actix/actix-extras
1
0
Fork 0
mirror of https://github.com/actix/actix-extras.git synced 2025-06-26 10:27:42 +02:00
Code Issues Releases Wiki Activity

Update dependencies (Tokio 1.0) (#144)

Browse Source
This commit is contained in:
Andrey Kutejko
2021-03-21 23:50:26 +01:00
committed by GitHub
parent 86ff1302ad
commit ca85f6b245
34 changed files with 429 additions and 503 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
actix-cors/CHANGES.md
View File

@ -1,7 +1,7 @@
# Changes
## Unreleased - 2021-xx-xx
* Minimum supported Rust version (MSRV) is now 1.46.0.
## 0.5.4 - 2020-12-31

6
actix-cors/Cargo.toml
View File

@ -19,7 +19,7 @@ name = "actix_cors"
path = "src/lib.rs"
[dependencies]
actix-web = { version = "3.0.0", default-features = false }
actix-web = { version = "4.0.0-beta.4", default-features = false }
derive_more = "0.99.5"
futures-util = { version = "0.3.7", default-features = false }
log = "0.4"
@ -27,7 +27,7 @@ once_cell = "1"
tinyvec = { version = "1", features = ["alloc"] }
[dev-dependencies]
actix-service = "1"
actix-rt = "1"
actix-service = "2.0.0-beta.5"
actix-rt = "2"
pretty_env_logger = "0.4"
regex = "1.4"

2
actix-cors/README.md
View File

@ -12,4 +12,4 @@
- [API Documentation](https://docs.rs/actix-cors)
- [Example Project](https://github.com/actix/examples/tree/master/security/web-cors)
- [Chat on Gitter](https://gitter.im/actix/actix-web)
- Minimum Supported Rust Version (MSRV): 1.42.0
- Minimum Supported Rust Version (MSRV): 1.46.0

28
actix-cors/src/builder.rs
View File

@ -145,7 +145,7 @@ impl Cors {
match TryInto::<Uri>::try_into(origin) {
Ok(_) if origin == "*" => {
error!("Wildcard in `allowed_origin` is not allowed. Use `send_wildcard`.");
self.error = Some(Either::B(CorsError::WildcardOrigin));
self.error = Some(Either::Right(CorsError::WildcardOrigin));
}
Ok(_) => {
@ -162,7 +162,7 @@ impl Cors {
}
Err(err) => {
self.error = Some(Either::A(err.into()));
self.error = Some(Either::Left(err.into()));
}
}
}
@ -224,7 +224,7 @@ impl Cors {
}
Err(err) => {
self.error = Some(Either::A(err.into()));
self.error = Some(Either::Left(err.into()));
break;
}
}
@ -266,7 +266,7 @@ impl Cors {
}
}
Err(err) => self.error = Some(Either::A(err.into())),
Err(err) => self.error = Some(Either::Left(err.into())),
}
}
@ -303,7 +303,7 @@ impl Cors {
}
}
Err(err) => {
self.error = Some(Either::A(err.into()));
self.error = Some(Either::Left(err.into()));
break;
}
}
@ -351,7 +351,7 @@ impl Cors {
}
}
Err(err) => {
self.error = Some(Either::A(err.into()));
self.error = Some(Either::Left(err.into()));
break;
}
}
@ -483,13 +483,12 @@ impl Default for Cors {
}
}
impl<S, B> Transform<S> for Cors
impl<S, B> Transform<S, ServiceRequest> for Cors
where
S: Service<Request = ServiceRequest, Response = ServiceResponse<B>, Error = Error>,
S: Service<ServiceRequest, Response = ServiceResponse<B>, Error = Error>,
S::Future: 'static,
B: 'static,
{
type Request = ServiceRequest;
type Response = ServiceResponse<B>;
type Error = Error;
type InitError = ();
@ -499,8 +498,8 @@ where
fn new_transform(&self, service: S) -> Self::Future {
if let Some(ref err) = self.error {
match err {
Either::A(err) => error!("{}", err),
Either::B(err) => error!("{}", err),
Either::Left(err) => error!("{}", err),
Either::Right(err) => error!("{}", err),
}
return future::err(());
@ -592,15 +591,16 @@ mod test {
#[actix_rt::test]
async fn restrictive_defaults() {
let mut cors = Cors::default()
let cors = Cors::default()
.new_transform(test::ok_service())
.await
.unwrap();
let req = TestRequest::with_header("Origin", "https://www.example.com")
let req = TestRequest::default()
.insert_header(("Origin", "https://www.example.com"))
.to_srv_request();
let resp = test::call_service(&mut cors, req).await;
let resp = test::call_service(&cors, req).await;
assert_eq!(resp.status(), StatusCode::BAD_REQUEST);
}

