actix/actix-extras
1
0
Fork 0
mirror of https://github.com/actix/actix-extras.git synced 2024-11-23 15:51:06 +01:00
Code Issues Releases Wiki Activity

revert local-network change

Browse Source 
see https://github.com/actix/actix-extras/pull/320#issuecomment-1501189129
This commit is contained in:
Rob Ede 2023-04-09 19:56:43 +01:00
parent 8c93f5314b
commit 8a31f3020e
No known key found for this signature in database
GPG Key ID: 97C636207D3EF933
7 changed files with 52 additions and 53 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
actix-cors/CHANGES.md
View File

@ -2,7 +2,6 @@
## Unreleased - 2022-xx-xx ## Unreleased - 2022-xx-xx
- Rename `Cors::{allow_private_network_access => allow_local_network_access}()` and its unstable flag (`draft-private-network-access` => `draft-local-network-access`).
- Minimum supported Rust version (MSRV) is now 1.60. - Minimum supported Rust version (MSRV) is now 1.60.
## 0.6.4 - 2022-10-28 ## 0.6.4 - 2022-10-28

2
actix-cors/Cargo.toml
View File

@ -18,7 +18,7 @@ rustdoc-args = ["--cfg", "docsrs"]
all-features = true all-features = true
[features] [features]
draft-local-network-access = [] draft-private-network-access = []
[dependencies] [dependencies]
actix-utils = "3" actix-utils = "3"

22
actix-cors/src/builder.rs
View File

@ -101,8 +101,8 @@ impl Cors {
preflight: true, preflight: true,
send_wildcard: false, send_wildcard: false,
supports_credentials: true, supports_credentials: true,
#[cfg(feature = "draft-local-network-access")] #[cfg(feature = "draft-private-network-access")]
allow_local_network_access: false, allow_private_network_access: false,
vary_header: true, vary_header: true,
block_on_origin_mismatch: true, block_on_origin_mismatch: true,
}; };
@ -422,18 +422,18 @@ impl Cors {
/// Allow private network access. /// Allow private network access.
/// ///
/// If true, injects the `Access-Control-Allow-Local-Network: true` header in responses if the /// If true, injects the `Access-Control-Allow-Private-Network: true` header in responses if the
/// request contained the `Access-Control-Request-Local-Network: true` header. /// request contained the `Access-Control-Request-Private-Network: true` header.
/// ///
/// For more information on this behavior, see the draft [Local Network Access] spec. /// For more information on this behavior, see the draft [Private Network Access] spec.
/// ///
/// Defaults to `false`. /// Defaults to `false`.
/// ///
/// [Private Network Access]: https://wicg.github.io/local-network-access /// [Private Network Access]: https://wicg.github.io/private-network-access
#[cfg(feature = "draft-local-network-access")] #[cfg(feature = "draft-private-network-access")]
pub fn allow_local_network_access(mut self) -> Cors { pub fn allow_private_network_access(mut self) -> Cors {
if let Some(cors) = cors(&mut self.inner, &self.error) { if let Some(cors) = cors(&mut self.inner, &self.error) {
cors.allow_local_network_access = true; cors.allow_private_network_access = true;
} }
self self
@ -513,8 +513,8 @@ impl Default for Cors {
preflight: true, preflight: true,
send_wildcard: false, send_wildcard: false,
supports_credentials: false, supports_credentials: false,
#[cfg(feature = "draft-local-network-access")] #[cfg(feature = "draft-private-network-access")]
allow_local_network_access: false, allow_private_network_access: false,
vary_header: true, vary_header: true,
block_on_origin_mismatch: true, block_on_origin_mismatch: true,
}; };

