actix/actix-extras
1
0
Fork 0
mirror of https://github.com/actix/actix-extras.git synced 2025-02-26 03:43:52 +01:00
Code Issues Releases Wiki Activity
actix-extras/src/actix_cors/inner.rs.html

658 lines
44 KiB
HTML
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<!DOCTYPE html><html lang="en"><head><meta charset="utf-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><meta name="generator" content="rustdoc"><meta name="description" content="Source of the Rust file `actix-cors&#x2F;src&#x2F;inner.rs`."><meta name="keywords" content="rust, rustlang, rust-lang"><title>inner.rs - source</title><link rel="stylesheet" type="text/css" href="../../normalize.css"><link rel="stylesheet" type="text/css" href="../../rustdoc.css" id="mainThemeStyle"><link rel="stylesheet" type="text/css" href="../../light.css" id="themeStyle"><link rel="stylesheet" type="text/css" href="../../dark.css" disabled ><link rel="stylesheet" type="text/css" href="../../ayu.css" disabled ><script id="default-settings" ></script><script src="../../storage.js"></script><script src="../../crates.js"></script><noscript><link rel="stylesheet" href="../../noscript.css"></noscript><link rel="shortcut icon" href="https:&#x2F;&#x2F;actix.rs&#x2F;favicon.ico"><style type="text/css">#crate-search{background-image:url("../../down-arrow.svg");}</style></head><body class="rustdoc source"><!--[if lte IE 11]><div class="warning">This old browser is unsupported and will most likely display funky things.</div><![endif]--><nav class="sidebar"><div class="sidebar-menu" role="button">&#9776;</div><a href='../../actix_cors/index.html'><div class='logo-container rust-logo'><img src='https:&#x2F;&#x2F;actix.rs&#x2F;img&#x2F;logo.png' alt='logo'></div></a></nav><div class="theme-picker"><button id="theme-picker" aria-label="Pick another theme!" aria-haspopup="menu" title="themes"><img width="18" height="18" alt="Pick another theme!" src="../../brush.svg"></button><div id="theme-choices" role="menu"></div></div><nav class="sub"><form class="search-form"><div class="search-container"><div><select id="crate-search"><option value="All crates">All crates</option></select><input class="search-input" name="search" disabled autocomplete="off" spellcheck="false" placeholder="Click or press S to search, ? for more options…" type="search"></div><button type="button" id="help-button" title="help">?</button><a id="settings-menu" href="../../settings.html" title="settings"><img width="18" height="18" alt="Change settings" src="../../wheel.svg"></a></div></form></nav><section id="main" class="content"><div class="example-wrap"><pre class="line-numbers"><span id="1"> 1</span>
<span id="2"> 2</span>
<span id="3"> 3</span>
<span id="4"> 4</span>
<span id="5"> 5</span>
<span id="6"> 6</span>
<span id="7"> 7</span>
<span id="8"> 8</span>
<span id="9"> 9</span>
<span id="10"> 10</span>
<span id="11"> 11</span>
<span id="12"> 12</span>
<span id="13"> 13</span>
<span id="14"> 14</span>
<span id="15"> 15</span>
<span id="16"> 16</span>
<span id="17"> 17</span>
<span id="18"> 18</span>
<span id="19"> 19</span>
<span id="20"> 20</span>
<span id="21"> 21</span>
<span id="22"> 22</span>
<span id="23"> 23</span>
<span id="24"> 24</span>
<span id="25"> 25</span>
<span id="26"> 26</span>
<span id="27"> 27</span>
<span id="28"> 28</span>
<span id="29"> 29</span>
<span id="30"> 30</span>
<span id="31"> 31</span>
<span id="32"> 32</span>
<span id="33"> 33</span>
<span id="34"> 34</span>
<span id="35"> 35</span>
<span id="36"> 36</span>
<span id="37"> 37</span>
<span id="38"> 38</span>
<span id="39"> 39</span>
<span id="40"> 40</span>
<span id="41"> 41</span>
<span id="42"> 42</span>
<span id="43"> 43</span>
<span id="44"> 44</span>
<span id="45"> 45</span>
<span id="46"> 46</span>
<span id="47"> 47</span>
<span id="48"> 48</span>
<span id="49"> 49</span>
<span id="50"> 50</span>
<span id="51"> 51</span>
<span id="52"> 52</span>
<span id="53"> 53</span>
<span id="54"> 54</span>
<span id="55"> 55</span>
<span id="56"> 56</span>
<span id="57"> 57</span>
<span id="58"> 58</span>
<span id="59"> 59</span>
<span id="60"> 60</span>
<span id="61"> 61</span>
<span id="62"> 62</span>
<span id="63"> 63</span>
<span id="64"> 64</span>
<span id="65"> 65</span>
<span id="66"> 66</span>
<span id="67"> 67</span>
<span id="68"> 68</span>
<span id="69"> 69</span>
<span id="70"> 70</span>
<span id="71"> 71</span>
<span id="72"> 72</span>
<span id="73"> 73</span>
<span id="74"> 74</span>
<span id="75"> 75</span>
<span id="76"> 76</span>
<span id="77"> 77</span>
<span id="78"> 78</span>
<span id="79"> 79</span>
<span id="80"> 80</span>
<span id="81"> 81</span>
<span id="82"> 82</span>
<span id="83"> 83</span>
<span id="84"> 84</span>
<span id="85"> 85</span>
<span id="86"> 86</span>
<span id="87"> 87</span>
<span id="88"> 88</span>
<span id="89"> 89</span>
<span id="90"> 90</span>
<span id="91"> 91</span>
<span id="92"> 92</span>
<span id="93"> 93</span>
<span id="94"> 94</span>
<span id="95"> 95</span>
<span id="96"> 96</span>
<span id="97"> 97</span>
<span id="98"> 98</span>
<span id="99"> 99</span>
<span id="100">100</span>
<span id="101">101</span>
<span id="102">102</span>
<span id="103">103</span>
<span id="104">104</span>
<span id="105">105</span>
<span id="106">106</span>
<span id="107">107</span>
<span id="108">108</span>
<span id="109">109</span>