42
actix-cors/src/inner.rs
View File

@ -235,8 +235,8 @@ mod test {
.unwrap();
let req = TestRequest::get()
.header(header::ORIGIN, "https://www.unknown.com")
.header(header::ACCESS_CONTROL_REQUEST_HEADERS, "DNT")
.insert_header((header::ORIGIN, "https://www.unknown.com"))
.insert_header((header::ACCESS_CONTROL_REQUEST_HEADERS, "DNT"))
.to_srv_request();
assert!(cors.inner.validate_origin(req.head()).is_err());
@ -257,34 +257,37 @@ mod test {
.await
.unwrap();
let req = TestRequest::with_header("Origin", "https://www.example.com")
let req = TestRequest::default()
.method(Method::OPTIONS)
.header(header::ACCESS_CONTROL_REQUEST_HEADERS, "X-Not-Allowed")
.insert_header(("Origin", "https://www.example.com"))
.insert_header((header::ACCESS_CONTROL_REQUEST_HEADERS, "X-Not-Allowed"))
.to_srv_request();
assert!(cors.inner.validate_allowed_method(req.head()).is_err());
assert!(cors.inner.validate_allowed_headers(req.head()).is_err());
let resp = test::call_service(&mut cors, req).await;
let resp = test::call_service(&cors, req).await;
assert_eq!(resp.status(), StatusCode::BAD_REQUEST);
let req = TestRequest::with_header("Origin", "https://www.example.com")
.header(header::ACCESS_CONTROL_REQUEST_METHOD, "put")
let req = TestRequest::default()
.method(Method::OPTIONS)
.insert_header(("Origin", "https://www.example.com"))
.insert_header((header::ACCESS_CONTROL_REQUEST_METHOD, "put"))
.to_srv_request();
assert!(cors.inner.validate_allowed_method(req.head()).is_err());
assert!(cors.inner.validate_allowed_headers(req.head()).is_ok());
let req = TestRequest::with_header("Origin", "https://www.example.com")
.header(header::ACCESS_CONTROL_REQUEST_METHOD, "POST")
.header(
let req = TestRequest::default()
.method(Method::OPTIONS)
.insert_header(("Origin", "https://www.example.com"))
.insert_header((header::ACCESS_CONTROL_REQUEST_METHOD, "POST"))
.insert_header((
header::ACCESS_CONTROL_REQUEST_HEADERS,
"AUTHORIZATION,ACCEPT",
)
.method(Method::OPTIONS)
))
.to_srv_request();
let resp = test::call_service(&mut cors, req).await;
let resp = test::call_service(&cors, req).await;
assert_eq!(
Some(&b"*"[..]),
resp.headers()
@ -319,16 +322,17 @@ mod test {
Rc::get_mut(&mut cors.inner).unwrap().preflight = false;
let req = TestRequest::with_header("Origin", "https://www.example.com")
.header(header::ACCESS_CONTROL_REQUEST_METHOD, "POST")
.header(
let req = TestRequest::default()
.method(Method::OPTIONS)
.insert_header(("Origin", "https://www.example.com"))
.insert_header((header::ACCESS_CONTROL_REQUEST_METHOD, "POST"))
.insert_header((
header::ACCESS_CONTROL_REQUEST_HEADERS,
"AUTHORIZATION,ACCEPT",
)
.method(Method::OPTIONS)
))
.to_srv_request();
let resp = test::call_service(&mut cors, req).await;
let resp = test::call_service(&cors, req).await;
assert_eq!(resp.status(), StatusCode::OK);
}
}

