|
//! Access] spec extensions. This feature is unstable since it will follow breaking changes in the
|
||||||
//! draft spec until it is finalized.
|
//! draft spec until it is finalized.
|
||||||
//!
|
//!
|
||||||
//! # Example
|
//! # Example
|
||||||
@ -46,7 +46,7 @@
|
|||||||
//! }
|
//! }
|
||||||
//! ```
|
//! ```
|
||||||
//!
|
//!
|
||||||
//! [Local Network Access]: https://wicg.github.io/local-network-access
|
//! [Private Network Access]: https://wicg.github.io/private-network-access
|
||||||
|
|
||||||
#![forbid(unsafe_code)]
|
#![forbid(unsafe_code)]
|
||||||
#![deny(rust_2018_idioms, nonstandard_style)]
|
#![deny(rust_2018_idioms, nonstandard_style)]
|
||||||
|
@ -93,14 +93,14 @@ impl<S> CorsMiddleware<S> {
|
|||||||
res.insert_header((header::ACCESS_CONTROL_ALLOW_HEADERS, headers.clone()));
|
res.insert_header((header::ACCESS_CONTROL_ALLOW_HEADERS, headers.clone()));
|
||||||
}
|
}
|
||||||
|
|
||||||
#[cfg(feature = "draft-local-network-access")]
|
#[cfg(feature = "draft-private-network-access")]
|
||||||
if inner.allow_local_network_access
|
if inner.allow_private_network_access
|
||||||
&& req
|
&& req
|
||||||
.headers()
|
.headers()
|
||||||
.contains_key("access-control-request-local-network")
|
.contains_key("access-control-request-private-network")
|
||||||
{
|
{
|
||||||
res.insert_header((
|
res.insert_header((
|
||||||
header::HeaderName::from_static("access-control-allow-local-network"),
|
header::HeaderName::from_static("access-control-allow-private-network"),
|
||||||
HeaderValue::from_static("true"),
|
HeaderValue::from_static("true"),
|
||||||
));
|
));
|
||||||
}
|
}
|
||||||
@ -173,15 +173,15 @@ impl<S> CorsMiddleware<S> {
|
|||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
#[cfg(feature = "draft-local-network-access")]
|
#[cfg(feature = "draft-private-network-access")]
|
||||||
if inner.allow_local_network_access
|
if inner.allow_private_network_access
|
||||||
&& res
|
&& res
|
||||||
.request()
|
.request()
|
||||||
.headers()
|
.headers()
|
||||||
.contains_key("access-control-request-local-network")
|
.contains_key("access-control-request-private-network")
|
||||||
{
|
{
|
||||||
res.headers_mut().insert(
|
res.headers_mut().insert(
|
||||||
header::HeaderName::from_static("access-control-allow-local-network"),
|
header::HeaderName::from_static("access-control-allow-private-network"),
|
||||||
HeaderValue::from_static("true"),
|
HeaderValue::from_static("true"),
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
@ -264,15 +264,15 @@ async fn test_response() {
|
|||||||
.get(header::ACCESS_CONTROL_ALLOW_ORIGIN)
|
.get(header::ACCESS_CONTROL_ALLOW_ORIGIN)
|
||||||
.map(HeaderValue::as_bytes)
|
.map(HeaderValue::as_bytes)
|
||||||
);
|
);
|
||||||
#[cfg(not(feature = "draft-local-network-access"))]
|
#[cfg(not(feature = "draft-private-network-access"))]
|
||||||
assert_eq!(
|
assert_eq!(
|
||||||
resp.headers().get(header::VARY).map(HeaderValue::as_bytes),
|
resp.headers().get(header::VARY).map(HeaderValue::as_bytes),
|
||||||
Some(&b"Origin, Access-Control-Request-Method, Access-Control-Request-Headers"[..]),
|
Some(&b"Origin, Access-Control-Request-Method, Access-Control-Request-Headers"[..]),
|
||||||
);
|
);
|
||||||
#[cfg(feature = "draft-local-network-access")]
|
#[cfg(feature = "draft-private-network-access")]
|
||||||
assert_eq!(
|
assert_eq!(
|
||||||
