From ca69b6577e0871d65721582cc452a010d6ed1fe4 Mon Sep 17 00:00:00 2001
From: Rob Ede <robjtede@icloud.com>
Date: Sun, 7 Mar 2021 19:29:02 +0000
Subject: [PATCH] use iota for more content-length insertions (#2050)

---
 actix-http/src/client/h2proto.rs | 18 +++++++++++------
 actix-http/src/h1/encoder.rs     |  5 ++---
 actix-http/src/h2/dispatcher.rs  | 25 ++++++++++++------------
 actix-http/src/response.rs       |  3 ++-
 awc/CHANGES.md                   |  3 +++
 awc/Cargo.toml                   |  3 ++-
 awc/src/request.rs               | 33 +++++++++++++-------------------
 awc/tests/test_client.rs         |  4 ++--
 8 files changed, 49 insertions(+), 45 deletions(-)

diff --git a/actix-http/src/client/h2proto.rs b/actix-http/src/client/h2proto.rs
index 0deb5c014..7292972de 100644
--- a/actix-http/src/client/h2proto.rs
+++ b/actix-http/src/client/h2proto.rs
@@ -1,4 +1,3 @@
-use std::convert::TryFrom;
 use std::future::Future;
 use std::time;
 
@@ -61,10 +60,14 @@ where
         BodySize::Empty => req
             .headers_mut()
             .insert(CONTENT_LENGTH, HeaderValue::from_static("0")),
-        BodySize::Sized(len) => req.headers_mut().insert(
-            CONTENT_LENGTH,
-            HeaderValue::try_from(format!("{}", len)).unwrap(),
-        ),
+        BodySize::Sized(len) => {
+            let mut buf = itoa::Buffer::new();
+
+            req.headers_mut().insert(
+                CONTENT_LENGTH,
+                HeaderValue::from_str(buf.format(len)).unwrap(),
+            )
+        }
     };
 
     // Extracting extra headers from RequestHeadType. HeaderMap::new() does not allocate.
@@ -87,7 +90,10 @@ where
     // copy headers
     for (key, value) in headers {
         match *key {
-            CONNECTION | TRANSFER_ENCODING => continue, // http2 specific
+            // TODO: consider skipping other headers according to:
+            //       https://tools.ietf.org/html/rfc7540#section-8.1.2.2
+            // omit HTTP/1.x only headers
+            CONNECTION | TRANSFER_ENCODING => continue,
             CONTENT_LENGTH if skip_len => continue,
             // DATE => has_date = true,
             _ => {}
diff --git a/actix-http/src/h1/encoder.rs b/actix-http/src/h1/encoder.rs
index 97916e7db..4e9903284 100644
--- a/actix-http/src/h1/encoder.rs
+++ b/actix-http/src/h1/encoder.rs
@@ -632,10 +632,9 @@ mod tests {
 
         let mut res: Response<()> =
             Response::new(StatusCode::SWITCHING_PROTOCOLS).into_body::<()>();
+        res.headers_mut().insert(DATE, HeaderValue::from_static(""));
         res.headers_mut()
-            .insert(DATE, HeaderValue::from_static(&""));
-        res.headers_mut()
-            .insert(CONTENT_LENGTH, HeaderValue::from_static(&"0"));
+            .insert(CONTENT_LENGTH, HeaderValue::from_static("0"));
 
         let _ = res.encode_headers(
             &mut bytes,
diff --git a/actix-http/src/h2/dispatcher.rs b/actix-http/src/h2/dispatcher.rs
index 5ccd2a9d1..8e01afcb5 100644
--- a/actix-http/src/h2/dispatcher.rs
+++ b/actix-http/src/h2/dispatcher.rs
@@ -1,10 +1,5 @@
-use std::future::Future;
-use std::marker::PhantomData;
-use std::net;
-use std::pin::Pin;
-use std::rc::Rc;
 use std::task::{Context, Poll};
-use std::{cmp, convert::TryFrom};
+use std::{cmp, future::Future, marker::PhantomData, net, pin::Pin, rc::Rc};
 
 use actix_codec::{AsyncRead, AsyncWrite};
 use actix_rt::time::{Instant, Sleep};
@@ -125,7 +120,7 @@ where
                     let pl = Payload::<crate::payload::PayloadStream>::H2(pl);
                     let mut req = Request::with_payload(pl);
 