14
actix-cors/src/inner.rs
View File

@ -64,8 +64,8 @@ pub(crate) struct Inner {
pub(crate) preflight: bool, pub(crate) preflight: bool,
pub(crate) send_wildcard: bool, pub(crate) send_wildcard: bool,
pub(crate) supports_credentials: bool, pub(crate) supports_credentials: bool,
#[cfg(feature = "draft-local-network-access")] #[cfg(feature = "draft-private-network-access")]
pub(crate) allow_local_network_access: bool, pub(crate) allow_private_network_access: bool,
pub(crate) vary_header: bool, pub(crate) vary_header: bool,
pub(crate) block_on_origin_mismatch: bool, pub(crate) block_on_origin_mismatch: bool,
} }
@ -222,19 +222,19 @@ pub(crate) fn add_vary_header(headers: &mut HeaderMap) {
val.extend(hdr.as_bytes()); val.extend(hdr.as_bytes());
val.extend(b", Origin, Access-Control-Request-Method, Access-Control-Request-Headers"); val.extend(b", Origin, Access-Control-Request-Method, Access-Control-Request-Headers");
#[cfg(feature = "draft-local-network-access")] #[cfg(feature = "draft-private-network-access")]
val.extend(b", Access-Control-Allow-Local-Network"); val.extend(b", Access-Control-Allow-Private-Network");
val.try_into().unwrap() val.try_into().unwrap()
} }
#[cfg(feature = "draft-local-network-access")] #[cfg(feature = "draft-private-network-access")]
None => HeaderValue::from_static( None => HeaderValue::from_static(
"Origin, Access-Control-Request-Method, Access-Control-Request-Headers, \ "Origin, Access-Control-Request-Method, Access-Control-Request-Headers, \
Access-Control-Allow-Local-Network", Access-Control-Allow-Private-Network",
), ),
#[cfg(not(feature = "draft-local-network-access"))] #[cfg(not(feature = "draft-private-network-access"))]
None => HeaderValue::from_static( None => HeaderValue::from_static(
"Origin, Access-Control-Request-Method, Access-Control-Request-Headers", "Origin, Access-Control-Request-Method, Access-Control-Request-Headers",
), ),

6
actix-cors/src/lib.rs
View File

@ -7,8 +7,8 @@
//! This CORS middleware automatically handles `OPTIONS` preflight requests. //! This CORS middleware automatically handles `OPTIONS` preflight requests.
//! //!
//! # Crate Features //! # Crate Features
//! - `draft-local-network-access`: ⚠️ Unstable. Adds opt-in support for the [Local Network Access] //! - `draft-private-network-access`: ⚠️ Unstable. Adds opt-in support for the [Private Network
//! spec extensions. This feature is unstable since it will follow any breaking changes in the //! Access] spec extensions. This feature is unstable since it will follow breaking changes in the
//! draft spec until it is finalized. //! draft spec until it is finalized.
//! //!
//! # Example //! # Example
@ -46,7 +46,7 @@
//! } //! }
//! ``` //! ```
//! //!
//! [Local Network Access]: https://wicg.github.io/local-network-access //! [Private Network Access]: https://wicg.github.io/private-network-access
#![forbid(unsafe_code)] #![forbid(unsafe_code)]
#![deny(rust_2018_idioms, nonstandard_style)] #![deny(rust_2018_idioms, nonstandard_style)]

16
actix-cors/src/middleware.rs
View File

@ -93,14 +93,14 @@ impl<S> CorsMiddleware<S> {
res.insert_header((header::ACCESS_CONTROL_ALLOW_HEADERS, headers.clone())); res.insert_header((header::ACCESS_CONTROL_ALLOW_HEADERS, headers.clone()));
} }
#[cfg(feature = "draft-local-network-access")] #[cfg(feature = "draft-private-network-access")]
if inner.allow_local_network_access if inner.allow_private_network_access
&& req && req
.headers() .headers()
.contains_key("access-control-request-local-network") .contains_key("access-control-request-private-network")
{ {
res.insert_header(( res.insert_header((
header::HeaderName::from_static("access-control-allow-local-network"), header::HeaderName::from_static("access-control-allow-private-network"),
HeaderValue::from_static("true"), HeaderValue::from_static("true"),
)); ));
} }
@ -173,15 +173,15 @@ impl<S> CorsMiddleware<S> {
); );
} }
#[cfg(feature = "draft-local-network-access")] #[cfg(feature = "draft-private-network-access")]
if inner.allow_local_network_access if inner.allow_private_network_access
&& res && res
.request() .request()
.headers() .headers()
.contains_key("access-control-request-local-network") .contains_key("access-control-request-private-network")
{ {
res.headers_mut().insert( res.headers_mut().insert(
header::HeaderName::from_static("access-control-allow-local-network"), header::HeaderName::from_static("access-control-allow-private-network"),
HeaderValue::from_static("true"), HeaderValue::from_static("true"),
); );
} }

