1
0
mirror of https://github.com/fafhrd91/actix-web synced 2025-01-18 22:01:50 +01:00

non exhaustive content encoding (#2377)

This commit is contained in:
Rob Ede 2021-09-01 09:53:26 +01:00 committed by GitHub
parent ddc8c16cb3
commit 93112644d3
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
10 changed files with 35 additions and 60 deletions

View File

@ -99,7 +99,7 @@ regex = "1.4"
serde = { version = "1.0", features = ["derive"] }
serde_json = "1.0"
serde_urlencoded = "0.7"
smallvec = "1.6"
smallvec = "1.6.1"
socket2 = "0.4.0"
time = { version = "0.2.23", default-features = false, features = ["std"] }
url = "2.1"

View File

@ -2,6 +2,7 @@
## Unreleased - 2021-xx-xx
### Changed
* `ContentEncoding` is now marked `#[non_exhaustive]`. [#2377]
* Minimum supported Rust version (MSRV) is now 1.51.
### Fixed
@ -12,12 +13,14 @@
[#2364]: https://github.com/actix/actix-web/pull/2364
[#2375]: https://github.com/actix/actix-web/pull/2375
[#2344]: https://github.com/actix/actix-web/pull/2344
[#2377]: https://github.com/actix/actix-web/pull/2377
## 3.0.0-beta.8 - 2021-08-09
### Fixed
* Potential HTTP request smuggling vulnerabilities. [RUSTSEC-2021-0081](https://github.com/rustsec/advisory-db/pull/977)
## 3.0.0-beta.8 - 2021-06-26
### Changed
* Change compression algorithm features flags. [#2250]

View File

@ -73,7 +73,7 @@ rand = "0.8"
regex = "1.3"
serde = "1.0"
sha-1 = "0.9"
smallvec = "1.6"
smallvec = "1.6.1"
time = { version = "0.2.23", default-features = false, features = ["std"] }
tokio = { version = "1.2", features = ["sync"] }

View File

@ -1,7 +1,6 @@
//! Stream decoders.
use std::{
convert::TryFrom,
future::Future,
io::{self, Write as _},
pin::Pin,
@ -81,7 +80,7 @@ where
let encoding = headers
.get(&CONTENT_ENCODING)
.and_then(|val| val.to_str().ok())
.and_then(|x| ContentEncoding::try_from(x).ok())
.and_then(|x| x.parse().ok())
.unwrap_or(ContentEncoding::Identity);
Self::new(stream, encoding)

View File

@ -1,5 +1,6 @@
use std::{convert::TryFrom, error, fmt, str::FromStr};
use std::{convert::TryFrom, str::FromStr};
use derive_more::{Display, Error};
use http::header::InvalidHeaderValue;
use crate::{
@ -11,19 +12,13 @@ use crate::{
/// Error return when a content encoding is unknown.
///
/// Example: 'compress'
#[derive(Debug)]
#[derive(Debug, Display, Error)]
#[display(fmt = "unsupported content encoding")]
pub struct ContentEncodingParseError;
impl fmt::Display for ContentEncodingParseError {
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
write!(f, "Unsupported content encoding")
}
}
impl error::Error for ContentEncodingParseError {}
/// Represents a supported content encoding.
#[derive(Copy, Clone, PartialEq, Debug)]
#[derive(Debug, Clone, Copy, PartialEq)]
#[non_exhaustive]
pub enum ContentEncoding {
/// Automatically select encoding based on encoding negotiation.
Auto,

View File

@ -41,9 +41,9 @@ type HttpNewService = BoxServiceFactory<(), ServiceRequest, ServiceResponse, Err
/// fn main() {
/// let app = App::new().service(
/// web::scope("/{project_id}/")
/// .service(web::resource("/path1").to(|| async { HttpResponse::Ok() }))
/// .service(web::resource("/path1").to(|| async { "OK" }))
/// .service(web::resource("/path2").route(web::get().to(|| HttpResponse::Ok())))
/// .service(web::resource("/path3").route(web::head().to(|| HttpResponse::MethodNotAllowed())))
/// .service(web::resource("/path3").route(web::head().to(HttpResponse::MethodNotAllowed)))
/// );
/// }
/// ```

View File

@ -56,7 +56,7 @@ pub fn default_service(
/// async fn test_init_service() {
/// let app = test::init_service(
/// App::new()
/// .service(web::resource("/test").to(|| async { HttpResponse::Ok() }))
/// .service(web::resource("/test").to(|| async { "OK" }))
/// ).await;
///
/// // Create request object

View File

@ -30,7 +30,7 @@ use crate::{
///
/// # Extractor
/// To extract typed data from a request body, the inner type `T` must implement the
/// [`serde::Deserialize`] trait.
/// [`DeserializeOwned`] trait.
///
/// Use [`FormConfig`] to configure extraction process.
///

