mirror of
https://github.com/fafhrd91/actix-web
synced 2024-11-24 00:21:08 +01:00
compile time validation of path (#2350)
* compile time validation of path * added trybuild err message * Update Cargo.toml * add changelog entry * test more cases of path validation * fmt Co-authored-by: Rob Ede <robjtede@icloud.com>
This commit is contained in:
parent
4bb32fb19b
commit
168b2f227d
@ -967,7 +967,10 @@ impl ResourceDef {
|
||||
_ => false,
|
||||
})
|
||||
.unwrap_or_else(|| {
|
||||
panic!(r#"path "{}" contains malformed dynamic segment"#, pattern)
|
||||
panic!(
|
||||
r#"pattern "{}" contains malformed dynamic segment"#,
|
||||
pattern
|
||||
)
|
||||
});
|
||||
|
||||
let (mut param, mut unprocessed) = pattern.split_at(close_idx + 1);
|
||||
|
@ -1,6 +1,9 @@
|
||||
# Changes
|
||||
|
||||
## Unreleased - 2021-xx-xx
|
||||
* In routing macros, paths are now validated at compile time. [#2350]
|
||||
|
||||
[#2350]: https://github.com/actix/actix-web/pull/2350
|
||||
|
||||
|
||||
## 0.5.0-beta.3 - 2021-06-17
|
||||
|
@ -17,6 +17,7 @@ proc-macro = true
|
||||
quote = "1"
|
||||
syn = { version = "1", features = ["full", "parsing"] }
|
||||
proc-macro2 = "1"
|
||||
actix-router = "0.5.0-beta.1"
|
||||
|
||||
[dev-dependencies]
|
||||
actix-rt = "2.2"
|
||||
|
@ -3,6 +3,7 @@ extern crate proc_macro;
|
||||
use std::collections::HashSet;
|
||||
use std::convert::TryFrom;
|
||||
|
||||
use actix_router::ResourceDef;
|
||||
use proc_macro::TokenStream;
|
||||
use proc_macro2::{Span, TokenStream as TokenStream2};
|
||||
use quote::{format_ident, quote, ToTokens, TokenStreamExt};
|
||||
@ -101,6 +102,7 @@ impl Args {
|
||||
match arg {
|
||||
NestedMeta::Lit(syn::Lit::Str(lit)) => match path {
|
||||
None => {
|
||||
let _ = ResourceDef::new(lit.value());
|
||||
path = Some(lit);
|
||||
}
|
||||
_ => {
|
||||
|
@ -10,6 +10,7 @@ fn compile_macros() {
|
||||
t.compile_fail("tests/trybuild/route-missing-method-fail.rs");
|
||||
t.compile_fail("tests/trybuild/route-duplicate-method-fail.rs");
|
||||
t.compile_fail("tests/trybuild/route-unexpected-method-fail.rs");
|
||||
t.compile_fail("tests/trybuild/route-malformed-path-fail.rs");
|
||||
|
||||
t.pass("tests/trybuild/docstring-ok.rs");
|
||||
}
|
||||
|
@ -0,0 +1,33 @@
|
||||
use actix_web_codegen::get;
|
||||
|
||||
#[get("/{")]
|
||||
async fn zero() -> &'static str {
|
||||
"malformed resource def"
|
||||
}
|
||||
|
||||
#[get("/{foo")]
|
||||
async fn one() -> &'static str {
|
||||
"malformed resource def"
|
||||
}
|
||||
|
||||
#[get("/{}")]
|
||||
async fn two() -> &'static str {
|
||||
"malformed resource def"
|
||||
}
|
||||
|
||||
#[get("/*")]
|
||||
async fn three() -> &'static str {
|
||||
"malformed resource def"
|
||||
}
|
||||
|
||||
#[get("/{tail:\\d+}*")]
|
||||
async fn four() -> &'static str {
|
||||
"malformed resource def"
|
||||
}
|
||||
|
||||
#[get("/{a}/{b}/{c}/{d}/{e}/{f}/{g}/{h}/{i}/{j}/{k}/{l}/{m}/{n}/{o}/{p}/{q}")]
|
||||
async fn five() -> &'static str {
|
||||
"malformed resource def"
|
||||
}
|
||||
|
||||
fn main() {}
|
@ -0,0 +1,42 @@
|
||||
error: custom attribute panicked
|
||||
--> $DIR/route-malformed-path-fail.rs:3:1
|
||||
|
|
||||
3 | #[get("/{")]
|
||||
| ^^^^^^^^^^^^
|
||||
|
|
||||
= help: message: pattern "{" contains malformed dynamic segment
|
||||
|
||||
error: custom attribute panicked
|
||||
--> $DIR/route-malformed-path-fail.rs:8:1
|
||||
|
|
||||
8 | #[get("/{foo")]
|
||||
| ^^^^^^^^^^^^^^^
|
||||
|
|
||||
= help: message: pattern "{foo" contains malformed dynamic segment
|
||||
|
||||
error: custom attribute panicked
|
||||
--> $DIR/route-malformed-path-fail.rs:13:1
|
||||
|
|
||||
13 | #[get("/{}")]
|
||||
| ^^^^^^^^^^^^^
|
||||
|
|
||||
= help: message: Wrong path pattern: "/{}" regex parse error:
|
||||
((?s-m)^/(?P<>[^/]+))$
|
||||
^
|
||||
error: empty capture group name
|
||||
|
||||
error: custom attribute panicked
|
||||
--> $DIR/route-malformed-path-fail.rs:23:1
|
||||
|
|
||||
23 | #[get("/{tail:\\d+}*")]
|
||||
| ^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
|
||||
= help: message: custom regex is not supported for tail match
|
||||
|
||||
error: custom attribute panicked
|
||||
--> $DIR/route-malformed-path-fail.rs:28:1
|
||||
|
|
||||
28 | #[get("/{a}/{b}/{c}/{d}/{e}/{f}/{g}/{h}/{i}/{j}/{k}/{l}/{m}/{n}/{o}/{p}/{q}")]
|
||||
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
|
||||
= help: message: Only 16 dynamic segments are allowed, provided: 17
|
Loading…
Reference in New Issue
Block a user