44
actix-cors/tests/tests.rs
View File

@ -264,15 +264,15 @@ async fn test_response() {
.get(header::ACCESS_CONTROL_ALLOW_ORIGIN) .get(header::ACCESS_CONTROL_ALLOW_ORIGIN)
.map(HeaderValue::as_bytes) .map(HeaderValue::as_bytes)
); );
#[cfg(not(feature = "draft-local-network-access"))] #[cfg(not(feature = "draft-private-network-access"))]
assert_eq!( assert_eq!(
resp.headers().get(header::VARY).map(HeaderValue::as_bytes), resp.headers().get(header::VARY).map(HeaderValue::as_bytes),
Some(&b"Origin, Access-Control-Request-Method, Access-Control-Request-Headers"[..]), Some(&b"Origin, Access-Control-Request-Method, Access-Control-Request-Headers"[..]),
); );
#[cfg(feature = "draft-local-network-access")] #[cfg(feature = "draft-private-network-access")]
assert_eq!( assert_eq!(
resp.headers().get(header::VARY).map(HeaderValue::as_bytes), resp.headers().get(header::VARY).map(HeaderValue::as_bytes),
Some(&b"Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Access-Control-Allow-Local-Network"[..]), Some(&b"Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Access-Control-Allow-Private-Network"[..]),
); );
#[allow(clippy::needless_collect)] #[allow(clippy::needless_collect)]
@ -317,7 +317,7 @@ async fn test_response() {
.method(Method::OPTIONS) .method(Method::OPTIONS)
.to_srv_request(); .to_srv_request();
let resp = test::call_service(&cors, req).await; let resp = test::call_service(&cors, req).await;
#[cfg(not(feature = "draft-local-network-access"))] #[cfg(not(feature = "draft-private-network-access"))]
assert_eq!( assert_eq!(
resp.headers() resp.headers()
.get(header::VARY) .get(header::VARY)
@ -325,10 +325,10 @@ async fn test_response() {
.unwrap(), .unwrap(),
b"Accept, Origin, Access-Control-Request-Method, Access-Control-Request-Headers", b"Accept, Origin, Access-Control-Request-Method, Access-Control-Request-Headers",
); );
#[cfg(feature = "draft-local-network-access")] #[cfg(feature = "draft-private-network-access")]
assert_eq!( assert_eq!(
resp.headers().get(header::VARY).map(HeaderValue::as_bytes).unwrap(), resp.headers().get(header::VARY).map(HeaderValue::as_bytes).unwrap(),
b"Accept, Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Access-Control-Allow-Local-Network", b"Accept, Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Access-Control-Allow-Private-Network",
); );
let cors = Cors::default() let cors = Cors::default()
@ -478,7 +478,7 @@ async fn vary_header_on_all_handled_responses() {
assert!(resp assert!(resp
.headers() .headers()
.contains_key(header::ACCESS_CONTROL_ALLOW_METHODS)); .contains_key(header::ACCESS_CONTROL_ALLOW_METHODS));
#[cfg(not(feature = "draft-local-network-access"))] #[cfg(not(feature = "draft-private-network-access"))]
assert_eq!( assert_eq!(
resp.headers() resp.headers()
.get(header::VARY) .get(header::VARY)
@ -487,14 +487,14 @@ async fn vary_header_on_all_handled_responses() {
.unwrap(), .unwrap(),
"Origin, Access-Control-Request-Method, Access-Control-Request-Headers", "Origin, Access-Control-Request-Method, Access-Control-Request-Headers",
); );
#[cfg(feature = "draft-local-network-access")] #[cfg(feature = "draft-private-network-access")]
assert_eq!( assert_eq!(
resp.headers() resp.headers()
.get(header::VARY) .get(header::VARY)
.expect("response should have Vary header") .expect("response should have Vary header")
.to_str() .to_str()
.unwrap(), .unwrap(),
"Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Access-Control-Allow-Local-Network", "Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Access-Control-Allow-Private-Network",
); );
// follow-up regular request // follow-up regular request
@ -504,7 +504,7 @@ async fn vary_header_on_all_handled_responses() {
.to_srv_request(); .to_srv_request();
let resp = test::call_service(&cors, req).await; let resp = test::call_service(&cors, req).await;
assert_eq!(resp.status(), StatusCode::OK); assert_eq!(resp.status(), StatusCode::OK);
#[cfg(not(feature = "draft-local-network-access"))] #[cfg(not(feature = "draft-private-network-access"))]
assert_eq!( assert_eq!(
resp.headers() resp.headers()
.get(header::VARY) .get(header::VARY)
@ -513,14 +513,14 @@ async fn vary_header_on_all_handled_responses() {
.unwrap(), .unwrap(),
"Origin, Access-Control-Request-Method, Access-Control-Request-Headers", "Origin, Access-Control-Request-Method, Access-Control-Request-Headers",
); );
#[cfg(feature = "draft-local-network-access")] #[cfg(feature = "draft-private-network-access")]
assert_eq!( assert_eq!(
resp.headers() resp.headers()
.get(header::VARY) .get(header::VARY)
.expect("response should have Vary header") .expect("response should have Vary header")
.to_str() .to_str()
.unwrap(), .unwrap(),
"Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Access-Control-Allow-Local-Network", "Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Access-Control-Allow-Private-Network",
); );
let cors = Cors::default() let cors = Cors::default()
@ -536,7 +536,7 @@ async fn vary_header_on_all_handled_responses() {
.to_srv_request(); .to_srv_request();
let resp = test::call_service(&cors, req).await; let resp = test::call_service(&cors, req).await;
assert_eq!(resp.status(), StatusCode::BAD_REQUEST); assert_eq!(resp.status(), StatusCode::BAD_REQUEST);
#[cfg(not(feature = "draft-local-network-access"))] #[cfg(not(feature = "draft-private-network-access"))]
assert_eq!( assert_eq!(
resp.headers() resp.headers()
.get(header::VARY) .get(header::VARY)
@ -545,21 +545,21 @@ async fn vary_header_on_all_handled_responses() {
.unwrap(), .unwrap(),
"Origin, Access-Control-Request-Method, Access-Control-Request-Headers", "Origin, Access-Control-Request-Method, Access-Control-Request-Headers",
); );
#[cfg(feature = "draft-local-network-access")] #[cfg(feature = "draft-private-network-access")]
assert_eq!( assert_eq!(
resp.headers() resp.headers()
.get(header::VARY) .get(header::VARY)
.expect("response should have Vary header") .expect("response should have Vary header")
.to_str() .to_str()
.unwrap(), .unwrap(),
"Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Access-Control-Allow-Local-Network", "Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Access-Control-Allow-Private-Network",
); );
// regular request no origin // regular request no origin
let req = TestRequest::default().method(Method::PUT).to_srv_request(); let req = TestRequest::default().method(Method::PUT).to_srv_request();
let resp = test::call_service(&cors, req).await; let resp = test::call_service(&cors, req).await;
assert_eq!(resp.status(), StatusCode::OK); assert_eq!(resp.status(), StatusCode::OK);
#[cfg(not(feature = "draft-local-network-access"))] #[cfg(not(feature = "draft-private-network-access"))]
assert_eq!( assert_eq!(
resp.headers() resp.headers()
.get(header::VARY) .get(header::VARY)
@ -568,14 +568,14 @@ async fn vary_header_on_all_handled_responses() {
.unwrap(), .unwrap(),
"Origin, Access-Control-Request-Method, Access-Control-Request-Headers", "Origin, Access-Control-Request-Method, Access-Control-Request-Headers",
); );
#[cfg(feature = "draft-local-network-access")] #[cfg(feature = "draft-private-network-access")]
assert_eq!( assert_eq!(
resp.headers() resp.headers()
.get(header::VARY) .get(header::VARY)
.expect("response should have Vary header") .expect("response should have Vary header")
.to_str() .to_str()
.unwrap(), .unwrap(),
"Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Access-Control-Allow-Local-Network", "Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Access-Control-Allow-Private-Network",
); );
} }
@ -634,12 +634,12 @@ async fn expose_all_request_header_values() {
assert!(cd_hdr.contains("access-control-allow-origin")); assert!(cd_hdr.contains("access-control-allow-origin"));
} }
#[cfg(feature = "draft-local-network-access")] #[cfg(feature = "draft-private-network-access")]
#[actix_web::test] #[actix_web::test]
async fn private_network_access() { async fn private_network_access() {
let cors = Cors::permissive() let cors = Cors::permissive()
.allowed_origin("https://public.site") .allowed_origin("https://public.site")
.allow_local_network_access() .allow_private_network_access()
.new_transform(fn_service(|req: ServiceRequest| async move { .new_transform(fn_service(|req: ServiceRequest| async move {
let res = req.into_response( let res = req.into_response(
HttpResponse::Ok() HttpResponse::Ok()
@ -664,11 +664,11 @@ async fn private_network_access() {
.insert_header((header::ORIGIN, "https://public.site")) .insert_header((header::ORIGIN, "https://public.site"))
.insert_header((header::ACCESS_CONTROL_REQUEST_METHOD, "POST")) .insert_header((header::ACCESS_CONTROL_REQUEST_METHOD, "POST"))
.insert_header((header::ACCESS_CONTROL_ALLOW_CREDENTIALS, "true")) .insert_header((header::ACCESS_CONTROL_ALLOW_CREDENTIALS, "true"))
.insert_header(("Access-Control-Request-Local-Network", "true")) .insert_header(("Access-Control-Request-Private-Network", "true"))
.to_srv_request(); .to_srv_request();
let res = test::call_service(&cors, req).await; let res = test::call_service(&cors, req).await;
assert!(res.headers().contains_key("access-control-allow-origin")); assert!(res.headers().contains_key("access-control-allow-origin"));
assert!(res assert!(res
.headers() .headers()
.contains_key("access-control-allow-local-network")); .contains_key("access-control-allow-private-network"));
} }