resp.headers().get(header::VARY).map(HeaderValue::as_bytes),
|
resp.headers().get(header::VARY).map(HeaderValue::as_bytes),
|
||||||
Some(&b"Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Access-Control-Allow-Local-Network"[..]),
|
Some(&b"Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Access-Control-Allow-Private-Network"[..]),
|
||||||
);
|
);
|
||||||
|
|
||||||
#[allow(clippy::needless_collect)]
|
#[allow(clippy::needless_collect)]
|
||||||
@ -317,7 +317,7 @@ async fn test_response() {
|
|||||||
.method(Method::OPTIONS)
|
.method(Method::OPTIONS)
|
||||||
.to_srv_request();
|
.to_srv_request();
|
||||||
let resp = test::call_service(&cors, req).await;
|
let resp = test::call_service(&cors, req).await;
|
||||||
#[cfg(not(feature = "draft-local-network-access"))]
|
#[cfg(not(feature = "draft-private-network-access"))]
|
||||||
assert_eq!(
|
assert_eq!(
|
||||||
resp.headers()
|
resp.headers()
|
||||||
.get(header::VARY)
|
.get(header::VARY)
|
||||||
@ -325,10 +325,10 @@ async fn test_response() {
|
|||||||
.unwrap(),
|
.unwrap(),
|
||||||
b"Accept, Origin, Access-Control-Request-Method, Access-Control-Request-Headers",
|
b"Accept, Origin, Access-Control-Request-Method, Access-Control-Request-Headers",
|
||||||
);
|
);
|
||||||
#[cfg(feature = "draft-local-network-access")]
|
#[cfg(feature = "draft-private-network-access")]
|
||||||
assert_eq!(
|
assert_eq!(
|
||||||
resp.headers().get(header::VARY).map(HeaderValue::as_bytes).unwrap(),
|
resp.headers().get(header::VARY).map(HeaderValue::as_bytes).unwrap(),
|
||||||
b"Accept, Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Access-Control-Allow-Local-Network",
|
b"Accept, Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Access-Control-Allow-Private-Network",
|
||||||
);
|
);
|
||||||
|
|
||||||
let cors = Cors::default()
|
let cors = Cors::default()
|
||||||
@ -478,7 +478,7 @@ async fn vary_header_on_all_handled_responses() {
|
|||||||
assert!(resp
|
assert!(resp
|
||||||
.headers()
|
.headers()
|
||||||
.contains_key(header::ACCESS_CONTROL_ALLOW_METHODS));
|
.contains_key(header::ACCESS_CONTROL_ALLOW_METHODS));
|
||||||
#[cfg(not(feature = "draft-local-network-access"))]
|
#[cfg(not(feature = "draft-private-network-access"))]
|
||||||
assert_eq!(
|
assert_eq!(
|
||||||
resp.headers()
|
resp.headers()
|
||||||
.get(header::VARY)
|
.get(header::VARY)
|
||||||
@ -487,14 +487,14 @@ async fn vary_header_on_all_handled_responses() {
|
|||||||
.unwrap(),
|
.unwrap(),
|
||||||
"Origin, Access-Control-Request-Method, Access-Control-Request-Headers",
|
"Origin, Access-Control-Request-Method, Access-Control-Request-Headers",
|
||||||
);
|
);
|
||||||
#[cfg(feature = "draft-local-network-access")]
|
#[cfg(feature = "draft-private-network-access")]
|
||||||
assert_eq!(
|
assert_eq!(
|
||||||
resp.headers()
|
resp.headers()
|
||||||
.get(header::VARY)
|
.get(header::VARY)
|
||||||
.expect("response should have Vary header")
|
.expect("response should have Vary header")
|
||||||
.to_str()
|
.to_str()
|
||||||
.unwrap(),
|
.unwrap(),
|
||||||
"Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Access-Control-Allow-Local-Network",
|
"Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Access-Control-Allow-Private-Network",
|
||||||
);
|
);
|
||||||
|
|
||||||
// follow-up regular request
|
// follow-up regular request
|
||||||