<span id="110">110</span>
<span id="111">111</span>
<span id="112">112</span>
<span id="113">113</span>
<span id="114">114</span>
<span id="115">115</span>
<span id="116">116</span>
<span id="117">117</span>
<span id="118">118</span>
<span id="119">119</span>
<span id="120">120</span>
<span id="121">121</span>
<span id="122">122</span>
<span id="123">123</span>
<span id="124">124</span>
<span id="125">125</span>
<span id="126">126</span>
<span id="127">127</span>
<span id="128">128</span>
<span id="129">129</span>
<span id="130">130</span>
<span id="131">131</span>
<span id="132">132</span>
<span id="133">133</span>
<span id="134">134</span>
<span id="135">135</span>
<span id="136">136</span>
<span id="137">137</span>
<span id="138">138</span>
<span id="139">139</span>
<span id="140">140</span>
<span id="141">141</span>
<span id="142">142</span>
<span id="143">143</span>
<span id="144">144</span>
<span id="145">145</span>
<span id="146">146</span>
<span id="147">147</span>
<span id="148">148</span>
<span id="149">149</span>
<span id="150">150</span>
<span id="151">151</span>
<span id="152">152</span>
<span id="153">153</span>
<span id="154">154</span>
<span id="155">155</span>
<span id="156">156</span>
<span id="157">157</span>
<span id="158">158</span>
<span id="159">159</span>
<span id="160">160</span>
<span id="161">161</span>
<span id="162">162</span>
<span id="163">163</span>
<span id="164">164</span>
<span id="165">165</span>
<span id="166">166</span>
<span id="167">167</span>
<span id="168">168</span>
<span id="169">169</span>
<span id="170">170</span>
<span id="171">171</span>
<span id="172">172</span>
<span id="173">173</span>
<span id="174">174</span>
<span id="175">175</span>
<span id="176">176</span>
<span id="177">177</span>
<span id="178">178</span>
<span id="179">179</span>
<span id="180">180</span>
<span id="181">181</span>
<span id="182">182</span>
<span id="183">183</span>
<span id="184">184</span>
<span id="185">185</span>
<span id="186">186</span>
<span id="187">187</span>
<span id="188">188</span>
<span id="189">189</span>
<span id="190">190</span>
<span id="191">191</span>
<span id="192">192</span>
<span id="193">193</span>
<span id="194">194</span>
<span id="195">195</span>
<span id="196">196</span>
<span id="197">197</span>
<span id="198">198</span>
<span id="199">199</span>
<span id="200">200</span>
<span id="201">201</span>
<span id="202">202</span>
<span id="203">203</span>
<span id="204">204</span>
<span id="205">205</span>
<span id="206">206</span>
<span id="207">207</span>
<span id="208">208</span>
<span id="209">209</span>
<span id="210">210</span>
<span id="211">211</span>
<span id="212">212</span>
<span id="213">213</span>
<span id="214">214</span>
<span id="215">215</span>
<span id="216">216</span>
<span id="217">217</span>
<span id="218">218</span>
<span id="219">219</span>
<span id="220">220</span>
<span id="221">221</span>
<span id="222">222</span>
<span id="223">223</span>
<span id="224">224</span>
<span id="225">225</span>
<span id="226">226</span>
<span id="227">227</span>
<span id="228">228</span>
<span id="229">229</span>
<span id="230">230</span>
<span id="231">231</span>
<span id="232">232</span>
<span id="233">233</span>
<span id="234">234</span>
<span id="235">235</span>
<span id="236">236</span>
<span id="237">237</span>
<span id="238">238</span>
<span id="239">239</span>
<span id="240">240</span>
<span id="241">241</span>
<span id="242">242</span>
<span id="243">243</span>
<span id="244">244</span>
<span id="245">245</span>
<span id="246">246</span>
<span id="247">247</span>
<span id="248">248</span>
<span id="249">249</span>
<span id="250">250</span>
<span id="251">251</span>
<span id="252">252</span>
<span id="253">253</span>
<span id="254">254</span>
<span id="255">255</span>
<span id="256">256</span>
<span id="257">257</span>
<span id="258">258</span>
<span id="259">259</span>
<span id="260">260</span>
<span id="261">261</span>
<span id="262">262</span>
<span id="263">263</span>
<span id="264">264</span>
<span id="265">265</span>
<span id="266">266</span>
<span id="267">267</span>
<span id="268">268</span>
<span id="269">269</span>
<span id="270">270</span>
<span id="271">271</span>
<span id="272">272</span>
<span id="273">273</span>
<span id="274">274</span>
<span id="275">275</span>
<span id="276">276</span>
<span id="277">277</span>
<span id="278">278</span>
<span id="279">279</span>
<span id="280">280</span>
<span id="281">281</span>
<span id="282">282</span>
<span id="283">283</span>
<span id="284">284</span>
<span id="285">285</span>
<span id="286">286</span>
<span id="287">287</span>
<span id="288">288</span>
<span id="289">289</span>
<span id="290">290</span>
<span id="291">291</span>
<span id="292">292</span>
<span id="293">293</span>
<span id="294">294</span>
<span id="295">295</span>
<span id="296">296</span>
<span id="297">297</span>
<span id="298">298</span>
<span id="299">299</span>
<span id="300">300</span>
<span id="301">301</span>
<span id="302">302</span>
<span id="303">303</span>
<span id="304">304</span>
<span id="305">305</span>
<span id="306">306</span>
<span id="307">307</span>
<span id="308">308</span>
<span id="309">309</span>
<span id="310">310</span>
<span id="311">311</span>
<span id="312">312</span>
<span id="313">313</span>
<span id="314">314</span>
<span id="315">315</span>
