1
0
mirror of https://github.com/actix/actix-extras.git synced 2024-12-01 02:44:37 +01:00
Commit Graph

81 Commits

Author SHA1 Message Date
Bruno Bigras
4dcecd907b Add same-site to CookieSessionBackend
closes #247
2018-05-25 19:18:16 -04:00
Nikolay Kim
45e9aaa462 rustfmt 0.7 2018-05-17 12:20:20 -07:00
Nikolay Kim
8de1f60347 add session extractor doc api 2018-05-16 21:05:59 -07:00
Nikolay Kim
b4252f8fd1 implement extractor for Session 2018-05-16 21:02:51 -07:00
Nikolay Kim
54c33a7aff Allow to exclude certain endpoints from logging #211 2018-05-08 16:30:34 -07:00
Alexander Andreev
cd11293c1f spelling check 2018-05-06 19:07:30 +03:00
Nikolay Kim
58079b5bbe add session test 2018-05-02 19:11:44 -07:00
Nikolay Kim
32a2866449 Allow to override files listing renderer for #203 2018-05-02 15:53:07 -07:00
Nikolay Kim
9b6343d54b refactor session impl 2018-05-01 09:40:23 -07:00
Nikolay Kim
d9a4fadaae make HttpRequest::extensions() readonly 2018-05-01 09:05:50 -07:00
Nikolay Kim
eefbe19651 remove deprecated types and methods 2018-04-29 21:05:10 -07:00
Nikolay Kim
c72d1381a6 clippy warnings 2018-04-29 09:09:08 -07:00
Nikolay Kim
de49796fd1 clippy warnings; fmt 2018-04-28 22:55:47 -07:00
Brandur
59244b203c Let CSRF's allowed_origin() be specified as a type supporting Into<String>
A very minor addition: I'm using this middleware on specific resources,
and given a non-static string, I often have to `clone()` already to get
a string into a closure. Take this code for example:

``` rust
let server = actix_web::server::new(move || {
    let csrf_origin_graphql = csrf_origin.clone();

    ...

    .resource("/graphql", move |r| {
	r.middleware(
	    csrf::CsrfFilter::new().allowed_origin(csrf_origin_graphql.as_str()),
	);

	r.method(Method::POST).a(graphql::handlers::graphql_post);
    })
```

Letting `allowed_origin()` take an `Into<String>` instead of `&str` would
prevent a second `clone()` in the code above, and also make the code a little
nicer to read (you eliminate the `.as_str()` above). This is a pattern that
seems to be common throughout actix-web already anyway, so it should also be
fine to have here.
2018-04-21 08:41:06 -07:00
Nikolay Kim
813d1d6e66 doc strings layout 2018-04-18 20:41:03 -07:00
Nikolay Kim
48b02abee7 fmt 2018-04-18 20:16:29 -07:00
Nikolay Kim
ce1081432b export session module 2018-04-18 20:11:49 -07:00
Nikolay Kim
e9bdba57a0 Add identity service middleware 2018-04-18 19:05:24 -07:00
Nikolay Kim
113f5ad1a8 add rustfmt config 2018-04-13 16:02:01 -07:00
Nikolay Kim
23eea54776 update cors doc string 2018-04-09 21:39:32 -07:00
Nikolay Kim
2881859400 proper test for CorsBuilder::resource 2018-04-09 21:29:57 -07:00
Nikolay Kim
1686682c19 extend CorsBuilder api to make it more user friendly 2018-04-09 21:11:15 -07:00
Nikolay Kim
be358db422 CorsBuilder::finish() panics on any configuration error 2018-04-09 14:20:12 -07:00
Nikolay Kim
7df2d6b12a clippy warnings; extend url_for example in user guide 2018-04-09 13:30:38 -07:00
Nikolay Kim
0b0bbd6bd9
Merge branch 'master' into private-cookies 2018-04-09 12:54:08 -07:00
Nikolay Kim
5617896780 cleanup doc tests 2018-04-09 10:40:12 -07:00
Alex Whitney
2b803f30c9 remove CookieSessionBackend::new 2018-04-09 18:33:29 +01:00
Alex Whitney
9b152acc32 add signed and private cookies 2018-04-09 17:59:28 +01:00
Nikolay Kim
eb66685d1a simplify csrf middleware 2018-04-09 09:49:07 -07:00
Nikolay Kim
b505e682d4 fix session doc test 2018-04-09 09:31:11 -07:00
Nikolay Kim
ff14633b3d simplify CookieSessionBackend; expose max_age cookie setting 2018-04-08 11:05:37 -07:00
Nikolay Kim
7be4b1f399 clippy warns 2018-04-04 20:24:09 -07:00
Nikolay Kim
fee30d6f47 fix doc test compatibility 2018-04-02 22:01:20 -07:00
Nikolay Kim
476b1fb36a simplify DefaultHeaders middleware 2018-04-02 21:43:50 -07:00
Nikolay Kim
3b93bff602 add ErrorHandlers middleware 2018-04-02 21:37:00 -07:00
Nikolay Kim
83bf852192 Fix logger request duration calculation 2018-04-02 11:09:24 -07:00
Nikolay Kim
17c27ef42d HttpRequest::resource() returns current matched resource 2018-04-01 17:37:22 -07:00
Nikolay Kim
3ee228005d rename Application 2018-03-31 00:16:55 -07:00
Nikolay Kim
44e3df82f6 simplify http response construction; deprecate httpcodes 2018-03-30 23:07:33 -07:00
Nikolay Kim
9e751de707 re-arrange modules and exports 2018-03-30 17:31:18 -07:00
Nikolay Kim
2f60a4b89d add handler with exatractor 2018-03-26 23:10:31 -07:00
Nikolay Kim
4263574a58 fix panic in cors if request does not contain origin header and send_wildcard is not set 2018-03-10 08:31:20 -08:00
Nikolay Kim
24342fb745
Merge pull request #113 from niklasf/csrf-upgrade
Let CSRF filter catch cross-site upgrades
2018-03-07 09:58:30 -08:00
Niklas Fiekas
0278e364ec add tests for csrf upgrade filter 2018-03-07 18:42:21 +01:00
Niklas Fiekas
b9d6bbd357 filter cross-site upgrades in csrf middleware 2018-03-07 17:49:30 +01:00
Niklas Fiekas
5816ecd1bc fix variable name: cors -> csrf 2018-03-07 17:44:19 +01:00
kindiana
04d0abb3c7 make session an optional feature 2018-03-07 15:38:58 +08:00
Niklas Fiekas
10f57dac31 add csrf filter middleware 2018-03-02 20:13:43 +01:00
Nikolay Kim
206c4e581a rename httpcodes 2018-03-01 19:12:59 -08:00
Alex Whitney
313396d9b5 fix session mut borrow lifetime 2018-02-28 19:35:26 +00:00