33
actix-cors/src/middleware.rs
View File

@ -42,34 +42,34 @@ impl<S> CorsMiddleware<S> {
let mut res = HttpResponse::Ok();
if let Some(origin) = inner.access_control_allow_origin(req.head()) {
res.header(header::ACCESS_CONTROL_ALLOW_ORIGIN, origin);
res.insert_header((header::ACCESS_CONTROL_ALLOW_ORIGIN, origin));
}
if let Some(ref allowed_methods) = inner.allowed_methods_baked {
res.header(
res.insert_header((
header::ACCESS_CONTROL_ALLOW_METHODS,
allowed_methods.clone(),
);
));
}
if let Some(ref headers) = inner.allowed_headers_baked {
res.header(header::ACCESS_CONTROL_ALLOW_HEADERS, headers.clone());
res.insert_header((header::ACCESS_CONTROL_ALLOW_HEADERS, headers.clone()));
} else if let Some(headers) =
req.headers().get(header::ACCESS_CONTROL_REQUEST_HEADERS)
{
// all headers allowed, return
res.header(header::ACCESS_CONTROL_ALLOW_HEADERS, headers.clone());
res.insert_header((header::ACCESS_CONTROL_ALLOW_HEADERS, headers.clone()));
}
if inner.supports_credentials {
res.header(
res.insert_header((
header::ACCESS_CONTROL_ALLOW_CREDENTIALS,
HeaderValue::from_static("true"),
);
));
}
if let Some(max_age) = inner.max_age {
res.header(header::ACCESS_CONTROL_MAX_AGE, max_age.to_string());
res.insert_header((header::ACCESS_CONTROL_MAX_AGE, max_age.to_string()));
}
let res = res.finish();
@ -121,22 +121,21 @@ type CorsMiddlewareServiceFuture<B> = Either<
LocalBoxFuture<'static, Result<ServiceResponse<B>, Error>>,
>;
impl<S, B> Service for CorsMiddleware<S>
impl<S, B> Service<ServiceRequest> for CorsMiddleware<S>
where
S: Service<Request = ServiceRequest, Response = ServiceResponse<B>, Error = Error>,
S: Service<ServiceRequest, Response = ServiceResponse<B>, Error = Error>,
S::Future: 'static,
B: 'static,
{
type Request = ServiceRequest;
type Response = ServiceResponse<B>;
type Error = Error;
type Future = CorsMiddlewareServiceFuture<B>;
fn poll_ready(&mut self, cx: &mut Context<'_>) -> Poll<Result<(), Self::Error>> {
fn poll_ready(&self, cx: &mut Context<'_>) -> Poll<Result<(), Self::Error>> {
self.service.poll_ready(cx)
}
fn call(&mut self, req: ServiceRequest) -> Self::Future {
fn call(&self, req: ServiceRequest) -> Self::Future {
if self.inner.preflight && req.method() == Method::OPTIONS {
let inner = Rc::clone(&self.inner);
let res = Self::handle_preflight(&inner, req);
@ -187,7 +186,7 @@ mod tests {
// Tests case where allowed_origins is All but there are validate functions to run incase.
// In this case, origins are only allowed when the DNT header is sent.
let mut cors = Cors::default()
let cors = Cors::default()
.allow_any_origin()
.allowed_origin_fn(|origin, req_head| {
assert_eq!(&origin, req_head.headers.get(header::ORIGIN).unwrap());
@ -199,7 +198,7 @@ mod tests {
.unwrap();
let req = TestRequest::get()
.header(header::ORIGIN, "http://example.com")
.insert_header((header::ORIGIN, "http://example.com"))
.to_srv_request();
let res = cors.call(req).await.unwrap();
assert_eq!(
@ -210,8 +209,8 @@ mod tests {
);
let req = TestRequest::get()
.header(header::ORIGIN, "http://example.com")
.header(header::DNT, "1")
.insert_header((header::ORIGIN, "http://example.com"))
.insert_header((header::DNT, "1"))
.to_srv_request();
let res = cors.call(req).await.unwrap();
assert_eq!(