<span id="316">316</span>
<span id="317">317</span>
<span id="318">318</span>
<span id="319">319</span>
<span id="320">320</span>
<span id="321">321</span>
<span id="322">322</span>
<span id="323">323</span>
<span id="324">324</span>
<span id="325">325</span>
<span id="326">326</span>
<span id="327">327</span>
</pre><pre class="rust"><code><span class="kw">use</span> <span class="ident">std</span>::{<span class="ident">collections::HashSet</span>, <span class="ident">convert::TryFrom</span>, <span class="ident">convert::TryInto</span>, <span class="ident">fmt</span>, <span class="ident">rc::Rc</span>};
<span class="kw">use</span> <span class="ident">actix_web</span>::{
<span class="ident">dev::RequestHead</span>,
<span class="ident">error::Result</span>,
<span class="ident">http</span>::{
<span class="ident">header</span>::{<span class="self">self</span>, <span class="ident">HeaderName</span>, <span class="ident">HeaderValue</span>},
<span class="ident">Method</span>,
},
};
<span class="kw">use</span> <span class="ident">once_cell::sync::Lazy</span>;
<span class="kw">use</span> <span class="ident">smallvec::SmallVec</span>;
<span class="kw">use</span> <span class="kw">crate</span>::{<span class="ident">AllOrSome</span>, <span class="ident">CorsError</span>};
<span class="attribute">#[<span class="ident">derive</span>(<span class="ident">Clone</span>)]</span>
<span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">struct</span> <span class="ident">OriginFn</span> {
<span class="kw">pub</span>(<span class="kw">crate</span>) <span class="ident">boxed_fn</span>: <span class="ident">Rc</span><span class="op">&lt;</span><span class="kw">dyn</span> <span class="ident">Fn</span>(<span class="kw-2">&amp;</span><span class="ident">HeaderValue</span>, <span class="kw-2">&amp;</span><span class="ident">RequestHead</span>) -&gt; <span class="ident">bool</span><span class="op">&gt;</span>,
}
<span class="kw">impl</span> <span class="ident">Default</span> <span class="kw">for</span> <span class="ident">OriginFn</span> {
<span class="doccomment">/// Dummy default for use in tiny_vec. Do not use.</span>
<span class="kw">fn</span> <span class="ident">default</span>() -&gt; <span class="self">Self</span> {
<span class="kw">let</span> <span class="ident">boxed_fn</span>: <span class="ident">Rc</span><span class="op">&lt;</span><span class="kw">dyn</span> <span class="ident">Fn</span>(<span class="kw-2">&amp;</span><span class="kw">_</span>, <span class="kw-2">&amp;</span><span class="kw">_</span>) -&gt; <span class="kw">_</span><span class="op">&gt;</span> <span class="op">=</span> <span class="ident">Rc::new</span>(<span class="op">|</span><span class="ident">_origin</span>, <span class="ident">_req_head</span><span class="op">|</span> <span class="bool-val">false</span>);
<span class="self">Self</span> { <span class="ident">boxed_fn</span> }
}
}
<span class="kw">impl</span> <span class="ident">fmt::Debug</span> <span class="kw">for</span> <span class="ident">OriginFn</span> {
<span class="kw">fn</span> <span class="ident">fmt</span>(<span class="kw-2">&amp;</span><span class="self">self</span>, <span class="ident">f</span>: <span class="kw-2">&amp;</span><span class="kw-2">mut</span> <span class="ident">fmt::Formatter</span><span class="op">&lt;</span><span class="lifetime">&#39;_</span><span class="op">&gt;</span>) -&gt; <span class="ident">fmt::Result</span> {
<span class="ident">f</span>.<span class="ident">write_str</span>(<span class="string">&quot;origin_fn&quot;</span>)
}
}
<span class="doccomment">/// Try to parse header value as HTTP method.</span>
<span class="kw">fn</span> <span class="ident">header_value_try_into_method</span>(<span class="ident">hdr</span>: <span class="kw-2">&amp;</span><span class="ident">HeaderValue</span>) -&gt; <span class="prelude-ty">Option</span><span class="op">&lt;</span><span class="ident">Method</span><span class="op">&gt;</span> {
<span class="ident">hdr</span>.<span class="ident">to_str</span>()
.<span class="ident">ok</span>()
.<span class="ident">and_then</span>(<span class="op">|</span><span class="ident">meth</span><span class="op">|</span> <span class="ident">Method::try_from</span>(<span class="ident">meth</span>).<span class="ident">ok</span>())
}
<span class="attribute">#[<span class="ident">derive</span>(<span class="ident">Debug</span>, <span class="ident">Clone</span>)]</span>
<span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">struct</span> <span class="ident">Inner</span> {
<span class="kw">pub</span>(<span class="kw">crate</span>) <span class="ident">allowed_origins</span>: <span class="ident">AllOrSome</span><span class="op">&lt;</span><span class="ident">HashSet</span><span class="op">&lt;</span><span class="ident">HeaderValue</span><span class="op">&gt;</span><span class="op">&gt;</span>,
<span class="kw">pub</span>(<span class="kw">crate</span>) <span class="ident">allowed_origins_fns</span>: <span class="ident">SmallVec</span><span class="op">&lt;</span>[<span class="ident">OriginFn</span>; <span class="number">4</span>]<span class="op">&gt;</span>,
<span class="kw">pub</span>(<span class="kw">crate</span>) <span class="ident">allowed_methods</span>: <span class="ident">HashSet</span><span class="op">&lt;</span><span class="ident">Method</span><span class="op">&gt;</span>,