-                    let head = &mut req.head_mut();
+                    let head = req.head_mut();
                     head.uri = parts.uri;
                     head.method = parts.method;
                     head.version = parts.version;
@@ -203,16 +198,22 @@ where
             BodySize::Empty => res
                 .headers_mut()
                 .insert(CONTENT_LENGTH, HeaderValue::from_static("0")),
-            BodySize::Sized(len) => res.headers_mut().insert(
-                CONTENT_LENGTH,
-                HeaderValue::try_from(format!("{}", len)).unwrap(),
-            ),
+            BodySize::Sized(len) => {
+                let mut buf = itoa::Buffer::new();
+
+                res.headers_mut().insert(
+                    CONTENT_LENGTH,
+                    HeaderValue::from_str(buf.format(*len)).unwrap(),
+                )
+            }
         };
 
         // copy headers
         for (key, value) in head.headers.iter() {
             match *key {
-                // omit HTTP/1 only headers
+                // TODO: consider skipping other headers according to:
+                //       https://tools.ietf.org/html/rfc7540#section-8.1.2.2
+                // omit HTTP/1.x only headers
                 CONNECTION | TRANSFER_ENCODING => continue,
                 CONTENT_LENGTH if skip_len => continue,
                 DATE => has_date = true,
diff --git a/actix-http/src/response.rs b/actix-http/src/response.rs
index f96f8f9b6..c5a4aec13 100644
--- a/actix-http/src/response.rs
+++ b/actix-http/src/response.rs
@@ -498,7 +498,8 @@ impl ResponseBuilder {
     /// Disable chunked transfer encoding for HTTP/1.1 streaming responses.
     #[inline]
     pub fn no_chunking(&mut self, len: u64) -> &mut Self {
-        self.insert_header((header::CONTENT_LENGTH, len));
+        let mut buf = itoa::Buffer::new();
+        self.insert_header((header::CONTENT_LENGTH, buf.format(len)));
 
         if let Some(parts) = parts(&mut self.head, &self.err) {
             parts.no_chunking(true);
diff --git a/awc/CHANGES.md b/awc/CHANGES.md
index 9fbc6d042..211db5a80 100644
--- a/awc/CHANGES.md
+++ b/awc/CHANGES.md
@@ -8,6 +8,7 @@
 ### Changed
 * Feature `cookies` is now optional and enabled by default. [#1981]
 * `ClientBuilder::connector` method would take `actix_http::client::Connector<T, U>` type. [#2008]
+* Basic auth password now takes blank passwords as an empty string instead of Option. [#2050]
 
 ### Removed
 * `ClientBuilder::default` function [#2008]
@@ -17,6 +18,8 @@
 [#1981]: https://github.com/actix/actix-web/pull/1981
 [#2008]: https://github.com/actix/actix-web/pull/2008
 [#2024]: https://github.com/actix/actix-web/pull/2024
+[#2050]: https://github.com/actix/actix-web/pull/2050
+
 