@ -504,7 +504,7 @@ async fn vary_header_on_all_handled_responses() {
|
|||||||
.to_srv_request();
|
.to_srv_request();
|
||||||
let resp = test::call_service(&cors, req).await;
|
let resp = test::call_service(&cors, req).await;
|
||||||
assert_eq!(resp.status(), StatusCode::OK);
|
assert_eq!(resp.status(), StatusCode::OK);
|
||||||
#[cfg(not(feature = "draft-local-network-access"))]
|
#[cfg(not(feature = "draft-private-network-access"))]
|
||||||
assert_eq!(
|
assert_eq!(
|
||||||
resp.headers()
|
resp.headers()
|
||||||
.get(header::VARY)
|
.get(header::VARY)
|
||||||
@ -513,14 +513,14 @@ async fn vary_header_on_all_handled_responses() {
|
|||||||
.unwrap(),
|
.unwrap(),
|
||||||
"Origin, Access-Control-Request-Method, Access-Control-Request-Headers",
|
"Origin, Access-Control-Request-Method, Access-Control-Request-Headers",
|
||||||
);
|
);
|
||||||
#[cfg(feature = "draft-local-network-access")]
|
#[cfg(feature = "draft-private-network-access")]
|
||||||
assert_eq!(
|
assert_eq!(
|
||||||
resp.headers()
|
resp.headers()
|
||||||
.get(header::VARY)
|
.get(header::VARY)
|
||||||
.expect("response should have Vary header")
|
.expect("response should have Vary header")
|
||||||
.to_str()
|
.to_str()
|
||||||
.unwrap(),
|
.unwrap(),
|
||||||
"Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Access-Control-Allow-Local-Network",
|
"Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Access-Control-Allow-Private-Network",
|
||||||
);
|
);
|
||||||
|
|
||||||
let cors = Cors::default()
|
let cors = Cors::default()
|
||||||
@ -536,7 +536,7 @@ async fn vary_header_on_all_handled_responses() {
|
|||||||
.to_srv_request();
|
.to_srv_request();
|
||||||
let resp = test::call_service(&cors, req).await;
|
let resp = test::call_service(&cors, req).await;
|
||||||
assert_eq!(resp.status(), StatusCode::BAD_REQUEST);
|
assert_eq!(resp.status(), StatusCode::BAD_REQUEST);
|
||||||
#[cfg(not(feature = "draft-local-network-access"))]
|
#[cfg(not(feature = "draft-private-network-access"))]
|
||||||
assert_eq!(
|
assert_eq!(
|
||||||
resp.headers()
|
resp.headers()
|
||||||
.get(header::VARY)
|
.get(header::VARY)
|
||||||
@ -545,21 +545,21 @@ async fn vary_header_on_all_handled_responses() {
|
|||||||
.unwrap(),
|
.unwrap(),
|
||||||
"Origin, Access-Control-Request-Method, Access-Control-Request-Headers",
|
"Origin, Access-Control-Request-Method, Access-Control-Request-Headers",
|
||||||
);
|
);
|
||||||
#[cfg(feature = "draft-local-network-access")]
|
#[cfg(feature = "draft-private-network-access")]
|
||||||
assert_eq!(
|
assert_eq!(
|
||||||
resp.headers()
|
resp.headers()
|
||||||
.get(header::VARY)
|
.get(header::VARY)
|
||||||
.expect("response should have Vary header")
|
.expect("response should have Vary header")
|
||||||
.to_str()
|
.to_str()
|
||||||
.unwrap(),
|
.unwrap(),
|
||||||
"Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Access-Control-Allow-Local-Network",
|
"Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Access-Control-Allow-Private-Network",
|
||||||
);
|
);
|
||||||
|
|
||||||
// regular request no origin
|
// regular request no origin
|
||||||
let req = TestRequest::default().method(Method::PUT).to_srv_request();
|
let req = TestRequest::default().method(Method::PUT).to_srv_request();
|
||||||
let resp = test::call_service(&cors, req).await;
|
let resp = test::call_service(&cors, req).await;
|
||||||
