ci: fix msrv job

closes #3640

.cargo/config.toml

@@ -1,14 +0,0 @@
-[alias]
-lint = "clippy --workspace --tests --examples --bins -- -Dclippy::todo"
-lint-all = "clippy --workspace --all-features --tests --examples --bins -- -Dclippy::todo"
-
-# lib checking
-ci-check-min = "hack --workspace check --no-default-features"
-ci-check-default = "hack --workspace check"
-ci-check-default-tests = "check --workspace --tests"
-ci-check-all-feature-powerset="hack --workspace --feature-powerset --skip=__compress,io-uring check"
-ci-check-all-feature-powerset-linux="hack --workspace --feature-powerset --skip=__compress check"
-
-# testing
-ci-doctest-default = "test --workspace --doc --no-fail-fast -- --nocapture"
-ci-doctest = "test --workspace --all-features --doc --no-fail-fast -- --nocapture"

.clippy.toml

@@ -0,0 +1,8 @@
+disallowed-names = [
+  "..",
+  "e", # no single letter error bindings
+]
+disallowed-methods = [
+  { path = "std::cell::RefCell::default()", reason = "prefer explicit inner type default" },
+  { path = "std::rc::Rc::default()", reason = "prefer explicit inner type default" },
+]

.cspell.yml

@@ -0,0 +1,12 @@
+version: "0.2"
+words:
+  - actix
+  - addrs
+  - bytestring
+  - httparse
+  - msrv
+  - realip
+  - rustls
+  - rustup
+  - serde
+  - zstd

.github/ISSUE_TEMPLATE/bug_report.md

@@ -3,34 +3,40 @@ name: Bug Report
 about: Create a bug report.
 ---
 
-Your issue may already be reported!
-Please search on the [Actix Web issue tracker](https://github.com/actix/actix-web/issues) before creating one.
+Your issue may already be reported! Please search on the [Actix Web issue tracker](https://github.com/actix/actix-web/issues) before creating one.
 
 ## Expected Behavior
+
 <!--- If you're describing a bug, tell us what should happen -->
 <!--- If you're suggesting a change/improvement, tell us how it should work -->
 
 ## Current Behavior
+
 <!--- If describing a bug, tell us what happens instead of the expected behavior -->
 <!--- If suggesting a change/improvement, explain the difference from current behavior -->
 
 ## Possible Solution
+
 <!--- Not obligatory, but suggest a fix/reason for the bug, -->
 <!--- or ideas how to implement the addition or change -->
 
 ## Steps to Reproduce (for bugs)
+
 <!--- Provide a link to a live example, or an unambiguous set of steps to -->
 <!--- reproduce this bug. Include code to reproduce, if relevant -->
+
 1.
 2.
 3.
 4.
 
 ## Context
+
 <!--- How has this issue affected you? What are you trying to accomplish? -->
 <!--- Providing context helps us come up with a solution that is most useful in the real world -->
 
 ## Your Environment
+
 <!--- Include as many relevant details about the environment you experienced the bug in -->
 
 - Rust Version (I.e, output of `rustc -V`):

.github/PULL_REQUEST_TEMPLATE.md

@@ -2,12 +2,14 @@
 <!-- Please fill out the following to get your PR reviewed quicker. -->
 
 ## PR Type
+
 <!-- What kind of change does this PR make? -->
 <!-- Bug Fix / Feature / Refactor / Code Style / Other -->
+
 PR_TYPE
 
-
 ## PR Checklist
+
 <!-- Check your PR fulfills the following items. -->
 <!-- For draft PRs check the boxes as you complete them. -->
 
@@ -17,11 +19,10 @@ PR_TYPE
 - [ ] Format code with the latest stable rustfmt.
 - [ ] (Team) Label with affected crates and semver status.
 
-
 ## Overview
+
 <!-- Describe the current and new behavior. -->
 <!-- Emphasize any breaking changes. -->
 
-
 <!-- If this PR fixes or closes an issue, reference it here. -->
 <!-- Closes #000 -->

.github/dependabot.yml

@@ -0,0 +1,11 @@
+version: 2
+updates:
+  - package-ecosystem: github-actions
+    directory: /
+    schedule:
+      interval: weekly
+  - package-ecosystem: cargo
+    directory: /
+    schedule:
+      interval: weekly
+    versioning-strategy: lockfile-only

.github/workflows/bench.yml

@@ -2,25 +2,27 @@ name: Benchmark
 
 on:
   push:
-    branches:
-      - master
+    branches: [master]
+
+permissions:
+  contents: read
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
 
 jobs:
   check_benchmark:
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v4
 
       - name: Install Rust
-        uses: actions-rs/toolchain@v1
-        with:
-          toolchain: nightly
-          profile: minimal
-          override: true
+        run: |
+          rustup set profile minimal
+          rustup install nightly
+          rustup override set nightly
 
       - name: Check benchmark
-        uses: actions-rs/cargo@v1
-        with:
-          command: bench
-          args: --bench=server -- --sample-size=15
+        run: cargo bench --bench=server -- --sample-size=15

.github/workflows/ci-master.yml

@@ -1,153 +0,0 @@
-name: CI (master only)
-
-on:
-  push:
-    branches: [master]
-
-jobs:
-  build_and_test_nightly:
-    strategy:
-      fail-fast: false
-      matrix:
-        target:
-          - { name: Linux, os: ubuntu-latest, triple: x86_64-unknown-linux-gnu }
-          - { name: macOS, os: macos-latest, triple: x86_64-apple-darwin }
-          - { name: Windows, os: windows-2022, triple: x86_64-pc-windows-msvc }
-        version:
-          - nightly
-
-    name: ${{ matrix.target.name }} / ${{ matrix.version }}
-    runs-on: ${{ matrix.target.os }}
-
-    env:
-      CI: 1
-      CARGO_INCREMENTAL: 0
-      VCPKGRS_DYNAMIC: 1
-
-    steps:
-      - uses: actions/checkout@v2
-
-      # install OpenSSL on Windows
-      # TODO: GitHub actions docs state that OpenSSL is
-      # already installed on these Windows machines somewhere
-      - name: Set vcpkg root
-        if: matrix.target.triple == 'x86_64-pc-windows-msvc'
-        run: echo "VCPKG_ROOT=$env:VCPKG_INSTALLATION_ROOT" | Out-File -FilePath $env:GITHUB_ENV -Append
-      - name: Install OpenSSL
-        if: matrix.target.triple == 'x86_64-pc-windows-msvc'
-        run: vcpkg install openssl:x64-windows
-
-      - name: Install ${{ matrix.version }}
-        uses: actions-rs/toolchain@v1
-        with:
-          toolchain: ${{ matrix.version }}-${{ matrix.target.triple }}
-          profile: minimal
-          override: true
-
-      - name: Generate Cargo.lock
-        uses: actions-rs/cargo@v1
-        with: { command: generate-lockfile }
-      - name: Cache Dependencies
-        uses: Swatinem/rust-cache@v1.2.0
-
-      - name: Install cargo-hack
-        uses: actions-rs/cargo@v1
-        with:
-          command: install
-          args: cargo-hack
-
-      - name: check minimal
-        uses: actions-rs/cargo@v1
-        with: { command: ci-check-min }
-
-      - name: check default
-        uses: actions-rs/cargo@v1
-        with: { command: ci-check-default }
-
-      - name: tests
-        timeout-minutes: 60
-        run: |
-          cargo test --lib --tests -p=actix-router --all-features
-          cargo test --lib --tests -p=actix-http --all-features
-          cargo test --lib --tests -p=actix-web --features=rustls,openssl -- --skip=test_reading_deflate_encoding_large_random_rustls
-          cargo test --lib --tests -p=actix-web-codegen --all-features
-          cargo test --lib --tests -p=awc --all-features
-          cargo test --lib --tests -p=actix-http-test --all-features
-          cargo test --lib --tests -p=actix-test --all-features
-          cargo test --lib --tests -p=actix-files
-          cargo test --lib --tests -p=actix-multipart --all-features
-          cargo test --lib --tests -p=actix-web-actors --all-features
-
-      - name: tests (io-uring)
-        if: matrix.target.os == 'ubuntu-latest'
-        timeout-minutes: 60
-        run: >
-          sudo bash -c "ulimit -Sl 512
-          && ulimit -Hl 512
-          && PATH=$PATH:/usr/share/rust/.cargo/bin
-          && RUSTUP_TOOLCHAIN=${{ matrix.version }} cargo test --lib --tests -p=actix-files --all-features"
-
-      - name: Clear the cargo caches
-        run: |
-          cargo install cargo-cache --version 0.6.3 --no-default-features --features ci-autoclean
-          cargo-cache
-
-  ci_feature_powerset_check:
-    name: Verify Feature Combinations
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v2
-
-      - name: Install stable
-        uses: actions-rs/toolchain@v1
-        with:
-          toolchain: stable-x86_64-unknown-linux-gnu
-          profile: minimal
-          override: true
-
-      - name: Generate Cargo.lock
-        uses: actions-rs/cargo@v1
-        with: { command: generate-lockfile }
-      - name: Cache Dependencies
-        uses: Swatinem/rust-cache@v1.2.0
-
-      - name: Install cargo-hack
-        uses: actions-rs/cargo@v1
-        with:
-          command: install
-          args: cargo-hack
-
-      - name: check feature combinations
-        uses: actions-rs/cargo@v1
-        with: { command: ci-check-all-feature-powerset }
-      
-      - name: check feature combinations
-        uses: actions-rs/cargo@v1
-        with: { command: ci-check-all-feature-powerset-linux }
-
-  coverage:
-    name: coverage
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v2
-
-      - name: Install stable
-        uses: actions-rs/toolchain@v1
-        with:
-          toolchain: stable-x86_64-unknown-linux-gnu
-          profile: minimal
-          override: true
-
-      - name: Generate Cargo.lock
-        uses: actions-rs/cargo@v1
-        with: { command: generate-lockfile }
-      - name: Cache Dependencies
-        uses: Swatinem/rust-cache@v1.2.0
-
-      - name: Generate coverage file
-        run: |
-          cargo install cargo-tarpaulin --vers "^0.13"
-          cargo tarpaulin --workspace --features=rustls,openssl --out Xml --verbose
-      - name: Upload to Codecov
-        uses: codecov/codecov-action@v1
-        with: { file: cobertura.xml }

.github/workflows/ci-post-merge.yml

@@ -0,0 +1,91 @@
+name: CI (post-merge)
+
+on:
+  push:
+    branches: [master]
+
+permissions:
+  contents: read
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
+jobs:
+  build_and_test_nightly:
+    strategy:
+      fail-fast: false
+      matrix:
+        # prettier-ignore
+        target:
+          - { name: Linux, os: ubuntu-latest, triple: x86_64-unknown-linux-gnu }
+          - { name: macOS, os: macos-latest, triple: x86_64-apple-darwin }
+          - { name: Windows, os: windows-latest, triple: x86_64-pc-windows-msvc }
+        version:
+          - { name: nightly, version: nightly }
+
+    name: ${{ matrix.target.name }} / ${{ matrix.version.name }}
+    runs-on: ${{ matrix.target.os }}
+
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Install nasm
+        if: matrix.target.os == 'windows-latest'
+        uses: ilammy/setup-nasm@v1.5.2
+
+      - name: Install OpenSSL
+        if: matrix.target.os == 'windows-latest'
+        shell: bash
+        run: |
+          set -e
+          choco install openssl --version=1.1.1.2100 -y --no-progress
+          echo 'OPENSSL_DIR=C:\Program Files\OpenSSL' >> $GITHUB_ENV
+          echo "RUSTFLAGS=-C target-feature=+crt-static" >> $GITHUB_ENV
+
+      - name: Install Rust (${{ matrix.version.name }})
+        uses: actions-rust-lang/setup-rust-toolchain@v1.12.0
+        with:
+          toolchain: ${{ matrix.version.version }}
+
+      - name: Install just, cargo-hack, cargo-nextest, cargo-ci-cache-clean
+        uses: taiki-e/install-action@v2.50.10
+        with:
+          tool: just,cargo-hack,cargo-nextest,cargo-ci-cache-clean
+
+      - name: check minimal
+        run: just check-min
+
+      - name: check default
+        run: just check-default
+
+      - name: tests
+        timeout-minutes: 60
+        run: just test
+
+      - name: CI cache clean
+        run: cargo-ci-cache-clean
+
+  ci_feature_powerset_check:
+    name: Verify Feature Combinations
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Free Disk Space
+        run: ./scripts/free-disk-space.sh
+
+      - name: Setup mold linker
+        uses: rui314/setup-mold@v1
+
+      - name: Install Rust
+        uses: actions-rust-lang/setup-rust-toolchain@v1.12.0
+
+      - name: Install just, cargo-hack
+        uses: taiki-e/install-action@v2.50.10
+        with:
+          tool: just,cargo-hack
+
+      - name: Check feature combinations
+        run: just check-feature-combinations

.github/workflows/ci.yml

@@ -3,118 +3,119 @@ name: CI
 on:
   pull_request:
     types: [opened, synchronize, reopened]
+  merge_group:
+    types: [checks_requested]
   push:
     branches: [master]
 
+permissions:
+  contents: read
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
 jobs:
+  read_msrv:
+    name: Read MSRV
+    uses: actions-rust-lang/msrv/.github/workflows/msrv.yml@v0.1.0
+
   build_and_test:
+    needs: read_msrv
+
     strategy:
       fail-fast: false
       matrix:
+        # prettier-ignore
         target:
           - { name: Linux, os: ubuntu-latest, triple: x86_64-unknown-linux-gnu }
           - { name: macOS, os: macos-latest, triple: x86_64-apple-darwin }
-          - { name: Windows, os: windows-2022, triple: x86_64-pc-windows-msvc }
+          - { name: Windows, os: windows-latest, triple: x86_64-pc-windows-msvc }
         version:
-          - 1.54.0 # MSRV
-          - stable
+          - { name: msrv, version: "${{ needs.read_msrv.outputs.msrv }}" }
+          - { name: stable, version: stable }
 
