1
0
mirror of https://github.com/fafhrd91/actix-web synced 2024-11-28 18:02:39 +01:00
Commit Graph

68 Commits

Author SHA1 Message Date
Brandur
59244b203c Let CSRF's allowed_origin() be specified as a type supporting Into<String>
A very minor addition: I'm using this middleware on specific resources,
and given a non-static string, I often have to `clone()` already to get
a string into a closure. Take this code for example:

``` rust
let server = actix_web::server::new(move || {
    let csrf_origin_graphql = csrf_origin.clone();

    ...

    .resource("/graphql", move |r| {
	r.middleware(
	    csrf::CsrfFilter::new().allowed_origin(csrf_origin_graphql.as_str()),
	);

	r.method(Method::POST).a(graphql::handlers::graphql_post);
    })
```

Letting `allowed_origin()` take an `Into<String>` instead of `&str` would
prevent a second `clone()` in the code above, and also make the code a little
nicer to read (you eliminate the `.as_str()` above). This is a pattern that
seems to be common throughout actix-web already anyway, so it should also be
fine to have here.
2018-04-21 08:41:06 -07:00
Nikolay Kim
813d1d6e66 doc strings layout 2018-04-18 20:41:03 -07:00
Nikolay Kim
48b02abee7 fmt 2018-04-18 20:16:29 -07:00
Nikolay Kim
ce1081432b export session module 2018-04-18 20:11:49 -07:00
Nikolay Kim
e9bdba57a0 Add identity service middleware 2018-04-18 19:05:24 -07:00
Nikolay Kim
113f5ad1a8 add rustfmt config 2018-04-13 16:02:01 -07:00
Nikolay Kim
23eea54776 update cors doc string 2018-04-09 21:39:32 -07:00
Nikolay Kim
2881859400 proper test for CorsBuilder::resource 2018-04-09 21:29:57 -07:00
Nikolay Kim
1686682c19 extend CorsBuilder api to make it more user friendly 2018-04-09 21:11:15 -07:00
Nikolay Kim
be358db422 CorsBuilder::finish() panics on any configuration error 2018-04-09 14:20:12 -07:00
Nikolay Kim
7df2d6b12a clippy warnings; extend url_for example in user guide 2018-04-09 13:30:38 -07:00
Nikolay Kim
0b0bbd6bd9
Merge branch 'master' into private-cookies 2018-04-09 12:54:08 -07:00
Nikolay Kim
5617896780 cleanup doc tests 2018-04-09 10:40:12 -07:00
Alex Whitney
2b803f30c9 remove CookieSessionBackend::new 2018-04-09 18:33:29 +01:00
Alex Whitney
9b152acc32 add signed and private cookies 2018-04-09 17:59:28 +01:00
Nikolay Kim
eb66685d1a simplify csrf middleware 2018-04-09 09:49:07 -07:00
Nikolay Kim
b505e682d4 fix session doc test 2018-04-09 09:31:11 -07:00
Nikolay Kim
ff14633b3d simplify CookieSessionBackend; expose max_age cookie setting 2018-04-08 11:05:37 -07:00
Nikolay Kim
7be4b1f399 clippy warns 2018-04-04 20:24:09 -07:00
Nikolay Kim
fee30d6f47 fix doc test compatibility 2018-04-02 22:01:20 -07:00
Nikolay Kim
476b1fb36a simplify DefaultHeaders middleware 2018-04-02 21:43:50 -07:00
Nikolay Kim
3b93bff602 add ErrorHandlers middleware 2018-04-02 21:37:00 -07:00
Nikolay Kim
83bf852192 Fix logger request duration calculation 2018-04-02 11:09:24 -07:00
Nikolay Kim
17c27ef42d HttpRequest::resource() returns current matched resource 2018-04-01 17:37:22 -07:00
Nikolay Kim
3ee228005d rename Application 2018-03-31 00:16:55 -07:00
Nikolay Kim
44e3df82f6 simplify http response construction; deprecate httpcodes 2018-03-30 23:07:33 -07:00
Nikolay Kim
9e751de707 re-arrange modules and exports 2018-03-30 17:31:18 -07:00
Nikolay Kim
2f60a4b89d add handler with exatractor 2018-03-26 23:10:31 -07:00
Nikolay Kim
4263574a58 fix panic in cors if request does not contain origin header and send_wildcard is not set 2018-03-10 08:31:20 -08:00
Nikolay Kim
24342fb745
Merge pull request #113 from niklasf/csrf-upgrade
Let CSRF filter catch cross-site upgrades
2018-03-07 09:58:30 -08:00
Niklas Fiekas
0278e364ec add tests for csrf upgrade filter 2018-03-07 18:42:21 +01:00
Niklas Fiekas
b9d6bbd357 filter cross-site upgrades in csrf middleware 2018-03-07 17:49:30 +01:00
Niklas Fiekas
5816ecd1bc fix variable name: cors -> csrf 2018-03-07 17:44:19 +01:00
kindiana
04d0abb3c7 make session an optional feature 2018-03-07 15:38:58 +08:00
Niklas Fiekas
10f57dac31 add csrf filter middleware 2018-03-02 20:13:43 +01:00
Nikolay Kim
206c4e581a rename httpcodes 2018-03-01 19:12:59 -08:00
Alex Whitney
313396d9b5 fix session mut borrow lifetime 2018-02-28 19:35:26 +00:00
Nikolay Kim
a7bf635158 unify headers and body processing for client response and server request 2018-02-27 15:03:28 -08:00
Nikolay Kim
d6fd4a3524 use buffer capacity; remove unused imports 2018-02-26 15:34:25 -08:00
Nikolay Kim
72aa2d9eae clippy warnings 2018-02-26 14:33:56 -08:00
Nikolay Kim
fd56e5dc82 do not use regset for route recognition 2018-02-21 14:31:22 -08:00
Nikolay Kim
187644e178 update logger doc string 2018-02-20 12:53:51 -08:00
Nikolay Kim
edd114f6e4 allow to set default content encoding on application level 2018-02-18 22:23:17 -08:00
Alexander Andreev
a565e71018 spelling check 2018-01-31 20:28:53 +03:00
Nikolay Kim
71d534dadb CORS middleware: allowed_headers is defaulting to None #50 2018-01-20 16:36:57 -08:00
Alexander Andreev
58df8fa4b9 spelling check 2018-01-16 21:59:33 +03:00
Alexander Andreev
e1d9c3803b spelling check 2018-01-16 00:47:25 +03:00
Nikolay Kim
bc6bb9984f user guide spelling 2018-01-13 11:17:48 -08:00
Nikolay Kim
eb8052b936 fix cors tests 2018-01-11 20:20:50 -08:00
Nikolay Kim
dab918261c fix cors allowed header validation 2018-01-11 20:11:34 -08:00