 ## 3.0.0-beta.2 - 2021-02-10
 ### Added
diff --git a/awc/Cargo.toml b/awc/Cargo.toml
index ca345d3cb..761871ba2 100644
--- a/awc/Cargo.toml
+++ b/awc/Cargo.toml
@@ -54,6 +54,7 @@ bytes = "1"
 cfg-if = "1.0"
 derive_more = "0.99.5"
 futures-core = { version = "0.3.7", default-features = false }
+itoa = "0.4"
 log =" 0.4"
 mime = "0.3"
 percent-encoding = "2.1"
@@ -80,8 +81,8 @@ actix-server = "2.0.0-beta.3"
 actix-tls = { version = "3.0.0-beta.4", features = ["openssl", "rustls"] }
 
 brotli2 = "0.3.2"
+env_logger = "0.8"
 flate2 = "1.0.13"
 futures-util = { version = "0.3.7", default-features = false }
-env_logger = "0.8"
 rcgen = "0.8"
 webpki = "0.21"
diff --git a/awc/src/request.rs b/awc/src/request.rs
index 812c0e805..1b63f3687 100644
--- a/awc/src/request.rs
+++ b/awc/src/request.rs
@@ -248,30 +248,25 @@ impl ClientRequest {
     /// Set content length
     #[inline]
     pub fn content_length(self, len: u64) -> Self {
-        self.append_header((header::CONTENT_LENGTH, len))
+        let mut buf = itoa::Buffer::new();
+        self.insert_header((header::CONTENT_LENGTH, buf.format(len)))
     }
 
-    /// Set HTTP basic authorization header
-    pub fn basic_auth<U>(self, username: U, password: Option<&str>) -> Self
-    where
-        U: fmt::Display,
-    {
-        let auth = match password {
-            Some(password) => format!("{}:{}", username, password),
-            None => format!("{}:", username),
-        };
-        self.append_header((
+    /// Set HTTP basic authorization header.
+    ///
+    /// If no password is needed, just provide an empty string.
+    pub fn basic_auth(self, username: impl fmt::Display, password: impl fmt::Display) -> Self {
+        let auth = format!("{}:{}", username, password);
+
+        self.insert_header((
             header::AUTHORIZATION,
             format!("Basic {}", base64::encode(&auth)),
         ))
     }
 
     /// Set HTTP bearer authentication header
-    pub fn bearer_auth<T>(self, token: T) -> Self
-    where
-        T: fmt::Display,
-    {
-        self.append_header((header::AUTHORIZATION, format!("Bearer {}", token)))
+    pub fn bearer_auth(self, token: impl fmt::Display) -> Self {
+        self.insert_header((header::AUTHORIZATION, format!("Bearer {}", token)))
     }
 
     /// Set a cookie
@@ -643,9 +638,7 @@ mod tests {
 
     #[actix_rt::test]
     async fn client_basic_auth() {
-        let req = Client::new()
-            .get("/")
-            .basic_auth("username", Some("password"));
+        let req = Client::new().get("/").basic_auth("username", "password");
         assert_eq!(
             req.head
                 .headers
@@ -656,7 +649,7 @@ mod tests {
             "Basic dXNlcm5hbWU6cGFzc3dvcmQ="
         );
 
-        let req = Client::new().get("/").basic_auth("username", None);
+        let req = Client::new().get("/").basic_auth("username", "");
         assert_eq!(
             req.head
                 .headers
diff --git a/awc/tests/test_client.rs b/awc/tests/test_client.rs
index c7fa82de8..50d2b5eac 100644
--- a/awc/tests/test_client.rs
+++ b/awc/tests/test_client.rs
@@ -829,7 +829,7 @@ async fn client_basic_auth() {
                     .unwrap()
                     .to_str()
                     .unwrap()
-                    == "Basic dXNlcm5hbWU6cGFzc3dvcmQ="
+                    == format!("Basic {}", base64::encode("username:password"))
                 {
                     HttpResponse::Ok()
                 } else {
@@ -840,7 +840,7 @@ async fn client_basic_auth() {
     });
 
     // set authorization header to Basic <base64 encoded username:password>
-    let request = srv.get("/").basic_auth("username", Some("password"));
+    let request = srv.get("/").basic_auth("username", "password");
     let response = request.send().await.unwrap();
     assert!(response.status().is_success());
 }