-    name: ${{ matrix.target.name }} / ${{ matrix.version }}
+    name: ${{ matrix.target.name }} / ${{ matrix.version.name }}
     runs-on: ${{ matrix.target.os }}
 
-    env:
-      CI: 1
-      CARGO_INCREMENTAL: 0
-      VCPKGRS_DYNAMIC: 1
-
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v4
+
+      - name: Install nasm
+        if: matrix.target.os == 'windows-latest'
+        uses: ilammy/setup-nasm@v1.5.2
 
-      # install OpenSSL on Windows
-      # TODO: GitHub actions docs state that OpenSSL is
-      # already installed on these Windows machines somewhere
-      - name: Set vcpkg root
-        if: matrix.target.triple == 'x86_64-pc-windows-msvc'
-        run: echo "VCPKG_ROOT=$env:VCPKG_INSTALLATION_ROOT" | Out-File -FilePath $env:GITHUB_ENV -Append
       - name: Install OpenSSL
-        if: matrix.target.triple == 'x86_64-pc-windows-msvc'
-        run: vcpkg install openssl:x64-windows
+        if: matrix.target.os == 'windows-latest'
+        shell: bash
+        run: |
+          set -e
+          choco install openssl --version=1.1.1.2100 -y --no-progress
+          echo 'OPENSSL_DIR=C:\Program Files\OpenSSL' >> $GITHUB_ENV
+          echo "RUSTFLAGS=-C target-feature=+crt-static" >> $GITHUB_ENV
 
-      - name: Install ${{ matrix.version }}
-        uses: actions-rs/toolchain@v1
+      - name: Setup mold linker
+        if: matrix.target.os == 'ubuntu-latest'
+        uses: rui314/setup-mold@v1
+
+      - name: Install Rust (${{ matrix.version.name }})
+        uses: actions-rust-lang/setup-rust-toolchain@v1.12.0
         with:
-          toolchain: ${{ matrix.version }}-${{ matrix.target.triple }}
-          profile: minimal
-          override: true
+          toolchain: ${{ matrix.version.version }}
 
-      - name: Generate Cargo.lock
-        uses: actions-rs/cargo@v1
-        with: { command: generate-lockfile }
-      - name: Cache Dependencies
-        uses: Swatinem/rust-cache@v1.2.0
-
-      - name: Install cargo-hack
-        uses: actions-rs/cargo@v1
+      - name: Install just, cargo-hack, cargo-nextest, cargo-ci-cache-clean
+        uses: taiki-e/install-action@v2.50.10
         with:
-          command: install
-          args: cargo-hack
+          tool: just,cargo-hack,cargo-nextest,cargo-ci-cache-clean
+
+      - name: workaround MSRV issues
+        if: matrix.version.name == 'msrv'
+        run: just downgrade-for-msrv
 
       - name: check minimal
-        uses: actions-rs/cargo@v1
-        with: { command: ci-check-min }
+        run: just check-min
 
       - name: check default
-        uses: actions-rs/cargo@v1
-        with: { command: ci-check-default }
+        run: just check-default
 
       - name: tests
         timeout-minutes: 60
-        run: |
-          cargo test --lib --tests -p=actix-router --all-features
-          cargo test --lib --tests -p=actix-http --all-features
-          cargo test --lib --tests -p=actix-web --features=rustls,openssl -- --skip=test_reading_deflate_encoding_large_random_rustls
-          cargo test --lib --tests -p=actix-web-codegen --all-features
-          cargo test --lib --tests -p=awc --all-features
-          cargo test --lib --tests -p=actix-http-test --all-features
-          cargo test --lib --tests -p=actix-test --all-features
-          cargo test --lib --tests -p=actix-files
-          cargo test --lib --tests -p=actix-multipart --all-features
-          cargo test --lib --tests -p=actix-web-actors --all-features
+        run: just test
+
+      - name: CI cache clean
+        run: cargo-ci-cache-clean
+
+  io-uring:
+    name: io-uring tests
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Install Rust
+        uses: actions-rust-lang/setup-rust-toolchain@v1.12.0
+        with:
+          toolchain: nightly
 
       - name: tests (io-uring)
-        if: matrix.target.os == 'ubuntu-latest'
         timeout-minutes: 60
         run: >
-          sudo bash -c "ulimit -Sl 512
-          && ulimit -Hl 512
-          && PATH=$PATH:/usr/share/rust/.cargo/bin
-          && RUSTUP_TOOLCHAIN=${{ matrix.version }} cargo test --lib --tests -p=actix-files --all-features"
-
-      - name: Clear the cargo caches
-        run: |
-          cargo install cargo-cache --version 0.6.3 --no-default-features --features ci-autoclean
-          cargo-cache
+          sudo bash -c "ulimit -Sl 512 && ulimit -Hl 512 && PATH=$PATH:/usr/share/rust/.cargo/bin && RUSTUP_TOOLCHAIN=stable cargo test --lib --tests -p=actix-files --all-features"
 
   rustdoc:
     name: doc tests
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v4
 
       - name: Install Rust (nightly)
-        uses: actions-rs/toolchain@v1
+        uses: actions-rust-lang/setup-rust-toolchain@v1.12.0
         with:
-          toolchain: nightly-x86_64-unknown-linux-gnu
-          profile: minimal
-          override: true
+          toolchain: nightly
 
-      - name: Generate Cargo.lock
-        uses: actions-rs/cargo@v1
-        with: { command: generate-lockfile }
-      - name: Cache Dependencies
-        uses: Swatinem/rust-cache@v1.3.0
+      - name: Install just
+        uses: taiki-e/install-action@v2.50.10
+        with:
+          tool: just
 
       - name: doc tests
-        uses: actions-rs/cargo@v1
-        timeout-minutes: 60
-        with: { command: ci-doctest }
+        run: just test-docs

.github/workflows/clippy-fmt.yml

@@ -1,66 +0,0 @@
-name: Lint
-
-on:
-  pull_request:
-    types: [opened, synchronize, reopened]
-
-jobs:
-  fmt:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v2
-
-      - name: Install Rust
-        uses: actions-rs/toolchain@v1
-        with:
-          toolchain: stable
-          profile: minimal
-          components: rustfmt
-      - name: Check with rustfmt
-        uses: actions-rs/cargo@v1
-        with:
-          command: fmt
-          args: --all -- --check
-
-  clippy:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v2
-
-      - name: Install Rust
-        uses: actions-rs/toolchain@v1
-        with:
-          toolchain: stable
-          profile: minimal
-          components: clippy
-          override: true
-
-      - name: Generate Cargo.lock
-        uses: actions-rs/cargo@v1
-        with: { command: generate-lockfile }
-      - name: Cache Dependencies
-        uses: Swatinem/rust-cache@v1.2.0
-
-      - name: Check with Clippy
-        uses: actions-rs/clippy-check@v1
-        with:
-          token: ${{ secrets.GITHUB_TOKEN }}
-          args: --workspace --tests --examples --all-features
-
-  lint-docs:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v2
-      - name: Install Rust
-        uses: actions-rs/toolchain@v1
-        with:
-          toolchain: stable
-          profile: minimal
-          components: rust-docs
-      - name: Check for broken intra-doc links
-        uses: actions-rs/cargo@v1
-        env:
-          RUSTDOCFLAGS: "-D warnings"
-        with:
-          command: doc
-          args: --no-deps --all-features --workspace

.github/workflows/coverage.yml

@@ -0,0 +1,40 @@
+name: Coverage
+
+on:
+  push:
+    branches: [master]
+
+permissions:
+  contents: read
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
+jobs:
+  coverage:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Install Rust (nightly)
+        uses: actions-rust-lang/setup-rust-toolchain@v1.12.0
+        with:
+          toolchain: nightly
+          components: llvm-tools
+
+      - name: Install just, cargo-llvm-cov, cargo-nextest
+        uses: taiki-e/install-action@v2.50.10
+        with:
+          tool: just,cargo-llvm-cov,cargo-nextest
+
+      - name: Generate code coverage
+        run: just test-coverage-codecov
+
+      - name: Upload coverage to Codecov
+        uses: codecov/codecov-action@v5.4.2
+        with:
+          files: codecov.json
+          fail_ci_if_error: true
+        env:
+          CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}

.github/workflows/lint.yml

@@ -0,0 +1,90 @@
+name: Lint
+
+on:
+  pull_request:
+    types: [opened, synchronize, reopened]
+
+permissions:
+  contents: read
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
+jobs:
+  fmt:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Install Rust (nightly)
+        uses: actions-rust-lang/setup-rust-toolchain@v1.12.0
+        with:
+          toolchain: nightly
+          components: rustfmt
+
+      - name: Check with Rustfmt
+        run: cargo fmt --all -- --check
+
+  clippy:
+    permissions:
+      contents: read
+      checks: write # to add clippy checks to PR diffs
+
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Install Rust
+        uses: actions-rust-lang/setup-rust-toolchain@v1.12.0
+        with:
+          components: clippy
+
+      - name: Check with Clippy
+        uses: giraffate/clippy-action@v1.0.1
+        with:
+          reporter: github-pr-check
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+          clippy_flags: >-
+            --workspace --all-features --tests --examples --bins --
+            -A unknown_lints -D clippy::todo -D clippy::dbg_macro
+
+  lint-docs:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Install Rust (nightly)
+        uses: actions-rust-lang/setup-rust-toolchain@v1.12.0
+        with:
+          toolchain: nightly
+          components: rust-docs
+
+      - name: Check for broken intra-doc links
+        env:
+          RUSTDOCFLAGS: -D warnings
+        run: cargo +nightly doc --no-deps --workspace --all-features
+
+  check-external-types:
+    if: false # rustdoc mismatch currently
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Install Rust (${{ vars.RUST_VERSION_EXTERNAL_TYPES }})
+        uses: actions-rust-lang/setup-rust-toolchain@v1.12.0
+        with:
+          toolchain: ${{ vars.RUST_VERSION_EXTERNAL_TYPES }}
+
+      - name: Install just
+        uses: taiki-e/install-action@v2.50.10
+        with:
+          tool: just
+
+      - name: Install cargo-check-external-types
+        uses: taiki-e/cache-cargo-install-action@v2.1.1
+        with:
+          tool: cargo-check-external-types
+
+      - name: check external types
+        run: just check-external-types-all +${{ vars.RUST_VERSION_EXTERNAL_TYPES }}

.github/workflows/upload-doc.yml

@@ -1,35 +0,0 @@
-name: Upload Documentation
-
-on:
-  push:
-    branches: [master]
-
-jobs:
-  build:
-    runs-on: ubuntu-latest
-
-    steps:
-      - uses: actions/checkout@v2
-
-      - name: Install Rust
-        uses: actions-rs/toolchain@v1
-        with:
-          toolchain: nightly-x86_64-unknown-linux-gnu
-          profile: minimal
-          override: true
-
-      - name: Build Docs
-        uses: actions-rs/cargo@v1
-        with:
-          command: doc
-          args: --workspace --all-features --no-deps
-
-      - name: Tweak HTML
-        run: echo '<meta http-equiv="refresh" content="0;url=actix_web/index.html">' > target/doc/index.html
-
-      - name: Deploy to GitHub Pages
-        uses: JamesIves/github-pages-deploy-action@3.7.1
-        with:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          BRANCH: gh-pages
-          FOLDER: target/doc

.gitignore

@@ -1,4 +1,3 @@
-Cargo.lock
 target/
 guide/build/
 /gh-pages
@@ -19,3 +18,7 @@ guide/build/
 
 # Configuration directory generated by VSCode
 .vscode
+
+# code coverage
+/lcov.info
+/codecov.json

.prettierrc.yml

@@ -0,0 +1,5 @@
+overrides:
+  - files: "*.md"
+    options:
+      printWidth: 9999
+      proseWrap: never

.rustfmt.toml

@@ -0,0 +1,3 @@
+group_imports = "StdExternalCrate"
+imports_granularity = "Crate"
+use_field_init_shorthand = true

.taplo.toml

@@ -0,0 +1,38 @@
+exclude = ["target/*"]
+include = ["**/*.toml"]
+
+[formatting]
+column_width = 100
+align_comments = false
+
+[[rule]]
+include = ["**/Cargo.toml"]
+keys = ["features"]
+formatting.column_width = 105
+formatting.reorder_keys = false
+
+[[rule]]
+include = ["**/Cargo.toml"]
+keys = [
+  "dependencies",
+  "*-dependencies",
+  "workspace.dependencies",
+  "workspace.*-dependencies",
+  "target.*.dependencies",
+  "target.*.*-dependencies",
+]
+formatting.column_width = 120
+formatting.reorder_keys = true
+
+[[rule]]
+include = ["**/Cargo.toml"]
+keys = [
+  "dependencies.*",
+  "*-dependencies.*",
+  "workspace.dependencies.*",
+  "workspace.*-dependencies.*",
+  "target.*.dependencies",
+  "target.*.*-dependencies",
+]
+formatting.column_width = 120
+formatting.reorder_keys = false