<span class="kw">pub</span>(<span class="kw">crate</span>) <span class="ident">allowed_methods_baked</span>: <span class="prelude-ty">Option</span><span class="op">&lt;</span><span class="ident">HeaderValue</span><span class="op">&gt;</span>,
<span class="kw">pub</span>(<span class="kw">crate</span>) <span class="ident">allowed_headers</span>: <span class="ident">AllOrSome</span><span class="op">&lt;</span><span class="ident">HashSet</span><span class="op">&lt;</span><span class="ident">HeaderName</span><span class="op">&gt;</span><span class="op">&gt;</span>,
<span class="kw">pub</span>(<span class="kw">crate</span>) <span class="ident">allowed_headers_baked</span>: <span class="prelude-ty">Option</span><span class="op">&lt;</span><span class="ident">HeaderValue</span><span class="op">&gt;</span>,
<span class="doccomment">/// `All` will echo back `Access-Control-Request-Header` list.</span>
<span class="kw">pub</span>(<span class="kw">crate</span>) <span class="ident">expose_headers</span>: <span class="ident">AllOrSome</span><span class="op">&lt;</span><span class="ident">HashSet</span><span class="op">&lt;</span><span class="ident">HeaderName</span><span class="op">&gt;</span><span class="op">&gt;</span>,
<span class="kw">pub</span>(<span class="kw">crate</span>) <span class="ident">expose_headers_baked</span>: <span class="prelude-ty">Option</span><span class="op">&lt;</span><span class="ident">HeaderValue</span><span class="op">&gt;</span>,
<span class="kw">pub</span>(<span class="kw">crate</span>) <span class="ident">max_age</span>: <span class="prelude-ty">Option</span><span class="op">&lt;</span><span class="ident">usize</span><span class="op">&gt;</span>,
<span class="kw">pub</span>(<span class="kw">crate</span>) <span class="ident">preflight</span>: <span class="ident">bool</span>,
<span class="kw">pub</span>(<span class="kw">crate</span>) <span class="ident">send_wildcard</span>: <span class="ident">bool</span>,
<span class="kw">pub</span>(<span class="kw">crate</span>) <span class="ident">supports_credentials</span>: <span class="ident">bool</span>,
<span class="kw">pub</span>(<span class="kw">crate</span>) <span class="ident">vary_header</span>: <span class="ident">bool</span>,
}
<span class="kw">static</span> <span class="ident">EMPTY_ORIGIN_SET</span>: <span class="ident">Lazy</span><span class="op">&lt;</span><span class="ident">HashSet</span><span class="op">&lt;</span><span class="ident">HeaderValue</span><span class="op">&gt;</span><span class="op">&gt;</span> <span class="op">=</span> <span class="ident">Lazy::new</span>(<span class="ident">HashSet::new</span>);
<span class="kw">impl</span> <span class="ident">Inner</span> {
<span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">fn</span> <span class="ident">validate_origin</span>(<span class="kw-2">&amp;</span><span class="self">self</span>, <span class="ident">req</span>: <span class="kw-2">&amp;</span><span class="ident">RequestHead</span>) -&gt; <span class="prelude-ty">Result</span><span class="op">&lt;</span>(), <span class="ident">CorsError</span><span class="op">&gt;</span> {
<span class="comment">// return early if all origins are allowed or get ref to allowed origins set</span>
<span class="attribute">#[<span class="ident">allow</span>(<span class="ident">clippy::mutable_key_type</span>)]</span>
<span class="kw">let</span> <span class="ident">allowed_origins</span> <span class="op">=</span> <span class="kw">match</span> <span class="kw-2">&amp;</span><span class="self">self</span>.<span class="ident">allowed_origins</span> {
<span class="ident">AllOrSome::All</span> <span class="kw">if</span> <span class="self">self</span>.<span class="ident">allowed_origins_fns</span>.<span class="ident">is_empty</span>() =&gt; <span class="kw">return</span> <span class="prelude-val">Ok</span>(()),
<span class="ident">AllOrSome::Some</span>(<span class="ident">allowed_origins</span>) =&gt; <span class="ident">allowed_origins</span>,
<span class="comment">// only function origin validators are defined</span>
<span class="kw">_</span> =&gt; <span class="kw-2">&amp;</span><span class="ident">EMPTY_ORIGIN_SET</span>,
};
<span class="comment">// get origin header and try to parse as string</span>
<span class="kw">match</span> <span class="ident">req</span>.<span class="ident">headers</span>().<span class="ident">get</span>(<span class="ident">header::ORIGIN</span>) {
<span class="comment">// origin header exists and is a string</span>
<span class="prelude-val">Some</span>(<span class="ident">origin</span>) =&gt; {
<span class="kw">if</span> <span class="ident">allowed_origins</span>.<span class="ident">contains</span>(<span class="ident">origin</span>) <span class="op">|</span><span class="op">|</span> <span class="self">self</span>.<span class="ident">validate_origin_fns</span>(<span class="ident">origin</span>, <span class="ident">req</span>) {
<span class="prelude-val">Ok</span>(())
} <span class="kw">else</span> {
<span class="prelude-val">Err</span>(<span class="ident">CorsError::OriginNotAllowed</span>)
}
}
<span class="comment">// origin header is missing</span>
<span class="comment">// note: with our implementation, the origin header is required for OPTIONS request or</span>
<span class="comment">// else this would be unreachable</span>
<span class="prelude-val">None</span> =&gt; <span class="prelude-val">Err</span>(<span class="ident">CorsError::MissingOrigin</span>),