assert_eq!(resp.status(), StatusCode::OK);
|
assert_eq!(resp.status(), StatusCode::OK);
|
||||||
#[cfg(not(feature = "draft-local-network-access"))]
|
#[cfg(not(feature = "draft-private-network-access"))]
|
||||||
assert_eq!(
|
assert_eq!(
|
||||||
resp.headers()
|
resp.headers()
|
||||||
.get(header::VARY)
|
.get(header::VARY)
|
||||||
@ -568,14 +568,14 @@ async fn vary_header_on_all_handled_responses() {
|
|||||||
.unwrap(),
|
.unwrap(),
|
||||||
"Origin, Access-Control-Request-Method, Access-Control-Request-Headers",
|
"Origin, Access-Control-Request-Method, Access-Control-Request-Headers",
|
||||||
);
|
);
|
||||||
#[cfg(feature = "draft-local-network-access")]
|
#[cfg(feature = "draft-private-network-access")]
|
||||||
assert_eq!(
|
assert_eq!(
|
||||||
resp.headers()
|
resp.headers()
|
||||||
.get(header::VARY)
|
.get(header::VARY)
|
||||||
.expect("response should have Vary header")
|
.expect("response should have Vary header")
|
||||||
.to_str()
|
.to_str()
|
||||||
.unwrap(),
|
.unwrap(),
|
||||||
"Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Access-Control-Allow-Local-Network",
|
"Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Access-Control-Allow-Private-Network",
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -634,12 +634,12 @@ async fn expose_all_request_header_values() {
|
|||||||
assert!(cd_hdr.contains("access-control-allow-origin"));
|
assert!(cd_hdr.contains("access-control-allow-origin"));
|
||||||
}
|
}
|
||||||
|
|
||||||
#[cfg(feature = "draft-local-network-access")]
|
#[cfg(feature = "draft-private-network-access")]
|
||||||
#[actix_web::test]
|
#[actix_web::test]
|
||||||
async fn private_network_access() {
|
async fn private_network_access() {
|
||||||
let cors = Cors::permissive()
|
let cors = Cors::permissive()
|
||||||
.allowed_origin("https://public.site")
|
.allowed_origin("https://public.site")
|
||||||
.allow_local_network_access()
|
.allow_private_network_access()
|
||||||
.new_transform(fn_service(|req: ServiceRequest| async move {
|
.new_transform(fn_service(|req: ServiceRequest| async move {
|
||||||
let res = req.into_response(
|
let res = req.into_response(
|
||||||
HttpResponse::Ok()
|
HttpResponse::Ok()
|
||||||
@ -664,11 +664,11 @@ async fn private_network_access() {
|
|||||||
.insert_header((header::ORIGIN, "https://public.site"))
|
.insert_header((header::ORIGIN, "https://public.site"))
|
||||||
.insert_header((header::ACCESS_CONTROL_REQUEST_METHOD, "POST"))
|
.insert_header((header::ACCESS_CONTROL_REQUEST_METHOD, "POST"))
|
||||||
.insert_header((header::ACCESS_CONTROL_ALLOW_CREDENTIALS, "true"))
|
.insert_header((header::ACCESS_CONTROL_ALLOW_CREDENTIALS, "true"))
|
||||||
.insert_header(("Access-Control-Request-Local-Network", "true"))
|
.insert_header(("Access-Control-Request-Private-Network", "true"))
|
||||||
.to_srv_request();
|
.to_srv_request();
|
||||||
let res = test::call_service(&cors, req).await;
|
let res = test::call_service(&cors, req).await;
|
||||||
assert!(res.headers().contains_key("access-control-allow-origin"));
|
assert!(res.headers().contains_key("access-control-allow-origin"));
|
||||||
assert!(res
|
assert!(res
|
||||||
.headers()
|
.headers()
|
||||||
.contains_key("access-control-allow-local-network"));
|
.contains_key("access-control-allow-private-network"));
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user