136
actix-cors/tests/tests.rs
View File

@ -26,7 +26,7 @@ async fn test_wildcard_origin() {
#[actix_rt::test]
async fn test_not_allowed_origin_fn() {
let mut cors = Cors::default()
let cors = Cors::default()
.allowed_origin("https://www.example.com")
.allowed_origin_fn(|origin, req| {
assert_eq!(&origin, req.headers.get(header::ORIGIN).unwrap());
@ -42,11 +42,11 @@ async fn test_not_allowed_origin_fn() {
.unwrap();
{
let req = TestRequest::with_header("Origin", "https://www.example.com")
.method(Method::GET)
let req = TestRequest::get()
.insert_header(("Origin", "https://www.example.com"))
.to_srv_request();
let resp = test::call_service(&mut cors, req).await;
let resp = test::call_service(&cors, req).await;
assert_eq!(
Some(&b"https://www.example.com"[..]),
@ -57,11 +57,11 @@ async fn test_not_allowed_origin_fn() {
}
{
let req = TestRequest::with_header("Origin", "https://www.known.com")
.method(Method::GET)
let req = TestRequest::get()
.insert_header(("Origin", "https://www.known.com"))
.to_srv_request();
let resp = test::call_service(&mut cors, req).await;
let resp = test::call_service(&cors, req).await;
assert_eq!(
None,
@ -72,7 +72,7 @@ async fn test_not_allowed_origin_fn() {
#[actix_rt::test]
async fn test_allowed_origin_fn() {
let mut cors = Cors::default()
let cors = Cors::default()
.allowed_origin("https://www.example.com")
.allowed_origin_fn(|origin, req| {
assert_eq!(&origin, req.headers.get(header::ORIGIN).unwrap());
@ -87,11 +87,11 @@ async fn test_allowed_origin_fn() {
.await
.unwrap();
let req = TestRequest::with_header("Origin", "https://www.example.com")
.method(Method::GET)
let req = TestRequest::get()
.insert_header(("Origin", "https://www.example.com"))
.to_srv_request();
let resp = test::call_service(&mut cors, req).await;
let resp = test::call_service(&cors, req).await;
assert_eq!(
"https://www.example.com",
@ -101,11 +101,11 @@ async fn test_allowed_origin_fn() {
.unwrap()
);
let req = TestRequest::with_header("Origin", "https://www.unknown.com")
.method(Method::GET)
let req = TestRequest::get()
.insert_header(("Origin", "https://www.unknown.com"))
.to_srv_request();
let resp = test::call_service(&mut cors, req).await;
let resp = test::call_service(&cors, req).await;
assert_eq!(
Some(&b"https://www.unknown.com"[..]),
@ -119,7 +119,7 @@ async fn test_allowed_origin_fn() {
async fn test_allowed_origin_fn_with_environment() {
let regex = Regex::new("https:.+\\.unknown\\.com").unwrap();
let mut cors = Cors::default()
let cors = Cors::default()
.allowed_origin("https://www.example.com")
.allowed_origin_fn(move |origin, req| {
assert_eq!(&origin, req.headers.get(header::ORIGIN).unwrap());
@ -134,11 +134,11 @@ async fn test_allowed_origin_fn_with_environment() {
.await
.unwrap();
let req = TestRequest::with_header("Origin", "https://www.example.com")
.method(Method::GET)
let req = TestRequest::get()
.insert_header(("Origin", "https://www.example.com"))
.to_srv_request();
let resp = test::call_service(&mut cors, req).await;
let resp = test::call_service(&cors, req).await;
assert_eq!(
"https://www.example.com",
@ -148,11 +148,11 @@ async fn test_allowed_origin_fn_with_environment() {
.unwrap()
);
let req = TestRequest::with_header("Origin", "https://www.unknown.com")
.method(Method::GET)
let req = TestRequest::get()
.insert_header(("Origin", "https://www.unknown.com"))
.to_srv_request();
let resp = test::call_service(&mut cors, req).await;
let resp = test::call_service(&cors, req).await;
assert_eq!(
Some(&b"https://www.unknown.com"[..]),
@ -164,7 +164,7 @@ async fn test_allowed_origin_fn_with_environment() {
#[actix_rt::test]
async fn test_multiple_origins_preflight() {
let mut cors = Cors::default()
let cors = Cors::default()
.allowed_origin("https://example.com")
.allowed_origin("https://example.org")