}
}
<span class="doccomment">/// Accepts origin if _ANY_ functions return true. Only called when Origin exists.</span>
<span class="kw">fn</span> <span class="ident">validate_origin_fns</span>(<span class="kw-2">&amp;</span><span class="self">self</span>, <span class="ident">origin</span>: <span class="kw-2">&amp;</span><span class="ident">HeaderValue</span>, <span class="ident">req</span>: <span class="kw-2">&amp;</span><span class="ident">RequestHead</span>) -&gt; <span class="ident">bool</span> {
<span class="self">self</span>.<span class="ident">allowed_origins_fns</span>
.<span class="ident">iter</span>()
.<span class="ident">any</span>(<span class="op">|</span><span class="ident">origin_fn</span><span class="op">|</span> (<span class="ident">origin_fn</span>.<span class="ident">boxed_fn</span>)(<span class="ident">origin</span>, <span class="ident">req</span>))
}
<span class="doccomment">/// Only called if origin exists and always after it&#39;s validated.</span>
<span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">fn</span> <span class="ident">access_control_allow_origin</span>(<span class="kw-2">&amp;</span><span class="self">self</span>, <span class="ident">req</span>: <span class="kw-2">&amp;</span><span class="ident">RequestHead</span>) -&gt; <span class="prelude-ty">Option</span><span class="op">&lt;</span><span class="ident">HeaderValue</span><span class="op">&gt;</span> {
<span class="kw">let</span> <span class="ident">origin</span> <span class="op">=</span> <span class="ident">req</span>.<span class="ident">headers</span>().<span class="ident">get</span>(<span class="ident">header::ORIGIN</span>);
<span class="kw">match</span> <span class="self">self</span>.<span class="ident">allowed_origins</span> {
<span class="ident">AllOrSome::All</span> =&gt; {
<span class="kw">if</span> <span class="self">self</span>.<span class="ident">send_wildcard</span> {
<span class="prelude-val">Some</span>(<span class="ident">HeaderValue::from_static</span>(<span class="string">&quot;*&quot;</span>))
} <span class="kw">else</span> {
<span class="comment">// see note below about why `.cloned()` is correct</span>
<span class="ident">origin</span>.<span class="ident">cloned</span>()
}
}
<span class="ident">AllOrSome::Some</span>(<span class="kw">_</span>) =&gt; {
<span class="comment">// since origin (if it exists) is known to be allowed if this method is called</span>
<span class="comment">// then cloning the option is all that is required to be used as an echoed back</span>
<span class="comment">// header value (or omitted if None)</span>
<span class="ident">origin</span>.<span class="ident">cloned</span>()
}
}
}
<span class="doccomment">/// Use in preflight checks and therefore operates on header list in</span>
<span class="doccomment">/// `Access-Control-Request-Headers` not the actual header set.</span>
<span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">fn</span> <span class="ident">validate_allowed_method</span>(<span class="kw-2">&amp;</span><span class="self">self</span>, <span class="ident">req</span>: <span class="kw-2">&amp;</span><span class="ident">RequestHead</span>) -&gt; <span class="prelude-ty">Result</span><span class="op">&lt;</span>(), <span class="ident">CorsError</span><span class="op">&gt;</span> {
<span class="comment">// extract access control header and try to parse as method</span>
<span class="kw">let</span> <span class="ident">request_method</span> <span class="op">=</span> <span class="ident">req</span>
.<span class="ident">headers</span>()
.<span class="ident">get</span>(<span class="ident">header::ACCESS_CONTROL_REQUEST_METHOD</span>)
.<span class="ident">map</span>(<span class="ident">header_value_try_into_method</span>);
<span class="kw">match</span> <span class="ident">request_method</span> {
<span class="comment">// method valid and allowed</span>
<span class="prelude-val">Some</span>(<span class="prelude-val">Some</span>(<span class="ident">method</span>)) <span class="kw">if</span> <span class="self">self</span>.<span class="ident">allowed_methods</span>.<span class="ident">contains</span>(<span class="kw-2">&amp;</span><span class="ident">method</span>) =&gt; <span class="prelude-val">Ok</span>(()),
<span class="comment">// method valid but not allowed</span>
<span class="prelude-val">Some</span>(<span class="prelude-val">Some</span>(<span class="kw">_</span>)) =&gt; <span class="prelude-val">Err</span>(<span class="ident">CorsError::MethodNotAllowed</span>),
<span class="comment">// method invalid</span>
<span class="prelude-val">Some</span>(<span class="kw">_</span>) =&gt; <span class="prelude-val">Err</span>(<span class="ident">CorsError::BadRequestMethod</span>),
<span class="comment">// method missing</span>
<span class="prelude-val">None</span> =&gt; <span class="prelude-val">Err</span>(<span class="ident">CorsError::MissingRequestMethod</span>),
}
}
<span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">fn</span> <span class="ident">validate_allowed_headers</span>(<span class="kw-2">&amp;</span><span class="self">self</span>, <span class="ident">req</span>: <span class="kw-2">&amp;</span><span class="ident">RequestHead</span>) -&gt; <span class="prelude-ty">Result</span><span class="op">&lt;</span>(), <span class="ident">CorsError</span><span class="op">&gt;</span> {