Cargo.toml

@@ -1,130 +1,25 @@
-[package]
-name = "actix-web"
-version = "4.0.0-rc.1"
-authors = [
-    "Nikolay Kim <fafhrd91@gmail.com>",
-    "Rob Ede <robjtede@icloud.com>",
-]
-description = "Actix Web is a powerful, pragmatic, and extremely fast web framework for Rust"
-keywords = ["actix", "http", "web", "framework", "async"]
-categories = [
-    "network-programming",
-    "asynchronous",
-    "web-programming::http-server",
-    "web-programming::websocket"
-]
-homepage = "https://actix.rs"
-repository = "https://github.com/actix/actix-web.git"
-license = "MIT OR Apache-2.0"
-edition = "2018"
-
-[package.metadata.docs.rs]
-# features that docs.rs will build with
-features = ["openssl", "rustls", "compress-brotli", "compress-gzip", "compress-zstd", "cookies", "secure-cookies"]
-rustdoc-args = ["--cfg", "docsrs"]
-
-[lib]
-name = "actix_web"
-path = "src/lib.rs"
-
 [workspace]
 resolver = "2"
 members = [
-    ".",
-    "actix-files",
-    "actix-http-test",
-    "actix-http",
-    "actix-multipart",
-    "actix-router",
-    "actix-test",
-    "actix-web-actors",
-    "actix-web-codegen",
-    "awc",
+  "actix-files",
+  "actix-http-test",
+  "actix-http",
+  "actix-multipart",
+  "actix-multipart-derive",
+  "actix-router",
+  "actix-test",
+  "actix-web-actors",
+  "actix-web-codegen",
+  "actix-web",
+  "awc",
 ]
 
-[features]
-default = ["compress-brotli", "compress-gzip", "compress-zstd", "cookies"]
-
-# Brotli algorithm content-encoding support
-compress-brotli = ["actix-http/compress-brotli", "__compress"]
-# Gzip and deflate algorithms content-encoding support
-compress-gzip = ["actix-http/compress-gzip", "__compress"]
-# Zstd algorithm content-encoding support
-compress-zstd = ["actix-http/compress-zstd", "__compress"]
-
-# support for cookies
-cookies = ["cookie"]
-
-# secure cookies feature
-secure-cookies = ["cookie/secure"]
-
-# openssl
-openssl = ["actix-http/openssl", "actix-tls/accept", "actix-tls/openssl"]
-
-# rustls
-rustls = ["actix-http/rustls", "actix-tls/accept", "actix-tls/rustls"]
-
-# Internal (PRIVATE!) features used to aid testing and checking feature status.
-# Don't rely on these whatsoever. They may disappear at anytime.
-__compress = []
-
-# io-uring feature only avaiable for Linux OSes.
-experimental-io-uring = ["actix-server/io-uring"]
-
-[dependencies]
-actix-codec = "0.4.1"
-actix-macros = "0.2.3"
-actix-rt = "2.6"
-actix-server = "2"
-actix-service = "2.0.0"
-actix-utils = "3.0.0"
-actix-tls = { version = "3.0.0", default-features = false, optional = true }
-
-actix-http = { version = "3.0.0-rc.1", features = ["http2", "ws"] }
-actix-router = "0.5.0-rc.3"
-actix-web-codegen = "0.5.0-rc.2"
-
-ahash = "0.7"
-bytes = "1"
-cfg-if = "1"
-cookie = { version = "0.16", features = ["percent-encode"], optional = true }
-derive_more = "0.99.5"
-encoding_rs = "0.8"
-futures-core = { version = "0.3.7", default-features = false }
-futures-util = { version = "0.3.7", default-features = false }
-itoa = "1"
-language-tags = "0.3"
-once_cell = "1.5"
-log = "0.4"
-mime = "0.3"
-pin-project-lite = "0.2.7"
-regex = "1.4"
-serde = { version = "1.0", features = ["derive"] }
-serde_json = "1.0"
-serde_urlencoded = "0.7"
-smallvec = "1.6.1"
-socket2 = "0.4.0"
-time = { version = "0.3", default-features = false, features = ["formatting"] }
-url = "2.1"
-
-[dev-dependencies]
-actix-files = "0.6.0-beta.16"
-actix-test = { version = "0.1.0-beta.12", features = ["openssl", "rustls"] }
-awc = { version = "3.0.0-beta.20", features = ["openssl"] }
-
-brotli = "3.3.3"
-const-str = "0.3"
-criterion = { version = "0.3", features = ["html_reports"] }
-env_logger = "0.9"
-flate2 = "1.0.13"
-futures-util = { version = "0.3.7", default-features = false, features = ["std"] }
-rand = "0.8"
-rcgen = "0.8"
-rustls-pemfile = "0.2"
-static_assertions = "1"
-tls-openssl = { package = "openssl", version = "0.10.9" }
-tls-rustls = { package = "rustls", version = "0.20.0" }
-zstd = "0.9"
+[workspace.package]
+homepage = "https://actix.rs"
+repository = "https://github.com/actix/actix-web"
+license = "MIT OR Apache-2.0"
+edition = "2021"
+rust-version = "1.75"
 
 [profile.dev]
 # Disabling debug info speeds up builds a bunch and we don't rely on it for debugging that much.
@@ -140,9 +35,10 @@ actix-files = { path = "actix-files" }
 actix-http = { path = "actix-http" }
 actix-http-test = { path = "actix-http-test" }
 actix-multipart = { path = "actix-multipart" }
+actix-multipart-derive = { path = "actix-multipart-derive" }
 actix-router = { path = "actix-router" }
 actix-test = { path = "actix-test" }
-actix-web = { path = "." }
+actix-web = { path = "actix-web" }
 actix-web-actors = { path = "actix-web-actors" }
 actix-web-codegen = { path = "actix-web-codegen" }
 awc = { path = "awc" }
@@ -156,34 +52,10 @@ awc = { path = "awc" }
 # actix-tls = { path = "../actix-net/actix-tls" }
 # actix-server = { path = "../actix-net/actix-server" }
 
-[[test]]
-name = "test_server"
-required-features = ["compress-brotli", "compress-gzip", "compress-zstd", "cookies"]
+[workspace.lints.rust]
+rust_2018_idioms = { level = "deny" }
+future_incompatible = { level = "deny" }
+nonstandard_style = { level = "deny" }
 
-[[test]]
-name = "compression"
-required-features = ["compress-brotli", "compress-gzip", "compress-zstd"]
-
-[[example]]
-name = "basic"
-required-features = ["compress-gzip"]
-
-[[example]]
-name = "uds"
-required-features = ["compress-gzip"]
-
-[[example]]
-name = "on-connect"
-required-features = []
-
-[[bench]]
-name = "server"
-harness = false
-
-[[bench]]
-name = "service"
-harness = false
-
-[[bench]]
-name = "responder"
-harness = false
+[workspace.lints.clippy]
+# clone_on_ref_ptr = { level = "deny" }