.allowed_methods(vec![Method::GET])
@ -172,12 +172,13 @@ async fn test_multiple_origins_preflight() {
.await
.unwrap();
let req = TestRequest::with_header("Origin", "https://example.com")
.header(header::ACCESS_CONTROL_REQUEST_METHOD, "GET")
let req = TestRequest::default()
.insert_header(("Origin", "https://example.com"))
.insert_header((header::ACCESS_CONTROL_REQUEST_METHOD, "GET"))
.method(Method::OPTIONS)
.to_srv_request();
let resp = test::call_service(&mut cors, req).await;
let resp = test::call_service(&cors, req).await;
assert_eq!(
Some(&b"https://example.com"[..]),
resp.headers()
@ -185,12 +186,13 @@ async fn test_multiple_origins_preflight() {
.map(HeaderValue::as_bytes)
);
let req = TestRequest::with_header("Origin", "https://example.org")
.header(header::ACCESS_CONTROL_REQUEST_METHOD, "GET")
let req = TestRequest::default()
.insert_header(("Origin", "https://example.org"))
.insert_header((header::ACCESS_CONTROL_REQUEST_METHOD, "GET"))
.method(Method::OPTIONS)
.to_srv_request();
let resp = test::call_service(&mut cors, req).await;
let resp = test::call_service(&cors, req).await;
assert_eq!(
Some(&b"https://example.org"[..]),
resp.headers()
@ -201,7 +203,7 @@ async fn test_multiple_origins_preflight() {
#[actix_rt::test]
async fn test_multiple_origins() {
let mut cors = Cors::default()
let cors = Cors::default()
.allowed_origin("https://example.com")
.allowed_origin("https://example.org")
.allowed_methods(vec![Method::GET])
@ -209,11 +211,11 @@ async fn test_multiple_origins() {
.await
.unwrap();
let req = TestRequest::with_header("Origin", "https://example.com")
.method(Method::GET)
let req = TestRequest::get()
.insert_header(("Origin", "https://example.com"))
.to_srv_request();
let resp = test::call_service(&mut cors, req).await;
let resp = test::call_service(&cors, req).await;
assert_eq!(
Some(&b"https://example.com"[..]),
resp.headers()
@ -221,11 +223,11 @@ async fn test_multiple_origins() {
.map(HeaderValue::as_bytes)
);
let req = TestRequest::with_header("Origin", "https://example.org")
.method(Method::GET)
let req = TestRequest::get()
.insert_header(("Origin", "https://example.org"))
.to_srv_request();
let resp = test::call_service(&mut cors, req).await;
let resp = test::call_service(&cors, req).await;
assert_eq!(
Some(&b"https://example.org"[..]),
resp.headers()
@ -237,7 +239,7 @@ async fn test_multiple_origins() {
#[actix_rt::test]
async fn test_response() {
let exposed_headers = vec![header::AUTHORIZATION, header::ACCEPT];
let mut cors = Cors::default()
let cors = Cors::default()
.allow_any_origin()
.send_wildcard()
.disable_preflight()
@ -250,10 +252,11 @@ async fn test_response() {
.await
.unwrap();
let req = TestRequest::with_header("Origin", "https://www.example.com")
let req = TestRequest::default()
.insert_header(("Origin", "https://www.example.com"))
.method(Method::OPTIONS)
.to_srv_request();
let resp = test::call_service(&mut cors, req).await;
let resp = test::call_service(&cors, req).await;
assert_eq!(
Some(&b"*"[..]),
resp.headers()
@ -283,7 +286,7 @@ async fn test_response() {
}
let exposed_headers = vec![header::AUTHORIZATION, header::ACCEPT];
let mut cors = Cors::default()
let cors = Cors::default()
.allow_any_origin()
.send_wildcard()
.disable_preflight()
@ -294,22 +297,25 @@ async fn test_response() {
.allowed_header(header::CONTENT_TYPE)
.new_transform(fn_service(|req: ServiceRequest| {
ok(req.into_response({
HttpResponse::Ok().header(header::VARY, "Accept").finish()
HttpResponse::Ok()
.insert_header((header::VARY, "Accept"))
.finish()
}))
}))
.await
.unwrap();
let req = TestRequest::with_header("Origin", "https://www.example.com")
let req = TestRequest::default()
.insert_header(("Origin", "https://www.example.com"))
.method(Method::OPTIONS)
.to_srv_request();
let resp = test::call_service(&mut cors, req).await;