<span class="comment">// return early if all headers are allowed or get ref to allowed origins set</span>
<span class="attribute">#[<span class="ident">allow</span>(<span class="ident">clippy::mutable_key_type</span>)]</span>
<span class="kw">let</span> <span class="ident">allowed_headers</span> <span class="op">=</span> <span class="kw">match</span> <span class="kw-2">&amp;</span><span class="self">self</span>.<span class="ident">allowed_headers</span> {
<span class="ident">AllOrSome::All</span> =&gt; <span class="kw">return</span> <span class="prelude-val">Ok</span>(()),
<span class="ident">AllOrSome::Some</span>(<span class="ident">allowed_headers</span>) =&gt; <span class="ident">allowed_headers</span>,
};
<span class="comment">// extract access control header as string</span>
<span class="comment">// header format should be comma separated header names</span>
<span class="kw">let</span> <span class="ident">request_headers</span> <span class="op">=</span> <span class="ident">req</span>
.<span class="ident">headers</span>()
.<span class="ident">get</span>(<span class="ident">header::ACCESS_CONTROL_REQUEST_HEADERS</span>)
.<span class="ident">map</span>(<span class="op">|</span><span class="ident">hdr</span><span class="op">|</span> <span class="ident">hdr</span>.<span class="ident">to_str</span>());
<span class="kw">match</span> <span class="ident">request_headers</span> {
<span class="comment">// header list is valid string</span>
<span class="prelude-val">Some</span>(<span class="prelude-val">Ok</span>(<span class="ident">headers</span>)) =&gt; {
<span class="comment">// the set is ephemeral we take care not to mutate the</span>
<span class="comment">// inserted keys so this lint exception is acceptable</span>
<span class="attribute">#[<span class="ident">allow</span>(<span class="ident">clippy::mutable_key_type</span>)]</span>
<span class="kw">let</span> <span class="kw-2">mut</span> <span class="ident">request_headers</span> <span class="op">=</span> <span class="ident">HashSet::with_capacity</span>(<span class="number">8</span>);
<span class="comment">// try to convert each header name in the comma-separated list</span>
<span class="kw">for</span> <span class="ident">hdr</span> <span class="kw">in</span> <span class="ident">headers</span>.<span class="ident">split</span>(<span class="string">&#39;,&#39;</span>) {
<span class="kw">match</span> <span class="ident">hdr</span>.<span class="ident">trim</span>().<span class="ident">try_into</span>() {
<span class="prelude-val">Ok</span>(<span class="ident">hdr</span>) =&gt; <span class="ident">request_headers</span>.<span class="ident">insert</span>(<span class="ident">hdr</span>),
<span class="prelude-val">Err</span>(<span class="kw">_</span>) =&gt; <span class="kw">return</span> <span class="prelude-val">Err</span>(<span class="ident">CorsError::BadRequestHeaders</span>),
};
}
<span class="comment">// header list must contain 1 or more header name</span>
<span class="kw">if</span> <span class="ident">request_headers</span>.<span class="ident">is_empty</span>() {
<span class="kw">return</span> <span class="prelude-val">Err</span>(<span class="ident">CorsError::BadRequestHeaders</span>);
}
<span class="comment">// request header list must be a subset of allowed headers</span>
<span class="kw">if</span> <span class="op">!</span><span class="ident">request_headers</span>.<span class="ident">is_subset</span>(<span class="ident">allowed_headers</span>) {
<span class="kw">return</span> <span class="prelude-val">Err</span>(<span class="ident">CorsError::HeadersNotAllowed</span>);
}
<span class="prelude-val">Ok</span>(())
}
<span class="comment">// header list is not a string</span>
<span class="prelude-val">Some</span>(<span class="prelude-val">Err</span>(<span class="kw">_</span>)) =&gt; <span class="prelude-val">Err</span>(<span class="ident">CorsError::BadRequestHeaders</span>),
<span class="comment">// header list missing</span>
<span class="prelude-val">None</span> =&gt; <span class="prelude-val">Ok</span>(()),
}
}
}
<span class="attribute">#[<span class="ident">cfg</span>(<span class="ident">test</span>)]</span>
<span class="kw">mod</span> <span class="ident">test</span> {
<span class="kw">use</span> <span class="ident">std::rc::Rc</span>;
<span class="kw">use</span> <span class="ident">actix_web</span>::{
<span class="ident">dev::Transform</span>,
<span class="ident">http</span>::{<span class="ident">header</span>, <span class="ident">HeaderValue</span>, <span class="ident">Method</span>, <span class="ident">StatusCode</span>},
<span class="ident">test</span>::{<span class="self">self</span>, <span class="ident">TestRequest</span>},
};
<span class="kw">use</span> <span class="ident"><span class="kw">crate</span>::Cors</span>;
<span class="kw">fn</span> <span class="ident">val_as_str</span>(<span class="ident">val</span>: <span class="kw-2">&amp;</span><span class="ident">HeaderValue</span>) -&gt; <span class="kw-2">&amp;</span><span class="ident">str</span> {
<span class="ident">val</span>.<span class="ident">to_str</span>().<span class="ident">unwrap</span>()
}
<span class="attribute">#[<span class="ident">actix_rt::test</span>]</span>
<span class="kw">async</span> <span class="kw">fn</span> <span class="ident">test_validate_not_allowed_origin</span>() {