MIGRATION.md

@@ -1,677 +0,0 @@
-## Unreleased
-
-- The default `NormalizePath` behavior now strips trailing slashes by default. This was
-  previously documented to be the case in v3 but the behavior now matches. The effect is that
-  routes defined with trailing slashes will become inaccessible when
-  using `NormalizePath::default()`. As such, calling `NormalizePath::default()` will log a warning.
-  It is advised that the `new` method be used instead.
-  
-  Before: `#[get("/test/")]`  
-  After:  `#[get("/test")]`  
-
-  Alternatively, explicitly require trailing slashes: `NormalizePath::new(TrailingSlash::Always)`.
-
-- The `type Config` of `FromRequest` was removed.
-
-- Feature flag `compress` has been split into its supported algorithm (brotli, gzip, zstd).
-  By default all compression algorithms are enabled.
-  To select algorithm you want to include with `middleware::Compress` use following flags:
-  - `compress-brotli`
-  - `compress-gzip`
-  - `compress-zstd`
-  If you have set in your `Cargo.toml` dedicated `actix-web` features and you still want
-  to have compression enabled. Please change features selection like bellow:
-
-  Before: `"compress"`
-  After: `"compress-brotli", "compress-gzip", "compress-zstd"`
-
-
-## 3.0.0
-
-- The return type for `ServiceRequest::app_data::<T>()` was changed from returning a `Data<T>` to
-  simply a `T`. To access a `Data<T>` use `ServiceRequest::app_data::<Data<T>>()`.
-
-- Cookie handling has been offloaded to the `cookie` crate:
-  * `USERINFO_ENCODE_SET` is no longer exposed. Percent-encoding is still supported; check docs.
-  * Some types now require lifetime parameters.
-
-- The time crate was updated to `v0.2`, a major breaking change to the time crate, which affects
-  any `actix-web` method previously expecting a time v0.1 input.
-
-- Setting a cookie's SameSite property, explicitly, to `SameSite::None` will now
-  result in `SameSite=None` being sent with the response Set-Cookie header.
-  To create a cookie without a SameSite attribute, remove any calls setting same_site.
-
-- actix-http support for Actors messages was moved to actix-http crate and is enabled 
-  with feature `actors`
-
-- content_length function is removed from actix-http.
-  You can set Content-Length by normally setting the response body or calling no_chunking function. 
-
-- `BodySize::Sized64` variant has been removed. `BodySize::Sized` now receives a
-  `u64` instead of a `usize`.
-
-- Code that was using `path.<index>` to access a `web::Path<(A, B, C)>`s elements now needs to use
-  destructuring or `.into_inner()`. For example:
-
-  ```rust
-  // Previously:
-  async fn some_route(path: web::Path<(String, String)>) -> String {
-    format!("Hello, {} {}", path.0, path.1)
-  }
-
-  // Now (this also worked before):
-  async fn some_route(path: web::Path<(String, String)>) -> String {
-    let (first_name, last_name) = path.into_inner();
-    format!("Hello, {} {}", first_name, last_name)
-  }
-  // Or (this wasn't previously supported):
-  async fn some_route(web::Path((first_name, last_name)): web::Path<(String, String)>) -> String {
-    format!("Hello, {} {}", first_name, last_name)
-  }
-  ```
-
-- `middleware::NormalizePath` can now also be configured to trim trailing slashes instead of always keeping one.
-  It will need `middleware::normalize::TrailingSlash` when being constructed with `NormalizePath::new(...)`,
-  or for an easier migration you can replace `wrap(middleware::NormalizePath)` with `wrap(middleware::NormalizePath::new(TrailingSlash::MergeOnly))`.
-
-- `HttpServer::maxconn` is renamed to the more expressive `HttpServer::max_connections`.
-
-- `HttpServer::maxconnrate` is renamed to the more expressive `HttpServer::max_connection_rate`.
-
-
-## 2.0.0
-
-- `HttpServer::start()` renamed to `HttpServer::run()`. It also possible to
-  `.await` on `run` method result, in that case it awaits server exit.
-
-- `App::register_data()` renamed to `App::app_data()` and accepts any type `T: 'static`.
-  Stored data is available via `HttpRequest::app_data()` method at runtime.
-
-- Extractor configuration must be registered with `App::app_data()` instead of `App::data()`
-
-- Sync handlers has been removed. `.to_async()` method has been renamed to `.to()`
-  replace `fn` with `async fn` to convert sync handler to async
-
-- `actix_http_test::TestServer` moved to `actix_web::test` module. To start
-  test server use `test::start()` or `test_start_with_config()` methods
-
-- `ResponseError` trait has been reafctored. `ResponseError::error_response()` renders
-  http response.
-
-- Feature `rust-tls` renamed to `rustls`
-
-  instead of
-
-    ```rust
-    actix-web = { version = "2.0.0", features = ["rust-tls"] }
-    ```
-
-  use
-
-    ```rust
-    actix-web = { version = "2.0.0", features = ["rustls"] }
-    ```
-
-- Feature `ssl` renamed to `openssl`
-
-  instead of
-
-    ```rust
-    actix-web = { version = "2.0.0", features = ["ssl"] }
-    ```
-
-  use
-
-    ```rust
-    actix-web = { version = "2.0.0", features = ["openssl"] }
-    ```
-- `Cors` builder now requires that you call `.finish()` to construct the middleware
-
-## 1.0.1
-
-- Cors middleware has been moved to `actix-cors` crate
-
-  instead of
-
-  ```rust
-  use actix_web::middleware::cors::Cors;
-  ```
-
-  use
-
-  ```rust
-  use actix_cors::Cors;
-  ```
-
-- Identity middleware has been moved to `actix-identity` crate
-
-  instead of
-
-  ```rust
-  use actix_web::middleware::identity::{Identity, CookieIdentityPolicy, IdentityService};
-  ```
-
-  use
-
-  ```rust
-  use actix_identity::{Identity, CookieIdentityPolicy, IdentityService};
-  ```
-
-
-## 1.0.0
-
-- Extractor configuration. In version 1.0 this is handled with the new `Data` mechanism for both setting and retrieving the configuration
-
-  instead of
-
-  ```rust
-
-  #[derive(Default)]
-  struct ExtractorConfig {
-     config: String,
-  }
-
-  impl FromRequest for YourExtractor {
-     type Config = ExtractorConfig;
-     type Result = Result<YourExtractor, Error>;
-
-     fn from_request(req: &HttpRequest, cfg: &Self::Config) -> Self::Result {
-         println!("use the config: {:?}", cfg.config);
-         ...
-     }
-  }
-
-  App::new().resource("/route_with_config", |r| {
-     r.post().with_config(handler_fn, |cfg| {
-         cfg.0.config = "test".to_string();
-     })
-  })
-
-  ```
-
-  use the HttpRequest to get the configuration like any other `Data` with `req.app_data::<C>()` and set it with the `data()` method on the `resource`
-
-  ```rust
-  #[derive(Default)]
-  struct ExtractorConfig {
-     config: String,
-  }
-
-  impl FromRequest for YourExtractor {
-     type Error = Error;
-     type Future = Result<Self, Self::Error>;
-     type Config = ExtractorConfig;
-
-     fn from_request(req: &HttpRequest, payload: &mut Payload) -> Self::Future {
-         let cfg = req.app_data::<ExtractorConfig>();
-         println!("config data?: {:?}", cfg.unwrap().role);
-         ...
-     }
-  }
-
-  App::new().service(
-     resource("/route_with_config")
-         .data(ExtractorConfig {
-             config: "test".to_string(),
-         })
-         .route(post().to(handler_fn)),
-  )
-  ```
-
-- Resource registration. 1.0 version uses generalized resource
-  registration via `.service()` method.
-
-  instead of
-
-  ```rust
-    App.new().resource("/welcome", |r| r.f(welcome))
-  ```
-
-  use App's or Scope's `.service()` method. `.service()` method accepts
-  object that implements `HttpServiceFactory` trait. By default
-  actix-web provides `Resource` and `Scope` services.
-
-  ```rust
-    App.new().service(
-        web::resource("/welcome")
-            .route(web::get().to(welcome))
-            .route(web::post().to(post_handler))
-  ```
-
-- Scope registration.
-
-  instead of
-
-  ```rust
-      let app = App::new().scope("/{project_id}", |scope| {
-            scope
-                .resource("/path1", |r| r.f(|_| HttpResponse::Ok()))
-                .resource("/path2", |r| r.f(|_| HttpResponse::Ok()))
-                .resource("/path3", |r| r.f(|_| HttpResponse::MethodNotAllowed()))
-      });
-  ```
-
-  use `.service()` for registration and `web::scope()` as scope object factory.
-
-  ```rust
-      let app = App::new().service(
-          web::scope("/{project_id}")
-              .service(web::resource("/path1").to(|| HttpResponse::Ok()))
-              .service(web::resource("/path2").to(|| HttpResponse::Ok()))
-              .service(web::resource("/path3").to(|| HttpResponse::MethodNotAllowed()))
-      );
-  ```
-
-- `.with()`, `.with_async()` registration methods have been renamed to `.to()` and `.to_async()`.
-
-  instead of
-
-  ```rust
-    App.new().resource("/welcome", |r| r.with(welcome))
-  ```
-
-  use `.to()` or `.to_async()` methods
-
-  ```rust
-    App.new().service(web::resource("/welcome").to(welcome))
-  ```
-
-- Passing arguments to handler with extractors, multiple arguments are allowed
-
-  instead of
-
-  ```rust
-  fn welcome((body, req): (Bytes, HttpRequest)) -> ... {
-    ...
-  }
-  ```
-
-  use multiple arguments
-
-  ```rust
-  fn welcome(body: Bytes, req: HttpRequest) -> ... {
-    ...
-  }
-  ```
-
-- `.f()`, `.a()` and `.h()` handler registration methods have been removed.
-  Use `.to()` for handlers and `.to_async()` for async handlers. Handler function
-  must use extractors.
-
-  instead of
-
-  ```rust
-    App.new().resource("/welcome", |r| r.f(welcome))
-  ```
-
-  use App's `to()` or `to_async()` methods
-
-  ```rust
-    App.new().service(web::resource("/welcome").to(welcome))
-  ```
-
-- `HttpRequest` does not provide access to request's payload stream.
-
-  instead of
-
-  ```rust
-  fn index(req: &HttpRequest) -> Box<Future<Item=HttpResponse, Error=Error>> {
-    req
-       .payload()
-       .from_err()
-       .fold((), |_, chunk| {
-            ...
-        })
-       .map(|_| HttpResponse::Ok().finish())
-       .responder()
-  }
-  ```
-
-  use `Payload` extractor
-
-  ```rust
-  fn index(stream: web::Payload) -> impl Future<Item=HttpResponse, Error=Error> {
-     stream
-       .from_err()
-       .fold((), |_, chunk| {
-            ...
-        })
-       .map(|_| HttpResponse::Ok().finish())
-  }
-  ```
-
-- `State` is now `Data`.  You register Data during the App initialization process
-  and then access it from handlers either using a Data extractor or using
-  HttpRequest's api.
-
-  instead of
-
-  ```rust
-    App.with_state(T)
-  ```
-
-  use App's `data` method
-
-  ```rust
-	App.new()
-       .data(T)
-  ```
-
-  and either use the Data extractor within your handler
-
-  ```rust
-    use actix_web::web::Data;
-
-	fn endpoint_handler(Data<T>)){
-      ...
-    }
-  ```
-
-  .. or access your Data element from the HttpRequest
-
-  ```rust
-	fn endpoint_handler(req: HttpRequest) {
-		let data: Option<Data<T>> = req.app_data::<T>();
-    }
-  ```
-
-
-- AsyncResponder is removed, use `.to_async()` registration method and `impl Future<>` as result type.
-
-  instead of
-
-  ```rust
-	use actix_web::AsyncResponder;
-
-    fn endpoint_handler(...) -> impl Future<Item=HttpResponse, Error=Error>{
-		...
-        .responder()
-	}
-  ```
-
-  .. simply omit AsyncResponder and the corresponding responder() finish method
-
-
-- Middleware
-
-  instead of
-
-  ```rust
-      let app = App::new()
-           .middleware(middleware::Logger::default())
-  ```
-
-  use `.wrap()` method
-
-  ```rust
-      let app = App::new()
-           .wrap(middleware::Logger::default())
-           .route("/index.html", web::get().to(index));
-  ```
-
-- `HttpRequest::body()`, `HttpRequest::urlencoded()`, `HttpRequest::json()`, `HttpRequest::multipart()`
-  method have been removed. Use `Bytes`, `String`, `Form`, `Json`, `Multipart` extractors instead.
-
-  instead of
-
-  ```rust
-  fn index(req: &HttpRequest) -> Responder {
-     req.body()
-       .and_then(|body| {
-          ...
-       })
-  }
-  ```
-
-  use
-
-  ```rust
-  fn index(body: Bytes) -> Responder {
-     ...
-  }
-  ```
-
-- `actix_web::server` module has been removed. To start http server use `actix_web::HttpServer` type
-
-- StaticFiles and NamedFile have been moved to a separate crate.
-
-  instead of `use actix_web::fs::StaticFile`
-
-  use `use actix_files::Files`
-
-  instead of `use actix_web::fs::Namedfile`
-
-  use `use actix_files::NamedFile`
-
-- Multipart has been moved to a separate crate.
-
-  instead of `use actix_web::multipart::Multipart`
-
-  use `use actix_multipart::Multipart`
-
-- Response compression is not enabled by default.
-  To enable, use `Compress` middleware, `App::new().wrap(Compress::default())`.
-
-- Session middleware moved to actix-session crate
-
-- Actors support have been moved to `actix-web-actors` crate
-
-- Custom Error
-
-  Instead of error_response method alone, ResponseError now provides two methods: error_response and render_response respectively. Where, error_response creates the error response and render_response returns the error response to the caller. 
-
-  Simplest migration from 0.7 to 1.0 shall include below method to the custom implementation of ResponseError:
-
-  ```rust
-  fn render_response(&self) -> HttpResponse {
-    self.error_response()
-  }
-  ```
-
-## 0.7.15
-
-- The `' '` character is not percent decoded anymore before matching routes. If you need to use it in
-  your routes, you should use `%20`.
-
-  instead of
-
-    ```rust
-    fn main() {
-         let app = App::new().resource("/my index", |r| {
-             r.method(http::Method::GET)
-                    .with(index);
-         });
-    }
-    ```
-
-  use
-
-    ```rust
-    fn main() {
-         let app = App::new().resource("/my%20index", |r| {
-             r.method(http::Method::GET)
-                    .with(index);
-         });
-    }
-    ```
-
-- If you used `AsyncResult::async` you need to replace it with `AsyncResult::future`
-
-
-## 0.7.4
-
-- `Route::with_config()`/`Route::with_async_config()` always passes configuration objects as tuple
-  even for handler with one parameter.
-
-
-## 0.7
-
-- `HttpRequest` does not implement `Stream` anymore. If you need to read request payload
-  use `HttpMessage::payload()` method.
-
-  instead of
-
-    ```rust
-    fn index(req: HttpRequest) -> impl Responder {
-         req
-            .from_err()
-            .fold(...)
-            ....
-    }
-    ```
-
-  use `.payload()`
-
-    ```rust
-    fn index(req: HttpRequest) -> impl Responder {
-         req
-            .payload()  // <- get request payload stream
-            .from_err()
-            .fold(...)
-            ....
-    }
-    ```
-
-- [Middleware](https://actix.rs/actix-web/actix_web/middleware/trait.Middleware.html)
-  trait uses `&HttpRequest` instead of `&mut HttpRequest`.
-
-- Removed `Route::with2()` and `Route::with3()` use tuple of extractors instead.
-
-    instead of
-
-    ```rust
-    fn index(query: Query<..>, info: Json<MyStruct) -> impl Responder {}
-    ```
-
-    use tuple of extractors and use `.with()` for registration:
-
-    ```rust
-    fn index((query, json): (Query<..>, Json<MyStruct)) -> impl Responder {}
-    ```
-
-- `Handler::handle()` uses `&self` instead of `&mut self`
-
-- `Handler::handle()` accepts reference to `HttpRequest<_>` instead of value
-
-- Removed deprecated `HttpServer::threads()`, use
-  [HttpServer::workers()](https://actix.rs/actix-web/actix_web/server/struct.HttpServer.html#method.workers) instead.
-
-- Renamed `client::ClientConnectorError::Connector` to
-  `client::ClientConnectorError::Resolver`
-
-- `Route::with()` does not return `ExtractorConfig`, to configure
-  extractor use `Route::with_config()`
-
-    instead of
-
-    ```rust
-    fn main() {
-         let app = App::new().resource("/index.html", |r| {
-             r.method(http::Method::GET)
-                    .with(index)
-                    .limit(4096);  // <- limit size of the payload
-         });
-    }
-    ```
-
-    use
-
-    ```rust
-
-    fn main() {
-         let app = App::new().resource("/index.html", |r| {
-             r.method(http::Method::GET)
-                    .with_config(index, |cfg| { // <- register handler
-                       cfg.limit(4096);  // <- limit size of the payload
-                     })
-         });
-    }
-    ```
-
-- `Route::with_async()` does not return `ExtractorConfig`, to configure
-  extractor use `Route::with_async_config()`
-
-
-## 0.6
-
-- `Path<T>` extractor return `ErrorNotFound` on failure instead of `ErrorBadRequest`
-
-- `ws::Message::Close` now includes optional close reason.
-  `ws::CloseCode::Status` and `ws::CloseCode::Empty` have been removed.
-
-- `HttpServer::threads()` renamed to `HttpServer::workers()`.
-
-- `HttpServer::start_ssl()` and `HttpServer::start_tls()` deprecated.
-  Use `HttpServer::bind_ssl()` and `HttpServer::bind_tls()` instead.
-
-- `HttpRequest::extensions()` returns read only reference to the request's Extension
-  `HttpRequest::extensions_mut()` returns mutable reference.
-
-- Instead of
-
-   `use actix_web::middleware::{
-        CookieSessionBackend, CookieSessionError, RequestSession,
-        Session, SessionBackend, SessionImpl, SessionStorage};`
-
-  use `actix_web::middleware::session`
-
-   `use actix_web::middleware::session{CookieSessionBackend, CookieSessionError,
-        RequestSession, Session, SessionBackend, SessionImpl, SessionStorage};`
-
-- `FromRequest::from_request()` accepts mutable reference to a request
-
-- `FromRequest::Result` has to implement `Into<Reply<Self>>`
-
-- [`Responder::respond_to()`](
-  https://actix.rs/actix-web/actix_web/trait.Responder.html#tymethod.respond_to)
-  is generic over `S`
-
--  Use `Query` extractor instead of HttpRequest::query()`.
-
-   ```rust
-   fn index(q: Query<HashMap<String, String>>) -> Result<..> {
-       ...
-   }
-   ```
-
-   or
-
-   ```rust
-   let q = Query::<HashMap<String, String>>::extract(req);
-   ```
-
-- Websocket operations are implemented as `WsWriter` trait.
-  you need to use `use actix_web::ws::WsWriter`
-
-
-## 0.5
-
-- `HttpResponseBuilder::body()`, `.finish()`, `.json()`
-   methods return `HttpResponse` instead of `Result<HttpResponse>`
-
-- `actix_web::Method`, `actix_web::StatusCode`, `actix_web::Version`
-   moved to `actix_web::http` module
-
-- `actix_web::header` moved to `actix_web::http::header`
-
-- `NormalizePath` moved to `actix_web::http` module
-
-- `HttpServer` moved to `actix_web::server`, added new `actix_web::server::new()` function,
-  shortcut for `actix_web::server::HttpServer::new()`
-
-- `DefaultHeaders` middleware does not use separate builder, all builder methods moved to type itself
-
-- `StaticFiles::new()`'s show_index parameter removed, use `show_files_listing()` method instead.
-
-- `CookieSessionBackendBuilder` removed, all methods moved to `CookieSessionBackend` type
-
-- `actix_web::httpcodes` module is deprecated, `HttpResponse::Ok()`, `HttpResponse::Found()` and other `HttpResponse::XXX()`
-   functions should be used instead
-
-- `ClientRequestBuilder::body()` returns `Result<_, actix_web::Error>`
-  instead of `Result<_, http::Error>`
-
-- `Application` renamed to a `App`
-
-- `actix_web::Reply`, `actix_web::Resource` moved to `actix_web::dev`