View File

@ -97,19 +97,13 @@ impl<T> ops::DerefMut for Json<T> {
}
}
impl<T> fmt::Display for Json<T>
where
T: fmt::Display,
{
impl<T: fmt::Display> fmt::Display for Json<T> {
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
fmt::Display::fmt(&self.0, f)
}
}
impl<T> Serialize for Json<T>
where
T: Serialize,
{
impl<T: Serialize> Serialize for Json<T> {
fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>
where
S: serde::Serializer,
@ -133,10 +127,7 @@ impl<T: Serialize> Responder for Json<T> {
}
/// See [here](#extractor) for example of usage as an extractor.
impl<T> FromRequest for Json<T>
where
T: DeserializeOwned + 'static,
{
impl<T: DeserializeOwned + 'static> FromRequest for Json<T> {
type Error = Error;
type Future = JsonExtractFut<T>;
type Config = JsonConfig;
@ -166,10 +157,7 @@ pub struct JsonExtractFut<T> {
err_handler: JsonErrorHandler,
}
impl<T> Future for JsonExtractFut<T>
where
T: DeserializeOwned + 'static,
{
impl<T: DeserializeOwned + 'static> Future for JsonExtractFut<T> {
type Output = Result<Json<T>, Error>;
fn poll(self: Pin<&mut Self>, cx: &mut Context<'_>) -> Poll<Self::Output> {
@ -311,10 +299,7 @@ pub enum JsonBody<T> {
impl<T> Unpin for JsonBody<T> {}
impl<T> JsonBody<T>
where
T: DeserializeOwned + 'static,
{
impl<T: DeserializeOwned> JsonBody<T> {
/// Create a new future to decode a JSON request payload.
#[allow(clippy::borrow_interior_mutable_const)]
pub fn new(
@ -395,10 +380,7 @@ where
}
}
impl<T> Future for JsonBody<T>
where
T: DeserializeOwned + 'static,
{
impl<T: DeserializeOwned + 'static> Future for JsonBody<T> {
type Output = Result<T, JsonPayloadError>;
fn poll(self: Pin<&mut Self>, cx: &mut Context<'_>) -> Poll<Self::Output> {

View File

@ -3,14 +3,14 @@
use std::{fmt, ops, sync::Arc};
use actix_utils::future::{err, ok, Ready};
use serde::de;
use serde::de::DeserializeOwned;
use crate::{dev::Payload, error::QueryPayloadError, Error, FromRequest, HttpRequest};
/// Extract typed information from the request's query.
///
/// To extract typed data from the URL query string, the inner type `T` must implement the
/// [`serde::Deserialize`] trait.
/// [`DeserializeOwned`] trait.
///
/// Use [`QueryConfig`] to configure extraction process.
///
@ -46,18 +46,18 @@ use crate::{dev::Payload, error::QueryPayloadError, Error, FromRequest, HttpRequ
/// // To access the entire underlying query struct, use `.into_inner()`.
/// #[get("/debug1")]
/// async fn debug1(info: web::Query<AuthRequest>) -> String {
/// dbg!("Authorization object={:?}", info.into_inner());
/// dbg!("Authorization object = {:?}", info.into_inner());
/// "OK".to_string()
/// }
///
/// // Or use `.0`, which is equivalent to `.into_inner()`.
/// // Or use destructuring, which is equivalent to `.into_inner()`.
/// #[get("/debug2")]
/// async fn debug2(info: web::Query<AuthRequest>) -> String {
/// dbg!("Authorization object={:?}", info.0);
/// async fn debug2(web::Query(info): web::Query<AuthRequest>) -> String {
/// dbg!("Authorization object = {:?}", info);
/// "OK".to_string()
/// }
/// ```
#[derive(Clone, PartialEq, Eq, PartialOrd, Ord, Debug)]
#[derive(Debug, Clone, PartialEq, Eq, PartialOrd, Ord)]
pub struct Query<T>(pub T);
impl<T> Query<T> {
@ -65,8 +65,10 @@ impl<T> Query<T> {
pub fn into_inner(self) -> T {
self.0
}
}
/// Deserialize `T` from a URL encoded query parameter string.
impl<T: DeserializeOwned> Query<T> {
/// Deserialize a `T` from the URL encoded query parameter string.
///
/// ```
/// # use std::collections::HashMap;
@ -76,10 +78,7 @@ impl<T> Query<T> {
/// assert_eq!(numbers.get("two"), Some(&2));
/// assert!(numbers.get("three").is_none());
/// ```
pub fn from_query(query_str: &str) -> Result<Self, QueryPayloadError>
where
T: de::DeserializeOwned,
{
pub fn from_query(query_str: &str) -> Result<Self, QueryPayloadError> {
serde_urlencoded::from_str::<T>(query_str)
.map(Self)
.map_err(QueryPayloadError::Deserialize)
@ -107,10 +106,7 @@ impl<T: fmt::Display> fmt::Display for Query<T> {
}
/// See [here](#usage) for example of usage as an extractor.
impl<T> FromRequest for Query<T>
where
T: de::DeserializeOwned,
{
impl<T: DeserializeOwned> FromRequest for Query<T> {
type Error = Error;
type Future = Ready<Result<Self, Error>>;
type Config = QueryConfig;
@ -165,7 +161,7 @@ where
/// let query_cfg = web::QueryConfig::default()
/// // use custom error handler
/// .error_handler(|err, req| {
/// error::InternalError::from_response(err, HttpResponse::Conflict().into()).into()
/// error::InternalError::from_response(err, HttpResponse::Conflict().finish()).into()
/// });
///
/// App::new()