<span class="kw">let</span> <span class="ident">cors</span> <span class="op">=</span> <span class="ident">Cors::default</span>()
.<span class="ident">allowed_origin</span>(<span class="string">&quot;https://www.example.com&quot;</span>)
.<span class="ident">new_transform</span>(<span class="ident">test::ok_service</span>())
.<span class="kw">await</span>
.<span class="ident">unwrap</span>();
<span class="kw">let</span> <span class="ident">req</span> <span class="op">=</span> <span class="ident">TestRequest::get</span>()
.<span class="ident">insert_header</span>((<span class="ident">header::ORIGIN</span>, <span class="string">&quot;https://www.unknown.com&quot;</span>))
.<span class="ident">insert_header</span>((<span class="ident">header::ACCESS_CONTROL_REQUEST_HEADERS</span>, <span class="string">&quot;DNT&quot;</span>))
.<span class="ident">to_srv_request</span>();
<span class="macro">assert!</span>(<span class="ident">cors</span>.<span class="ident">inner</span>.<span class="ident">validate_origin</span>(<span class="ident">req</span>.<span class="ident">head</span>()).<span class="ident">is_err</span>());
<span class="macro">assert!</span>(<span class="ident">cors</span>.<span class="ident">inner</span>.<span class="ident">validate_allowed_method</span>(<span class="ident">req</span>.<span class="ident">head</span>()).<span class="ident">is_err</span>());
<span class="macro">assert!</span>(<span class="ident">cors</span>.<span class="ident">inner</span>.<span class="ident">validate_allowed_headers</span>(<span class="ident">req</span>.<span class="ident">head</span>()).<span class="ident">is_err</span>());
}
<span class="attribute">#[<span class="ident">actix_rt::test</span>]</span>
<span class="kw">async</span> <span class="kw">fn</span> <span class="ident">test_preflight</span>() {
<span class="kw">let</span> <span class="kw-2">mut</span> <span class="ident">cors</span> <span class="op">=</span> <span class="ident">Cors::default</span>()
.<span class="ident">allow_any_origin</span>()
.<span class="ident">send_wildcard</span>()
.<span class="ident">max_age</span>(<span class="number">3600</span>)
.<span class="ident">allowed_methods</span>(<span class="macro">vec!</span>[<span class="ident">Method::GET</span>, <span class="ident">Method::OPTIONS</span>, <span class="ident">Method::POST</span>])
.<span class="ident">allowed_headers</span>(<span class="macro">vec!</span>[<span class="ident">header::AUTHORIZATION</span>, <span class="ident">header::ACCEPT</span>])
.<span class="ident">allowed_header</span>(<span class="ident">header::CONTENT_TYPE</span>)
.<span class="ident">new_transform</span>(<span class="ident">test::ok_service</span>())
.<span class="kw">await</span>
.<span class="ident">unwrap</span>();
<span class="kw">let</span> <span class="ident">req</span> <span class="op">=</span> <span class="ident">TestRequest::default</span>()
.<span class="ident">method</span>(<span class="ident">Method::OPTIONS</span>)
.<span class="ident">insert_header</span>((<span class="string">&quot;Origin&quot;</span>, <span class="string">&quot;https://www.example.com&quot;</span>))
.<span class="ident">insert_header</span>((<span class="ident">header::ACCESS_CONTROL_REQUEST_HEADERS</span>, <span class="string">&quot;X-Not-Allowed&quot;</span>))
.<span class="ident">to_srv_request</span>();
<span class="macro">assert!</span>(<span class="ident">cors</span>.<span class="ident">inner</span>.<span class="ident">validate_allowed_method</span>(<span class="ident">req</span>.<span class="ident">head</span>()).<span class="ident">is_err</span>());
<span class="macro">assert!</span>(<span class="ident">cors</span>.<span class="ident">inner</span>.<span class="ident">validate_allowed_headers</span>(<span class="ident">req</span>.<span class="ident">head</span>()).<span class="ident">is_err</span>());
<span class="kw">let</span> <span class="ident">resp</span> <span class="op">=</span> <span class="ident">test::call_service</span>(<span class="kw-2">&amp;</span><span class="ident">cors</span>, <span class="ident">req</span>).<span class="kw">await</span>;
<span class="macro">assert_eq!</span>(<span class="ident">resp</span>.<span class="ident">status</span>(), <span class="ident">StatusCode::BAD_REQUEST</span>);
<span class="kw">let</span> <span class="ident">req</span> <span class="op">=</span> <span class="ident">TestRequest::default</span>()
.<span class="ident">method</span>(<span class="ident">Method::OPTIONS</span>)
.<span class="ident">insert_header</span>((<span class="string">&quot;Origin&quot;</span>, <span class="string">&quot;https://www.example.com&quot;</span>))
.<span class="ident">insert_header</span>((<span class="ident">header::ACCESS_CONTROL_REQUEST_METHOD</span>, <span class="string">&quot;put&quot;</span>))
.<span class="ident">to_srv_request</span>();
<span class="macro">assert!</span>(<span class="ident">cors</span>.<span class="ident">inner</span>.<span class="ident">validate_allowed_method</span>(<span class="ident">req</span>.<span class="ident">head</span>()).<span class="ident">is_err</span>());
<span class="macro">assert!</span>(<span class="ident">cors</span>.<span class="ident">inner</span>.<span class="ident">validate_allowed_headers</span>(<span class="ident">req</span>.<span class="ident">head</span>()).<span class="ident">is_ok</span>());