README.md

@@ -1,105 +0,0 @@
-<div align="center">
-  <h1>Actix Web</h1>
-  <p>
-    <strong>Actix Web is a powerful, pragmatic, and extremely fast web framework for Rust</strong>
-  </p>
-  <p>
-
-[![crates.io](https://img.shields.io/crates/v/actix-web?label=latest)](https://crates.io/crates/actix-web)
-[![Documentation](https://docs.rs/actix-web/badge.svg?version=4.0.0-rc.1)](https://docs.rs/actix-web/4.0.0-rc.1)
-![MSRV](https://img.shields.io/badge/rustc-1.54+-ab6000.svg)
-![MIT or Apache 2.0 licensed](https://img.shields.io/crates/l/actix-web.svg)
-[![Dependency Status](https://deps.rs/crate/actix-web/4.0.0-rc.1/status.svg)](https://deps.rs/crate/actix-web/4.0.0-rc.1)
-<br />
-[![CI](https://github.com/actix/actix-web/actions/workflows/ci.yml/badge.svg)](https://github.com/actix/actix-web/actions/workflows/ci.yml)
-[![codecov](https://codecov.io/gh/actix/actix-web/branch/master/graph/badge.svg)](https://codecov.io/gh/actix/actix-web)
-![downloads](https://img.shields.io/crates/d/actix-web.svg)
-[![Chat on Discord](https://img.shields.io/discord/771444961383153695?label=chat&logo=discord)](https://discord.gg/NWpN5mmg3x)
-
-  </p>
-</div>
-
-## Features
-
-- Supports _HTTP/1.x_ and _HTTP/2_
-- Streaming and pipelining
-- Powerful [request routing](https://actix.rs/docs/url-dispatch/) with optional macros
-- Full [Tokio](https://tokio.rs) compatibility
-- Keep-alive and slow requests handling
-- Client/server [WebSockets](https://actix.rs/docs/websockets/) support
-- Transparent content compression/decompression (br, gzip, deflate, zstd)
-- Multipart streams
-- Static assets
-- SSL support using OpenSSL or Rustls
-- Middlewares ([Logger, Session, CORS, etc](https://actix.rs/docs/middleware/))
-- Includes an async [HTTP client](https://docs.rs/awc/)
-- Runs on stable Rust 1.54+
-
-## Documentation
-
-- [Website & User Guide](https://actix.rs)
-- [Examples Repository](https://github.com/actix/examples)
-- [API Documentation](https://docs.rs/actix-web)
-- [API Documentation (master branch)](https://actix.rs/actix-web/actix_web)
-
-## Example
-
-Dependencies:
-
-```toml
-[dependencies]
-actix-web = "4.0.0-rc.1"
-```
-
-Code:
-
-```rust
-use actix_web::{get, web, App, HttpServer, Responder};
-
-#[get("/{id}/{name}/index.html")]
-async fn index(params: web::Path<(u32, String)>) -> impl Responder {
-    let (id, name) = params.into_inner();
-    format!("Hello {}! id:{}", name, id)
-}
-
-#[actix_web::main] // or #[tokio::main]
-async fn main() -> std::io::Result<()> {
-    HttpServer::new(|| App::new().service(index))
-        .bind(("127.0.0.1", 8080))?
-        .run()
-        .await
-}
-```
-
-### More examples
-
-- [Basic Setup](https://github.com/actix/examples/tree/master/basics/basics/)
-- [Application State](https://github.com/actix/examples/tree/master/basics/state/)
-- [JSON Handling](https://github.com/actix/examples/tree/master/json/json/)
-- [Multipart Streams](https://github.com/actix/examples/tree/master/forms/multipart/)
-- [Diesel Integration](https://github.com/actix/examples/tree/master/database_interactions/diesel/)
-- [r2d2 Integration](https://github.com/actix/examples/tree/master/database_interactions/r2d2/)
-- [Simple WebSocket](https://github.com/actix/examples/tree/master/websockets/websocket/)
-- [Tera Templates](https://github.com/actix/examples/tree/master/template_engines/tera/)
-- [Askama Templates](https://github.com/actix/examples/tree/master/template_engines/askama/)
-- [HTTPS using Rustls](https://github.com/actix/examples/tree/master/security/rustls/)
-- [HTTPS using OpenSSL](https://github.com/actix/examples/tree/master/security/openssl/)
-- [WebSocket Chat](https://github.com/actix/examples/tree/master/websockets/chat/)
-
-You may consider checking out [this directory](https://github.com/actix/examples/tree/master/) for more examples.
-
-## Benchmarks
-
-One of the fastest web frameworks available according to the [TechEmpower Framework Benchmark](https://www.techempower.com/benchmarks/#section=data-r20&test=composite).
-
-## License
-
-This project is licensed under either of the following licenses, at your option:
-
-- Apache License, Version 2.0, ([LICENSE-APACHE](LICENSE-APACHE) or [http://www.apache.org/licenses/LICENSE-2.0])
-- MIT license ([LICENSE-MIT](LICENSE-MIT) or [http://opensource.org/licenses/MIT])
-
-## Code of Conduct
-
-Contribution to the actix-web repo is organized under the terms of the Contributor Covenant.
-The Actix team promises to intervene to uphold that code of conduct.

README.md

@@ -0,0 +1 @@
+actix-web/README.md

actix-files/CHANGES.md

@@ -1,43 +1,88 @@
 # Changes
 
-## Unreleased - 2021-xx-xx
+## Unreleased
 
+- Minimum supported Rust version (MSRV) is now 1.75.
+
+## 0.6.6
+
+- Update `tokio-uring` dependency to `0.4`.
+- Minimum supported Rust version (MSRV) is now 1.72.
+
+## 0.6.5
+
+- Fix handling of special characters in filenames.
+
+## 0.6.4
+
+- Fix handling of newlines in filenames.
+- Minimum supported Rust version (MSRV) is now 1.68 due to transitive `time` dependency.
+
+## 0.6.3
+
+- XHTML files now use `Content-Disposition: inline` instead of `attachment`. [#2903]
+- Minimum supported Rust version (MSRV) is now 1.59 due to transitive `time` dependency.
+- Update `tokio-uring` dependency to `0.4`.
+
+[#2903]: https://github.com/actix/actix-web/pull/2903
+
+## 0.6.2
+
+- Allow partial range responses for video content to start streaming sooner. [#2817]
+- Minimum supported Rust version (MSRV) is now 1.57 due to transitive `time` dependency.
+
+[#2817]: https://github.com/actix/actix-web/pull/2817
+
+## 0.6.1
+
+- Add `NamedFile::{modified, metadata, content_type, content_disposition, encoding}()` getters. [#2021]
+- Update `tokio-uring` dependency to `0.3`.
+- Audio files now use `Content-Disposition: inline` instead of `attachment`. [#2645]
+- Minimum supported Rust version (MSRV) is now 1.56 due to transitive `hashbrown` dependency.
+
+[#2021]: https://github.com/actix/actix-web/pull/2021
+[#2645]: https://github.com/actix/actix-web/pull/2645
+
+## 0.6.0
+
+- No significant changes since `0.6.0-beta.16`.
+
+## 0.6.0-beta.16
 
-## 0.6.0-beta.16 - 2022-01-31
 - No significant changes since `0.6.0-beta.15`.
 
+## 0.6.0-beta.15
 
-## 0.6.0-beta.15 - 2022-01-21
 - No significant changes since `0.6.0-beta.14`.
 
+## 0.6.0-beta.14
 
-## 0.6.0-beta.14 - 2022-01-14
 - The `prefer_utf8` option introduced in `0.4.0` is now true by default. [#2583]
 
 [#2583]: https://github.com/actix/actix-web/pull/2583
 
+## 0.6.0-beta.13
 
-## 0.6.0-beta.13 - 2022-01-04
 - The `Files` service now rejects requests with URL paths that include `%2F` (decoded: `/`). [#2398]
 - The `Files` service now correctly decodes `%25` in the URL path to `%` for the file path. [#2398]
 - Minimum supported Rust version (MSRV) is now 1.54.
 
 [#2398]: https://github.com/actix/actix-web/pull/2398
 
+## 0.6.0-beta.12
 
-## 0.6.0-beta.12 - 2021-12-29
 - No significant changes since `0.6.0-beta.11`.
 
+## 0.6.0-beta.11
 
-## 0.6.0-beta.11 - 2021-12-27
 - No significant changes since `0.6.0-beta.10`.
 
+## 0.6.0-beta.10
 
-## 0.6.0-beta.10 - 2021-12-11
 - No significant changes since `0.6.0-beta.9`.
 
+## 0.6.0-beta.9
 
-## 0.6.0-beta.9 - 2021-11-22
 - Add crate feature `experimental-io-uring`, enabling async file I/O to be utilized. This feature is only available on Linux OSes with recent kernel versions. This feature is semver-exempt. [#2408]
 - Add `NamedFile::open_async`. [#2408]
 - Fix 304 Not Modified responses to omit the Content-Length header, as per the spec. [#2453]
@@ -48,24 +93,24 @@
 [#2408]: https://github.com/actix/actix-web/pull/2408
 [#2453]: https://github.com/actix/actix-web/pull/2453
 
+## 0.6.0-beta.8
 
-## 0.6.0-beta.8 - 2021-10-20
 - Minimum supported Rust version (MSRV) is now 1.52.
 
+## 0.6.0-beta.7
 
-## 0.6.0-beta.7 - 2021-09-09
 - Minimum supported Rust version (MSRV) is now 1.51.
 
+## 0.6.0-beta.6
 
-## 0.6.0-beta.6 - 2021-06-26
 - Added `Files::path_filter()`. [#2274]
 - `Files::show_files_listing()` can now be used with `Files::index_file()` to show files listing as a fallback when the index file is not found. [#2228]
 
 [#2274]: https://github.com/actix/actix-web/pull/2274
 [#2228]: https://github.com/actix/actix-web/pull/2228
 
+## 0.6.0-beta.5
 
-## 0.6.0-beta.5 - 2021-06-17
 - `NamedFile` now implements `ServiceFactory` and `HttpServiceFactory` making it much more useful in routing. For example, it can be used directly as a default service. [#2135]
 - For symbolic links, `Content-Disposition` header no longer shows the filename of the original file. [#2156]
 - `Files::redirect_to_slash_directory()` now works as expected when used with `Files::show_files_listing()`. [#2225]
@@ -76,58 +121,58 @@
 [#2225]: https://github.com/actix/actix-web/pull/2225
 [#2257]: https://github.com/actix/actix-web/pull/2257
 
+## 0.6.0-beta.4
 
-## 0.6.0-beta.4 - 2021-04-02
 - Add support for `.guard` in `Files` to selectively filter `Files` services. [#2046]
 
 [#2046]: https://github.com/actix/actix-web/pull/2046
 
+## 0.6.0-beta.3
 
-## 0.6.0-beta.3 - 2021-03-09
 - No notable changes.
 
+## 0.6.0-beta.2
 
-## 0.6.0-beta.2 - 2021-02-10
 - Fix If-Modified-Since and If-Unmodified-Since to not compare using sub-second timestamps. [#1887]
 - Replace `v_htmlescape` with `askama_escape`. [#1953]
 
 [#1887]: https://github.com/actix/actix-web/pull/1887
 [#1953]: https://github.com/actix/actix-web/pull/1953
 
+## 0.6.0-beta.1
 
-## 0.6.0-beta.1 - 2021-01-07
 - `HttpRange::parse` now has its own error type.
 - Update `bytes` to `1.0`. [#1813]
 
 [#1813]: https://github.com/actix/actix-web/pull/1813
 
+## 0.5.0
 
-## 0.5.0 - 2020-12-26
 - Optionally support hidden files/directories. [#1811]
 
 [#1811]: https://github.com/actix/actix-web/pull/1811
 
+## 0.4.1
 
-## 0.4.1 - 2020-11-24
 - Clarify order of parameters in `Files::new` and improve docs.
 
+## 0.4.0
 
-## 0.4.0 - 2020-10-06
 - Add `Files::prefer_utf8` option that adds UTF-8 charset on certain response types. [#1714]
 
 [#1714]: https://github.com/actix/actix-web/pull/1714
 
+## 0.3.0
 
-## 0.3.0 - 2020-09-11
 - No significant changes from 0.3.0-beta.1.
 