let resp = test::call_service(&cors, req).await;
assert_eq!(
Some(&b"Accept, Origin"[..]),
resp.headers().get(header::VARY).map(HeaderValue::as_bytes)
);
let mut cors = Cors::default()
let cors = Cors::default()
.disable_vary_header()
.allowed_methods(vec!["POST"])
.allowed_origin("https://www.example.com")
@ -318,11 +324,12 @@ async fn test_response() {
.await
.unwrap();
let req = TestRequest::with_header("Origin", "https://www.example.com")
let req = TestRequest::default()
.insert_header(("Origin", "https://www.example.com"))
.method(Method::OPTIONS)
.header(header::ACCESS_CONTROL_REQUEST_METHOD, "POST")
.insert_header((header::ACCESS_CONTROL_REQUEST_METHOD, "POST"))
.to_srv_request();
let resp = test::call_service(&mut cors, req).await;
let resp = test::call_service(&cors, req).await;
let origins_str = resp
.headers()
.get(header::ACCESS_CONTROL_ALLOW_ORIGIN)
@ -332,39 +339,40 @@ async fn test_response() {
#[actix_rt::test]
async fn test_validate_origin() {
let mut cors = Cors::default()
let cors = Cors::default()
.allowed_origin("https://www.example.com")
.new_transform(test::ok_service())
.await
.unwrap();
let req = TestRequest::with_header("Origin", "https://www.example.com")
.method(Method::GET)
let req = TestRequest::get()
.insert_header(("Origin", "https://www.example.com"))
.to_srv_request();
let resp = test::call_service(&mut cors, req).await;
let resp = test::call_service(&cors, req).await;
assert_eq!(resp.status(), StatusCode::OK);
}
#[actix_rt::test]
async fn test_no_origin_response() {
let mut cors = Cors::permissive()
let cors = Cors::permissive()
.disable_preflight()
.new_transform(test::ok_service())
.await
.unwrap();
let req = TestRequest::default().method(Method::GET).to_srv_request();
let resp = test::call_service(&mut cors, req).await;
let resp = test::call_service(&cors, req).await;
assert!(resp
.headers()
.get(header::ACCESS_CONTROL_ALLOW_ORIGIN)
.is_none());
let req = TestRequest::with_header("Origin", "https://www.example.com")
let req = TestRequest::default()
.insert_header(("Origin", "https://www.example.com"))
.method(Method::OPTIONS)
.to_srv_request();
let resp = test::call_service(&mut cors, req).await;
let resp = test::call_service(&cors, req).await;
assert_eq!(
Some(&b"https://www.example.com"[..]),
resp.headers()
@ -375,21 +383,22 @@ async fn test_no_origin_response() {
#[actix_rt::test]
async fn validate_origin_allows_all_origins() {
let mut cors = Cors::permissive()
let cors = Cors::permissive()
.new_transform(test::ok_service())
.await
.unwrap();
let req =
TestRequest::with_header("Origin", "https://www.example.com").to_srv_request();
let req = TestRequest::default()
.insert_header(("Origin", "https://www.example.com"))
.to_srv_request();
let resp = test::call_service(&mut cors, req).await;
let resp = test::call_service(&cors, req).await;
assert_eq!(resp.status(), StatusCode::OK);
}
#[actix_rt::test]
async fn test_allow_any_origin_any_method_any_header() {
let mut cors = Cors::default()
let cors = Cors::default()
.allow_any_origin()
.allow_any_method()
.allow_any_header()
@ -397,12 +406,13 @@ async fn test_allow_any_origin_any_method_any_header() {
.await
.unwrap();
let req = TestRequest::with_header(header::ACCESS_CONTROL_REQUEST_METHOD, "POST")
.header(header::ACCESS_CONTROL_REQUEST_HEADERS, "content-type")
.header(header::ORIGIN, "https://www.example.com")
let req = TestRequest::default()
.insert_header((header::ACCESS_CONTROL_REQUEST_METHOD, "POST"))
.insert_header((header::ACCESS_CONTROL_REQUEST_HEADERS, "content-type"))
.insert_header((header::ORIGIN, "https://www.example.com"))
.method(Method::OPTIONS)
.to_srv_request();
let resp = test::call_service(&mut cors, req).await;
let resp = test::call_service(&cors, req).await;
assert_eq!(resp.status(), StatusCode::OK);
}