<span class="kw">let</span> <span class="ident">req</span> <span class="op">=</span> <span class="ident">TestRequest::default</span>()
.<span class="ident">method</span>(<span class="ident">Method::OPTIONS</span>)
.<span class="ident">insert_header</span>((<span class="string">&quot;Origin&quot;</span>, <span class="string">&quot;https://www.example.com&quot;</span>))
.<span class="ident">insert_header</span>((<span class="ident">header::ACCESS_CONTROL_REQUEST_METHOD</span>, <span class="string">&quot;POST&quot;</span>))
.<span class="ident">insert_header</span>((
<span class="ident">header::ACCESS_CONTROL_REQUEST_HEADERS</span>,
<span class="string">&quot;AUTHORIZATION,ACCEPT&quot;</span>,
))
.<span class="ident">to_srv_request</span>();
<span class="kw">let</span> <span class="ident">resp</span> <span class="op">=</span> <span class="ident">test::call_service</span>(<span class="kw-2">&amp;</span><span class="ident">cors</span>, <span class="ident">req</span>).<span class="kw">await</span>;
<span class="macro">assert_eq!</span>(
<span class="prelude-val">Some</span>(<span class="kw-2">&amp;</span><span class="string">b&quot;*&quot;</span>[..]),
<span class="ident">resp</span>.<span class="ident">headers</span>()
.<span class="ident">get</span>(<span class="ident">header::ACCESS_CONTROL_ALLOW_ORIGIN</span>)
.<span class="ident">map</span>(<span class="ident">HeaderValue::as_bytes</span>)
);
<span class="macro">assert_eq!</span>(
<span class="prelude-val">Some</span>(<span class="kw-2">&amp;</span><span class="string">b&quot;3600&quot;</span>[..]),
<span class="ident">resp</span>.<span class="ident">headers</span>()
.<span class="ident">get</span>(<span class="ident">header::ACCESS_CONTROL_MAX_AGE</span>)
.<span class="ident">map</span>(<span class="ident">HeaderValue::as_bytes</span>)
);
<span class="kw">let</span> <span class="ident">hdr</span> <span class="op">=</span> <span class="ident">resp</span>
.<span class="ident">headers</span>()
.<span class="ident">get</span>(<span class="ident">header::ACCESS_CONTROL_ALLOW_HEADERS</span>)
.<span class="ident">map</span>(<span class="ident">val_as_str</span>)
.<span class="ident">unwrap</span>();
<span class="macro">assert!</span>(<span class="ident">hdr</span>.<span class="ident">contains</span>(<span class="string">&quot;authorization&quot;</span>));
<span class="macro">assert!</span>(<span class="ident">hdr</span>.<span class="ident">contains</span>(<span class="string">&quot;accept&quot;</span>));
<span class="macro">assert!</span>(<span class="ident">hdr</span>.<span class="ident">contains</span>(<span class="string">&quot;content-type&quot;</span>));
<span class="kw">let</span> <span class="ident">methods</span> <span class="op">=</span> <span class="ident">resp</span>
.<span class="ident">headers</span>()
.<span class="ident">get</span>(<span class="ident">header::ACCESS_CONTROL_ALLOW_METHODS</span>)
.<span class="ident">unwrap</span>()
.<span class="ident">to_str</span>()
.<span class="ident">unwrap</span>();
<span class="macro">assert!</span>(<span class="ident">methods</span>.<span class="ident">contains</span>(<span class="string">&quot;POST&quot;</span>));
<span class="macro">assert!</span>(<span class="ident">methods</span>.<span class="ident">contains</span>(<span class="string">&quot;GET&quot;</span>));
<span class="macro">assert!</span>(<span class="ident">methods</span>.<span class="ident">contains</span>(<span class="string">&quot;OPTIONS&quot;</span>));
<span class="ident">Rc::get_mut</span>(<span class="kw-2">&amp;</span><span class="kw-2">mut</span> <span class="ident">cors</span>.<span class="ident">inner</span>).<span class="ident">unwrap</span>().<span class="ident">preflight</span> <span class="op">=</span> <span class="bool-val">false</span>;
<span class="kw">let</span> <span class="ident">req</span> <span class="op">=</span> <span class="ident">TestRequest::default</span>()
.<span class="ident">method</span>(<span class="ident">Method::OPTIONS</span>)
.<span class="ident">insert_header</span>((<span class="string">&quot;Origin&quot;</span>, <span class="string">&quot;https://www.example.com&quot;</span>))
.<span class="ident">insert_header</span>((<span class="ident">header::ACCESS_CONTROL_REQUEST_METHOD</span>, <span class="string">&quot;POST&quot;</span>))
.<span class="ident">insert_header</span>((
<span class="ident">header::ACCESS_CONTROL_REQUEST_HEADERS</span>,
<span class="string">&quot;AUTHORIZATION,ACCEPT&quot;</span>,
))
.<span class="ident">to_srv_request</span>();
<span class="kw">let</span> <span class="ident">resp</span> <span class="op">=</span> <span class="ident">test::call_service</span>(<span class="kw-2">&amp;</span><span class="ident">cors</span>, <span class="ident">req</span>).<span class="kw">await</span>;
<span class="macro">assert_eq!</span>(<span class="ident">resp</span>.<span class="ident">status</span>(), <span class="ident">StatusCode::OK</span>);
}
}
</code></pre></div>
</section><section id="search" class="content hidden"></section><div id="rustdoc-vars" data-root-path="../../" data-current-crate="actix_cors" data-search-index-js="../../search-index.js" data-search-js="../../search.js"></div>
<script src="../../main.js"></script><script src="../../source-script.js"></script><script src="../../source-files.js"></script>
</body></html>
Reference in New Issue View Git Blame Copy Permalink