+## 0.3.0-beta.1
 
-## 0.3.0-beta.1 - 2020-07-15
 - Update `v_htmlescape` to 0.10
 - Update `actix-web` and `actix-http` dependencies to beta.1
 
+## 0.3.0-alpha.1
 
-## 0.3.0-alpha.1 - 2020-05-23
 - Update `actix-web` and `actix-http` dependencies to alpha
 - Fix some typos in the docs
 - Bump minimum supported Rust version to 1.40
@@ -135,73 +180,73 @@
 
 [#1384]: https://github.com/actix/actix-web/pull/1384
 
+## 0.2.1
 
-## 0.2.1 - 2019-12-22
 - Use the same format for file URLs regardless of platforms
 
+## 0.2.0
 
-## 0.2.0 - 2019-12-20
 - Fix BodyEncoding trait import #1220
 
+## 0.2.0-alpha.1
 
-## 0.2.0-alpha.1 - 2019-12-07
 - Migrate to `std::future`
 
+## 0.1.7
 
-## 0.1.7 - 2019-11-06
-- Add an additional `filename*` param in the `Content-Disposition` header of
-  `actix_files::NamedFile` to be more compatible. (#1151)
+- Add an additional `filename*` param in the `Content-Disposition` header of `actix_files::NamedFile` to be more compatible. (#1151)
+
+## 0.1.6
 
-## 0.1.6 - 2019-10-14
 - Add option to redirect to a slash-ended path `Files` #1132
 
+## 0.1.5
 
-## 0.1.5 - 2019-10-08
 - Bump up `mime_guess` crate version to 2.0.1
 - Bump up `percent-encoding` crate version to 2.1
 - Allow user defined request guards for `Files` #1113
 
+## 0.1.4
 
-## 0.1.4 - 2019-07-20
 - Allow to disable `Content-Disposition` header #686
 
+## 0.1.3
 
-## 0.1.3 - 2019-06-28
 - Do not set `Content-Length` header, let actix-http set it #930
 
+## 0.1.2
 
-## 0.1.2 - 2019-06-13
 - Content-Length is 0 for NamedFile HEAD request #914
 - Fix ring dependency from actix-web default features for #741
 
+## 0.1.1
 
-## 0.1.1 - 2019-06-01
 - Static files are incorrectly served as both chunked and with length #812
 
+## 0.1.0
 
-## 0.1.0 - 2019-05-25
 - NamedFile last-modified check always fails due to nano-seconds in file modified date #820
 
+## 0.1.0-beta.4
 
-## 0.1.0-beta.4 - 2019-05-12
 - Update actix-web to beta.4
 
+## 0.1.0-beta.1
 
-## 0.1.0-beta.1 - 2019-04-20
 - Update actix-web to beta.1
 
+## 0.1.0-alpha.6
 
-## 0.1.0-alpha.6 - 2019-04-14
 - Update actix-web to alpha6
 
+## 0.1.0-alpha.4
 
-## 0.1.0-alpha.4 - 2019-04-08
 - Update actix-web to alpha4
 
+## 0.1.0-alpha.2
 
-## 0.1.0-alpha.2 - 2019-04-02
 - Add default handler support
 
+## 0.1.0-alpha.1
 
-## 0.1.0-alpha.1 - 2019-03-28
 - Initial impl

actix-files/Cargo.toml

@@ -1,48 +1,50 @@
 [package]
 name = "actix-files"
-version = "0.6.0-beta.16"
-authors = [
-    "Nikolay Kim <fafhrd91@gmail.com>",
-    "fakeshadow <24548779@qq.com>",
-    "Rob Ede <robjtede@icloud.com>",
-]
+version = "0.6.6"
+authors = ["Nikolay Kim <fafhrd91@gmail.com>", "Rob Ede <robjtede@icloud.com>"]
 description = "Static file serving for Actix Web"
 keywords = ["actix", "http", "async", "futures"]
 homepage = "https://actix.rs"
 repository = "https://github.com/actix/actix-web"
 categories = ["asynchronous", "web-programming::http-server"]
 license = "MIT OR Apache-2.0"
-edition = "2018"
+edition = "2021"
 
-[lib]
-name = "actix_files"
-path = "src/lib.rs"
+[package.metadata.cargo_check_external_types]
+allowed_external_types = ["actix_http::*", "actix_service::*", "actix_web::*", "http::*", "mime::*"]
 
 [features]
 experimental-io-uring = ["actix-web/experimental-io-uring", "tokio-uring"]
 
 [dependencies]
-actix-http = "3.0.0-rc.1"
+actix-http = "3"
 actix-service = "2"
 actix-utils = "3"
-actix-web = { version = "4.0.0-rc.1", default-features = false }
+actix-web = { version = "4", default-features = false }
 
-askama_escape = "0.10"
-bitflags = "1"
+bitflags = "2"
 bytes = "1"
-derive_more = "0.99.5"
-futures-core = { version = "0.3.7", default-features = false, features = ["alloc"] }
+derive_more = { version = "2", features = ["display", "error", "from"] }
+futures-core = { version = "0.3.17", default-features = false, features = ["alloc"] }
 http-range = "0.1.4"
 log = "0.4"
-mime = "0.3"
+mime = "0.3.9"
 mime_guess = "2.0.1"
 percent-encoding = "2.1"
 pin-project-lite = "0.2.7"
+v_htmlescape = "0.15.5"
 
-tokio-uring = { version = "0.2", optional = true, features = ["bytes"] }
+# experimental-io-uring
+[target.'cfg(target_os = "linux")'.dependencies]
+tokio-uring = { version = "0.5", optional = true, features = ["bytes"] }
+actix-server = { version = "2.4", optional = true }                      # ensure matching tokio-uring versions
 
 [dev-dependencies]
-actix-rt = "2.2"
-actix-test = "0.1.0-beta.12"
-actix-web = "4.0.0-rc.1"
+actix-rt = "2.7"
+actix-test = "0.1"
+actix-web = "4"
+env_logger = "0.11"
 tempfile = "3.2"
+
+[lints]
+workspace = true

actix-files/README.md

@@ -1,18 +1,32 @@
-# actix-files
+# `actix-files`
 
-> Static file serving for Actix Web
+<!-- prettier-ignore-start -->
 
 [![crates.io](https://img.shields.io/crates/v/actix-files?label=latest)](https://crates.io/crates/actix-files)
-[![Documentation](https://docs.rs/actix-files/badge.svg?version=0.6.0-beta.16)](https://docs.rs/actix-files/0.6.0-beta.16)
-[![Version](https://img.shields.io/badge/rustc-1.54+-ab6000.svg)](https://blog.rust-lang.org/2021/05/06/Rust-1.54.0.html)
+[![Documentation](https://docs.rs/actix-files/badge.svg?version=0.6.6)](https://docs.rs/actix-files/0.6.6)
+![Version](https://img.shields.io/badge/rustc-1.72+-ab6000.svg)
 ![License](https://img.shields.io/crates/l/actix-files.svg)
 <br />
-[![dependency status](https://deps.rs/crate/actix-files/0.6.0-beta.16/status.svg)](https://deps.rs/crate/actix-files/0.6.0-beta.16)
+[![dependency status](https://deps.rs/crate/actix-files/0.6.6/status.svg)](https://deps.rs/crate/actix-files/0.6.6)
 [![Download](https://img.shields.io/crates/d/actix-files.svg)](https://crates.io/crates/actix-files)
 [![Chat on Discord](https://img.shields.io/discord/771444961383153695?label=chat&logo=discord)](https://discord.gg/NWpN5mmg3x)
 
-## Documentation & Resources
+<!-- prettier-ignore-end -->
 
-- [API Documentation](https://docs.rs/actix-files/)
-- [Example Project](https://github.com/actix/examples/tree/master/basics/static_index)
-- Minimum Supported Rust Version (MSRV): 1.54
+<!-- cargo-rdme start -->
+
+Static file serving for Actix Web.
+
+Provides a non-blocking service for serving static files from disk.
+
+## Examples
+
+```rust
+use actix_web::App;
+use actix_files::Files;
+
+let app = App::new()
+    .service(Files::new("/static", ".").prefer_utf8(true));
+```
+
+<!-- cargo-rdme end -->

actix-files/examples/guarded-listing.rs

@@ -0,0 +1,33 @@
+use actix_files::Files;
+use actix_web::{get, guard, middleware, App, HttpServer, Responder};
+
+const EXAMPLES_DIR: &str = concat![env!("CARGO_MANIFEST_DIR"), "/examples"];
+
+#[get("/")]
+async fn index() -> impl Responder {
+    "Hello world!"
+}
+
+#[actix_web::main]
+async fn main() -> std::io::Result<()> {
+    env_logger::init_from_env(env_logger::Env::new().default_filter_or("info"));
+
+    log::info!("starting HTTP server at http://localhost:8080");
+
+    HttpServer::new(|| {
+        App::new()
+            .service(index)
+            .service(
+                Files::new("/assets", EXAMPLES_DIR)
+                    .show_files_listing()
+                    .guard(guard::Header("show-listing", "?1")),
+            )
+            .service(Files::new("/assets", EXAMPLES_DIR))
+            .wrap(middleware::Compress::default())
+            .wrap(middleware::Logger::default())
+    })
+    .bind(("127.0.0.1", 8080))?
+    .workers(2)
+    .run()
+    .await
+}

actix-files/src/chunked.rs

@@ -7,11 +7,10 @@ use std::{
 };
 
 use actix_web::{error::Error, web::Bytes};
-use futures_core::{ready, Stream};
-use pin_project_lite::pin_project;
-
 #[cfg(feature = "experimental-io-uring")]
 use bytes::BytesMut;
+use futures_core::{ready, Stream};
+use pin_project_lite::pin_project;
 
 use super::named::File;
 
@@ -81,7 +80,7 @@ async fn chunked_read_file_callback(
 ) -> Result<(File, Bytes), Error> {
     use io::{Read as _, Seek as _};
 
-    let res = actix_web::rt::task::spawn_blocking(move || {
+    let res = actix_web::web::block(move || {
         let mut buf = Vec::with_capacity(max_bytes);
 
         file.seek(io::SeekFrom::Start(offset))?;
@@ -94,8 +93,7 @@ async fn chunked_read_file_callback(
             Ok((file, Bytes::from(buf)))
         }
     })
-    .await
-    .map_err(|_| actix_web::error::BlockingError)??;
+    .await??;
 
     Ok(res)
 }

actix-files/src/directory.rs

@@ -1,8 +1,13 @@
-use std::{fmt::Write, fs::DirEntry, io, path::Path, path::PathBuf};
+use std::{
+    fmt::Write,
+    fs::DirEntry,
+    io,
+    path::{Path, PathBuf},
+};
 
 use actix_web::{dev::ServiceResponse, HttpRequest, HttpResponse};
-use askama_escape::{escape as escape_html_entity, Html};
 use percent_encoding::{utf8_percent_encode, CONTROLS};
+use v_htmlescape::escape as escape_html_entity;
 
 /// A directory; responds with the generated directory listing.
 #[derive(Debug)]
@@ -59,7 +64,7 @@ macro_rules! encode_file_url {
 /// ```
 macro_rules! encode_file_name {
     ($entry:ident) => {
-        escape_html_entity(&$entry.file_name().to_string_lossy(), Html)
+        escape_html_entity(&$entry.file_name().to_string_lossy())
     };
 }
 
@@ -75,7 +80,7 @@ pub(crate) fn directory_listing(
         if dir.is_visible(&entry) {
             let entry = entry.unwrap();
             let p = match entry.path().strip_prefix(&dir.path) {
-                Ok(p) if cfg!(windows) => base.join(p).to_string_lossy().replace("\\", "/"),
+                Ok(p) if cfg!(windows) => base.join(p).to_string_lossy().replace('\\', "/"),
                 Ok(p) => base.join(p).to_string_lossy().into_owned(),
                 Err(_) => continue,
             };

actix-files/src/error.rs

@@ -2,48 +2,47 @@ use actix_web::{http::StatusCode, ResponseError};
 use derive_more::Display;
 
 /// Errors which can occur when serving static files.
-#[derive(Display, Debug, PartialEq)]
+#[derive(Debug, PartialEq, Eq, Display)]
 pub enum FilesError {
-    /// Path is not a directory
+    /// Path is not a directory.
     #[allow(dead_code)]
-    #[display(fmt = "Path is not a directory. Unable to serve static files")]
+    #[display("path is not a directory. Unable to serve static files")]
     IsNotDirectory,
 
-    /// Cannot render directory
-    #[display(fmt = "Unable to render directory without index file")]
+    /// Cannot render directory.
+    #[display("unable to render directory without index file")]
     IsDirectory,
 }
 
-/// Return `NotFound` for `FilesError`
 impl ResponseError for FilesError {
+    /// Returns `404 Not Found`.
     fn status_code(&self) -> StatusCode {
         StatusCode::NOT_FOUND
     }
 }
 
-#[allow(clippy::enum_variant_names)]
-#[derive(Display, Debug, PartialEq)]
+#[derive(Debug, PartialEq, Eq, Display)]
 #[non_exhaustive]
 pub enum UriSegmentError {
-    /// The segment started with the wrapped invalid character.
-    #[display(fmt = "The segment started with the wrapped invalid character")]
+    /// Segment started with the wrapped invalid character.
+    #[display("segment started with invalid character: ('{_0}')")]
     BadStart(char),
 
-    /// The segment contained the wrapped invalid character.
-    #[display(fmt = "The segment contained the wrapped invalid character")]
+    /// Segment contained the wrapped invalid character.
+    #[display("segment contained invalid character ('{_0}')")]
     BadChar(char),
 
-    /// The segment ended with the wrapped invalid character.
-    #[display(fmt = "The segment ended with the wrapped invalid character")]
+    /// Segment ended with the wrapped invalid character.
+    #[display("segment ended with invalid character: ('{_0}')")]
     BadEnd(char),
 
-    /// The path is not a valid UTF-8 string after doing percent decoding.
-    #[display(fmt = "The path is not a valid UTF-8 string after percent-decoding")]
+    /// Path is not a valid UTF-8 string after percent-decoding.
+    #[display("path is not a valid UTF-8 string after percent-decoding")]
     NotValidUtf8,
 }
 
-/// Return `BadRequest` for `UriSegmentError`
 impl ResponseError for UriSegmentError {
+    /// Returns `400 Bad Request`.
     fn status_code(&self) -> StatusCode {
         StatusCode::BAD_REQUEST
     }

actix-files/src/files.rs

@@ -8,8 +8,7 @@ use std::{
 use actix_service::{boxed, IntoServiceFactory, ServiceFactory, ServiceFactoryExt};
 use actix_web::{
     dev::{
-        AppService, HttpServiceFactory, RequestHead, ResourceDef, ServiceRequest,
-        ServiceResponse,
+        AppService, HttpServiceFactory, RequestHead, ResourceDef, ServiceRequest, ServiceResponse,
     },
     error::Error,
     guard::Guard,
@@ -142,7 +141,7 @@ impl Files {
         self
     }
 
-    /// Set custom directory renderer
+    /// Set custom directory renderer.
     pub fn files_listing_renderer<F>(mut self, f: F) -> Self
     where
         for<'r, 's> F:
@@ -152,7 +151,7 @@ impl Files {
         self
     }
 
-    /// Specifies mime override callback
+    /// Specifies MIME override callback.
     pub fn mime_override<F>(mut self, f: F) -> Self
     where
         F: Fn(&mime::Name<'_>) -> DispositionType + 'static,
@@ -236,7 +235,7 @@ impl Files {
     /// request starts being handled by the file service, it will not be able to back-out and try
     /// the next service, you will simply get a 404 (or 405) error response.
     ///
-    /// To allow `POST` requests to retrieve files, see [`Files::use_guards`].
+    /// To allow `POST` requests to retrieve files, see [`Files::method_guard()`].
     ///
     /// # Examples
     /// ```
@@ -301,12 +300,8 @@ impl Files {
     pub fn default_handler<F, U>(mut self, f: F) -> Self
     where
         F: IntoServiceFactory<U, ServiceRequest>,
-        U: ServiceFactory<
-                ServiceRequest,
-                Config = (),
-                Response = ServiceResponse,
-                Error = Error,
-            > + 'static,
+        U: ServiceFactory<ServiceRequest, Config = (), Response = ServiceResponse, Error = Error>
+            + 'static,
     {
         // create and configure default resource
         self.default = Rc::new(RefCell::new(Some(Rc::new(boxed::factory(
@@ -390,3 +385,46 @@ impl ServiceFactory<ServiceRequest> for Files {
         }
     }
 }
+
+#[cfg(test)]
+mod tests {
+    use actix_web::{
+        http::StatusCode,
+        test::{self, TestRequest},
+        App, HttpResponse,
+    };
+
+    use super::*;
+
+    #[actix_web::test]
+    async fn custom_files_listing_renderer() {
+        let srv = test::init_service(
+            App::new().service(
+                Files::new("/", "./tests")
+                    .show_files_listing()
+                    .files_listing_renderer(|dir, req| {
+                        Ok(ServiceResponse::new(
+                            req.clone(),
+                            HttpResponse::Ok().body(dir.path.to_str().unwrap().to_owned()),
+                        ))
+                    }),
+            ),
+        )
+        .await;
+
+        let req = TestRequest::with_uri("/").to_request();
+        let res = test::call_service(&srv, req).await;
+
+        assert_eq!(res.status(), StatusCode::OK);
+        let body = test::read_body(res).await;
+        let body_str = std::str::from_utf8(&body).unwrap();
+        let actual_path = Path::new(&body_str);
+        let expected_path = Path::new("actix-files/tests");
+        assert!(
+            actual_path.ends_with(expected_path),
+            "body {:?} does not end with {:?}",
+            actual_path,
+            expected_path
+        );
+    }
+}

actix-files/src/lib.rs

@@ -11,8 +11,12 @@
 //!     .service(Files::new("/static", ".").prefer_utf8(true));
 //! ```
 
-#![deny(rust_2018_idioms, nonstandard_style)]
-#![warn(future_incompatible, missing_docs, missing_debug_implementations)]
+#![warn(missing_docs, missing_debug_implementations)]
+#![doc(html_logo_url = "https://actix.rs/img/logo.png")]
+#![doc(html_favicon_url = "https://actix.rs/favicon.ico")]
+#![cfg_attr(docsrs, feature(doc_auto_cfg))]
+
+use std::path::Path;
 
 use actix_service::boxed::{BoxService, BoxServiceFactory};
 use actix_web::{
@@ -21,7 +25,6 @@ use actix_web::{
     http::header::DispositionType,
 };
 use mime_guess::from_ext;
-use std::path::Path;
 
 mod chunked;
 mod directory;
@@ -33,16 +36,15 @@ mod path_buf;
 mod range;
 mod service;
 
-pub use self::chunked::ChunkedReadFile;
-pub use self::directory::Directory;
-pub use self::files::Files;
-pub use self::named::NamedFile;
-pub use self::range::HttpRange;
-pub use self::service::FilesService;
-
-use self::directory::{directory_listing, DirectoryRenderer};
-use self::error::FilesError;
-use self::path_buf::PathBufWrap;
+pub use self::{
+    chunked::ChunkedReadFile, directory::Directory, files::Files, named::NamedFile,
+    range::HttpRange, service::FilesService,
+};
+use self::{
+    directory::{directory_listing, DirectoryRenderer},
+    error::FilesError,
+    path_buf::PathBufWrap,
+};
 
 type HttpService = BoxService<ServiceRequest, ServiceResponse, Error>;
 type HttpNewService = BoxServiceFactory<(), ServiceRequest, ServiceResponse, Error, ()>;
@@ -62,6 +64,7 @@ type PathFilter = dyn Fn(&Path, &RequestHead) -> bool;
 #[cfg(test)]
 mod tests {
     use std::{
+        fmt::Write as _,
         fs::{self},
         ops::Add,
         time::{Duration, SystemTime},
@@ -71,7 +74,7 @@ mod tests {
         dev::ServiceFactory,
         guard,
         http::{
-            header::{self, ContentDisposition, DispositionParam, DispositionType},
+            header::{self, ContentDisposition, DispositionParam},
             Method, StatusCode,
         },
         middleware::Compress,
@@ -303,11 +306,11 @@ mod tests {
         let resp = file.respond_to(&req);
         assert_eq!(
             resp.headers().get(header::CONTENT_TYPE).unwrap(),
-            "application/javascript; charset=utf-8"
+            "text/javascript",
         );
         assert_eq!(
             resp.headers().get(header::CONTENT_DISPOSITION).unwrap(),
-            "inline; filename=\"test.js\""
+            "inline; filename=\"test.js\"",
         );
     }
 
@@ -364,20 +367,43 @@ mod tests {
         );
     }
 
+    #[allow(deprecated)]
     #[actix_rt::test]
-    async fn test_named_file_status_code_text() {
-        let mut file = NamedFile::open_async("Cargo.toml")
+    async fn status_code_customize_same_output() {
+        let file1 = NamedFile::open_async("Cargo.toml")
             .await
             .unwrap()
             .set_status_code(StatusCode::NOT_FOUND);
+
+        let file2 = NamedFile::open_async("Cargo.toml")
+            .await
+            .unwrap()
+            .customize()
+            .with_status(StatusCode::NOT_FOUND);
+
+        let req = TestRequest::default().to_http_request();
+        let res1 = file1.respond_to(&req);
+        let res2 = file2.respond_to(&req);
+
+        assert_eq!(res1.status(), StatusCode::NOT_FOUND);
+        assert_eq!(res2.status(), StatusCode::NOT_FOUND);
+    }
+
+    #[actix_rt::test]
+    async fn test_named_file_status_code_text() {
+        let mut file = NamedFile::open_async("Cargo.toml").await.unwrap();
+
         {
             file.file();
             let _f: &File = &file;
         }
+
         {
             let _f: &mut File = &mut file;
         }
 
+        let file = file.customize().with_status(StatusCode::NOT_FOUND);
+
         let req = TestRequest::default().to_http_request();
         let resp = file.respond_to(&req);
         assert_eq!(
@@ -527,10 +553,9 @@ mod tests {
 
     #[actix_rt::test]
     async fn test_static_files_with_spaces() {
-        let srv = test::init_service(
-            App::new().service(Files::new("/", ".").index_file("Cargo.toml")),
-        )
-        .await;
+        let srv =
+            test::init_service(App::new().service(Files::new("/", ".").index_file("Cargo.toml")))
+                .await;
         let request = TestRequest::get()
             .uri("/tests/test%20space.binary")
             .to_request();
@@ -542,6 +567,30 @@ mod tests {
         assert_eq!(bytes, data);
     }
 
+    #[cfg(not(target_os = "windows"))]
+    #[actix_rt::test]
+    async fn test_static_files_with_special_characters() {
+        // Create the file we want to test against ad-hoc. We can't check it in as otherwise
+        // Windows can't even checkout this repository.
+        let temp_dir = tempfile::tempdir().unwrap();
+        let file_with_newlines = temp_dir.path().join("test\n\x0B\x0C\rnewline.text");
+        fs::write(&file_with_newlines, "Look at my newlines").unwrap();
+
+        let srv = test::init_service(
+            App::new().service(Files::new("/", temp_dir.path()).index_file("Cargo.toml")),
+        )
+        .await;
+        let request = TestRequest::get()
+            .uri("/test%0A%0B%0C%0Dnewline.text")
+            .to_request();
+        let response = test::call_service(&srv, request).await;
+        assert_eq!(response.status(), StatusCode::OK);
+
+        let bytes = test::read_body(response).await;
+        let data = web::Bytes::from(fs::read(file_with_newlines).unwrap());
+        assert_eq!(bytes, data);
+    }
+
     #[actix_rt::test]
     async fn test_files_not_allowed() {
         let srv = test::init_service(App::new().service(Files::new("/", "."))).await;
@@ -640,8 +689,7 @@ mod tests {
     #[actix_rt::test]
     async fn test_static_files() {
         let srv =
-            test::init_service(App::new().service(Files::new("/", ".").show_files_listing()))
-                .await;
+            test::init_service(App::new().service(Files::new("/", ".").show_files_listing())).await;
         let req = TestRequest::with_uri("/missing").to_request();
 
         let resp = test::call_service(&srv, req).await;
@@ -654,8 +702,7 @@ mod tests {
         assert_eq!(resp.status(), StatusCode::NOT_FOUND);
 
         let srv =
-            test::init_service(App::new().service(Files::new("/", ".").show_files_listing()))
-                .await;
+            test::init_service(App::new().service(Files::new("/", ".").show_files_listing())).await;
         let req = TestRequest::with_uri("/tests").to_request();
         let resp = test::call_service(&srv, req).await;
         assert_eq!(
@@ -816,19 +863,21 @@ mod tests {
 
     #[actix_rt::test]
     async fn test_percent_encoding_2() {
-        let tmpdir = tempfile::tempdir().unwrap();
+        let temp_dir = tempfile::tempdir().unwrap();
         let filename = match cfg!(unix) {
-            true => "ض:?#[]{}<>()@!$&'`|*+,;= %20.test",
+            true => "ض:?#[]{}<>()@!$&'`|*+,;= %20\n.test",
             false => "ض#[]{}()@!$&'`+,;= %20.test",
         };
         let filename_encoded = filename
             .as_bytes()
             .iter()
-            .map(|c| format!("%{:02X}", c))
-            .collect::<String>();
-        std::fs::File::create(tmpdir.path().join(filename)).unwrap();
+            .fold(String::new(), |mut buf, c| {
+                write!(&mut buf, "%{:02X}", c).unwrap();
+                buf
+            });
+        std::fs::File::create(temp_dir.path().join(filename)).unwrap();
 
-        let srv = test::init_service(App::new().service(Files::new("", tmpdir.path()))).await;
+        let srv = test::init_service(App::new().service(Files::new("/", temp_dir.path()))).await;
 
         let req = TestRequest::get()
             .uri(&format!("/{}", filename_encoded))

actix-files/src/named.rs

@@ -8,13 +8,13 @@ use std::{
 use actix_web::{
     body::{self, BoxBody, SizedStream},
     dev::{
-        self, AppService, HttpServiceFactory, ResourceDef, Service, ServiceFactory,
-        ServiceRequest, ServiceResponse,
+        self, AppService, HttpServiceFactory, ResourceDef, Service, ServiceFactory, ServiceRequest,
+        ServiceResponse,
     },
     http::{
         header::{
-            self, Charset, ContentDisposition, ContentEncoding, DispositionParam,
-            DispositionType, ExtendedValue, HeaderValue,
+            self, Charset, ContentDisposition, ContentEncoding, DispositionParam, DispositionType,
+            ExtendedValue, HeaderValue,
         },
         StatusCode,
     },
@@ -23,11 +23,12 @@ use actix_web::{
 use bitflags::bitflags;
 use derive_more::{Deref, DerefMut};
 use futures_core::future::LocalBoxFuture;
-use mime_guess::from_path;
+use mime::Mime;
 
 use crate::{encoding::equiv_utf8_text, range::HttpRange};
 
 bitflags! {
+    #[derive(Debug, Clone, Copy)]
     pub(crate) struct Flags: u8 {
         const ETAG =                0b0000_0001;
         const LAST_MD =             0b0000_0010;
@@ -76,13 +77,14 @@ pub struct NamedFile {
     pub(crate) md: Metadata,
     pub(crate) flags: Flags,
     pub(crate) status_code: StatusCode,
-    pub(crate) content_type: mime::Mime,
-    pub(crate) content_disposition: header::ContentDisposition,
+    pub(crate) content_type: Mime,
+    pub(crate) content_disposition: ContentDisposition,
     pub(crate) encoding: Option<ContentEncoding>,
 }
 
 #[cfg(not(feature = "experimental-io-uring"))]
 pub(crate) use std::fs::File;
+
 #[cfg(feature = "experimental-io-uring")]
 pub(crate) use tokio_uring::fs::File;
 
@@ -96,18 +98,18 @@ impl NamedFile {
     ///
     /// # Examples
     /// ```ignore
+    /// use std::{
+    ///     io::{self, Write as _},
+    ///     env,
+    ///     fs::File
+    /// };
     /// use actix_files::NamedFile;
-    /// use std::io::{self, Write};
-    /// use std::env;
-    /// use std::fs::File;
     ///
-    /// fn main() -> io::Result<()> {
-    ///     let mut file = File::create("foo.txt")?;
-    ///     file.write_all(b"Hello, world!")?;
-    ///     let named_file = NamedFile::from_file(file, "bar.txt")?;
-    ///     # std::fs::remove_file("foo.txt");
-    ///     Ok(())
-    /// }
+    /// let mut file = File::create("foo.txt")?;
+    /// file.write_all(b"Hello, world!")?;
+    /// let named_file = NamedFile::from_file(file, "bar.txt")?;
+    /// # std::fs::remove_file("foo.txt");
+    /// Ok(())
     /// ```
     pub fn from_file<P: AsRef<Path>>(file: File, path: P) -> io::Result<NamedFile> {
         let path = path.as_ref().to_path_buf();
@@ -125,20 +127,25 @@ impl NamedFile {
                 }
             };
 
-            let ct = from_path(&path).first_or_octet_stream();
+            let ct = mime_guess::from_path(&path).first_or_octet_stream();
 
             let disposition = match ct.type_() {
-                mime::IMAGE | mime::TEXT | mime::VIDEO => DispositionType::Inline,
+                mime::IMAGE | mime::TEXT | mime::AUDIO | mime::VIDEO => DispositionType::Inline,
                 mime::APPLICATION => match ct.subtype() {
                     mime::JAVASCRIPT | mime::JSON => DispositionType::Inline,
-                    name if name == "wasm" => DispositionType::Inline,
+                    name if name == "wasm" || name == "xhtml" => DispositionType::Inline,
                     _ => DispositionType::Attachment,
                 },
                 _ => DispositionType::Attachment,
             };
 
-            let mut parameters =
-                vec![DispositionParam::Filename(String::from(filename.as_ref()))];
+            // replace special characters in filenames which could occur on some filesystems
+            let filename_s = filename
+                .replace('\n', "%0A") // \n line break
+                .replace('\x0B', "%0B") // \v vertical tab
+                .replace('\x0C', "%0C") // \f form feed
+                .replace('\r', "%0D"); // \r carriage return
+            let mut parameters = vec![DispositionParam::Filename(filename_s)];
 
             if !filename.is_ascii() {
                 parameters.push(DispositionParam::FilenameExt(ExtendedValue {
@@ -209,11 +216,10 @@ impl NamedFile {
         Self::from_file(file, path)
     }
 
-    #[allow(rustdoc::broken_intra_doc_links)]
     /// Attempts to open a file asynchronously in read-only mode.
     ///
-    /// When the `experimental-io-uring` crate feature is enabled, this will be async.
-    /// Otherwise, it will be just like [`open`][Self::open].
+    /// When the `experimental-io-uring` crate feature is enabled, this will be async. Otherwise, it
+    /// will behave just like `open`.
     ///
     /// # Examples
     /// ```
@@ -238,13 +244,13 @@ impl NamedFile {
         Self::from_file(file, path)
     }
 
-    /// Returns reference to the underlying `File` object.
+    /// Returns reference to the underlying file object.
     #[inline]
     pub fn file(&self) -> &File {
         &self.file
     }
 
-    /// Retrieve the path of this file.
+    /// Returns the filesystem path to this file.
     ///
     /// # Examples
     /// ```
@@ -262,16 +268,53 @@ impl NamedFile {
         self.path.as_path()
     }
 
-    /// Set response **Status Code**
+    /// Returns the time the file was last modified.
+    ///
+    /// Returns `None` only on unsupported platforms; see [`std::fs::Metadata::modified()`].
+    /// Therefore, it is usually safe to unwrap this.
+    #[inline]
+    pub fn modified(&self) -> Option<SystemTime> {
+        self.modified
+    }
+
+    /// Returns the filesystem metadata associated with this file.
+    #[inline]
+    pub fn metadata(&self) -> &Metadata {
+        &self.md
+    }
+
+    /// Returns the `Content-Type` header that will be used when serving this file.
+    #[inline]
+    pub fn content_type(&self) -> &Mime {
+        &self.content_type
+    }
+
+    /// Returns the `Content-Disposition` that will be used when serving this file.
+    #[inline]
+    pub fn content_disposition(&self) -> &ContentDisposition {
+        &self.content_disposition
+    }
+
+    /// Returns the `Content-Encoding` that will be used when serving this file.
+    ///
+    /// A return value of `None` indicates that the content is not already using a compressed
+    /// representation and may be subject to compression downstream.
+    #[inline]
+    pub fn content_encoding(&self) -> Option<ContentEncoding> {
+        self.encoding
+    }
+
+    /// Set response status code.
+    #[deprecated(since = "0.7.0", note = "Prefer `Responder::customize()`.")]
     pub fn set_status_code(mut self, status: StatusCode) -> Self {
         self.status_code = status;
         self
     }
 
-    /// Set the MIME Content-Type for serving this file. By default the Content-Type is inferred
-    /// from the filename extension.
+    /// Sets the `Content-Type` header that will be used when serving this file. By default the
+    /// `Content-Type` is inferred from the filename extension.
     #[inline]
-    pub fn set_content_type(mut self, mime_type: mime::Mime) -> Self {
+    pub fn set_content_type(mut self, mime_type: Mime) -> Self {
         self.content_type = mime_type;
         self
     }
@@ -284,15 +327,15 @@ impl NamedFile {
     /// filename is taken from the path provided in the `open` method after converting it to UTF-8
     /// (using `to_string_lossy`).
     #[inline]
-    pub fn set_content_disposition(mut self, cd: header::ContentDisposition) -> Self {
+    pub fn set_content_disposition(mut self, cd: ContentDisposition) -> Self {
         self.content_disposition = cd;
         self.flags.insert(Flags::CONTENT_DISPOSITION);
         self
     }
 
-    /// Disable `Content-Disposition` header.
+    /// Disables `Content-Disposition` header.
     ///
-    /// By default Content-Disposition` header is enabled.
+    /// By default, the `Content-Disposition` header is sent.
     #[inline]
     pub fn disable_content_disposition(mut self) -> Self {
         self.flags.remove(Flags::CONTENT_DISPOSITION);
@@ -491,11 +534,26 @@ impl NamedFile {
                     length = ranges[0].length;
                     offset = ranges[0].start;
 
-                    // don't allow compression middleware to modify partial content
-                    res.insert_header((
-                        header::CONTENT_ENCODING,
-                        HeaderValue::from_static("identity"),
-                    ));
+                    // When a Content-Encoding header is present in a 206 partial content response
+                    // for video content, it prevents browser video players from starting playback
+                    // before loading the whole video and also prevents seeking.
+                    //
+                    // See: https://github.com/actix/actix-web/issues/2815
+                    //
+                    // The assumption of this fix is that the video player knows to not send an
+                    // Accept-Encoding header for this request and that downstream middleware will
+                    // not attempt compression for requests without it.
+                    //
+                    // TODO: Solve question around what to do if self.encoding is set and partial
+                    // range is requested. Reject request? Ignoring self.encoding seems wrong, too.
+                    // In practice, it should not come up.
+                    if req.headers().contains_key(&header::ACCEPT_ENCODING) {
+                        // don't allow compression middleware to modify partial content
+                        res.insert_header((
+                            header::CONTENT_ENCODING,
+                            HeaderValue::from_static("identity"),
+                        ));
+                    }
 
                     res.insert_header((
                         header::CONTENT_RANGE,

actix-files/src/path_buf.rs

@@ -30,7 +30,7 @@ impl PathBufWrap {
         let mut segment_count = path.matches('/').count() + 1;
 
         // we can decode the whole path here (instead of per-segment decoding)
-        // because we will reject `%2F` in paths using `segement_count`.
+        // because we will reject `%2F` in paths using `segment_count`.
         let path = percent_encoding::percent_decode_str(path)
             .decode_utf8()
             .map_err(|_| UriSegmentError::NotValidUtf8)?;
@@ -97,8 +97,6 @@ impl FromRequest for PathBufWrap {
 
 #[cfg(test)]
 mod tests {
-    use std::iter::FromIterator;
-
     use super::*;
 
     #[test]

actix-files/src/range.rs

@@ -1,4 +1,36 @@
-use derive_more::{Display, Error};
+use std::fmt;
+
+use derive_more::Error;
+
+/// Copy of `http_range::HttpRangeParseError`.
+#[derive(Debug, Clone)]
+enum HttpRangeParseError {
+    InvalidRange,
+    NoOverlap,
+}
+
+impl From<http_range::HttpRangeParseError> for HttpRangeParseError {
+    fn from(err: http_range::HttpRangeParseError) -> Self {
+        match err {
+            http_range::HttpRangeParseError::InvalidRange => Self::InvalidRange,
+            http_range::HttpRangeParseError::NoOverlap => Self::NoOverlap,
+        }
+    }
+}
+
+#[derive(Debug, Clone, Error)]
+#[non_exhaustive]
+pub struct ParseRangeErr(#[error(not(source))] HttpRangeParseError);
+
+impl fmt::Display for ParseRangeErr {
+    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
+        f.write_str("invalid Range header: ")?;
+        f.write_str(match self.0 {
+            HttpRangeParseError::InvalidRange => "invalid syntax",
+            HttpRangeParseError::NoOverlap => "range starts after end of content",
+        })
+    }
+}
 
 /// HTTP Range header representation.
 #[derive(Debug, Clone, Copy)]
@@ -10,26 +42,22 @@ pub struct HttpRange {
     pub length: u64,
 }
 
-#[derive(Debug, Clone, Display, Error)]
-#[display(fmt = "Parse HTTP Range failed")]
-pub struct ParseRangeErr(#[error(not(source))] ());
-
 impl HttpRange {
     /// Parses Range HTTP header string as per RFC 2616.
     ///
     /// `header` is HTTP Range header (e.g. `bytes=bytes=0-9`).
     /// `size` is full size of response (file).
     pub fn parse(header: &str, size: u64) -> Result<Vec<HttpRange>, ParseRangeErr> {
-        match http_range::HttpRange::parse(header, size) {
-            Ok(ranges) => Ok(ranges
-                .iter()
-                .map(|range| HttpRange {
-                    start: range.start,
-                    length: range.length,
-                })
-                .collect()),
-            Err(_) => Err(ParseRangeErr(())),
-        }
+        let ranges =
+            http_range::HttpRange::parse(header, size).map_err(|err| ParseRangeErr(err.into()))?;
+
+        Ok(ranges
+            .iter()
+            .map(|range| HttpRange {
+                start: range.start,
+                length: range.length,
+            })
+            .collect())
     }
 }
 

actix-files/src/service.rs

@@ -23,7 +23,7 @@ impl Deref for FilesService {
     type Target = FilesServiceInner;
 
     fn deref(&self) -> &Self::Target {
-        &*self.0
+        &self.0
     }
 }
 
@@ -62,11 +62,7 @@ impl FilesService {
         }
     }
 
-    fn serve_named_file(
-        &self,
-        req: ServiceRequest,
-        mut named_file: NamedFile,
-    ) -> ServiceResponse {
+    fn serve_named_file(&self, req: ServiceRequest, mut named_file: NamedFile) -> ServiceResponse {
         if let Some(ref mime_override) = self.mime_override {
             let new_disposition = mime_override(&named_file.content_type.type_());
             named_file.content_disposition.disposition = new_disposition;
@@ -83,7 +79,7 @@ impl FilesService {
 
         let (req, _) = req.into_parts();
 
-        (self.renderer)(&dir, &req).unwrap_or_else(|e| ServiceResponse::from_err(e, req))
+        (self.renderer)(&dir, &req).unwrap_or_else(|err| ServiceResponse::from_err(err, req))
     }
 }
 
@@ -120,13 +116,11 @@ impl Service<ServiceRequest> for FilesService {
                 ));
             }
 
-            let path_on_disk = match PathBufWrap::parse_path(
-                req.match_info().unprocessed(),
-                this.hidden_files,
-            ) {
-                Ok(item) => item,
-                Err(err) => return Ok(req.error_response(err)),
-            };
+            let path_on_disk =
+                match PathBufWrap::parse_path(req.match_info().unprocessed(), this.hidden_files) {
+                    Ok(item) => item,
+                    Err(err) => return Ok(req.error_response(err)),
+                };
 
             if let Some(filter) = &this.path_filter {
                 if !filter(path_on_disk.as_ref(), req.head()) {
@@ -177,8 +171,7 @@ impl Service<ServiceRequest> for FilesService {
                 match NamedFile::open_async(&path).await {
                     Ok(mut named_file) => {
                         if let Some(ref mime_override) = this.mime_override {
-                            let new_disposition =
-                                mime_override(&named_file.content_type.type_());
+                            let new_disposition = mime_override(&named_file.content_type.type_());
                             named_file.content_disposition.disposition = new_disposition;
                         }
                         named_file.flags = this.file_flags;

actix-files/tests/encoding.rs

@@ -1,11 +1,11 @@
-use actix_files::Files;
+use actix_files::{Files, NamedFile};
 use actix_web::{
     http::{
         header::{self, HeaderValue},
         StatusCode,
     },
     test::{self, TestRequest},
-    App,
+    web, App,
 };
 
 #[actix_web::test]
@@ -24,8 +24,7 @@ async fn test_utf8_file_contents() {
 
     // disable UTF-8 attribute
     let srv =
-        test::init_service(App::new().service(Files::new("/", "./tests").prefer_utf8(false)))
-            .await;
+        test::init_service(App::new().service(Files::new("/", "./tests").prefer_utf8(false))).await;
 
     let req = TestRequest::with_uri("/utf8.txt").to_request();
     let res = test::call_service(&srv, req).await;
@@ -36,3 +35,31 @@ async fn test_utf8_file_contents() {
         Some(&HeaderValue::from_static("text/plain")),
     );
 }
+
+#[actix_web::test]
+async fn partial_range_response_encoding() {
+    let srv = test::init_service(App::new().default_service(web::to(|| async {
+        NamedFile::open_async("./tests/test.binary").await.unwrap()
+    })))
+    .await;
+
+    // range request without accept-encoding returns no content-encoding header
+    let req = TestRequest::with_uri("/")
+        .append_header((header::RANGE, "bytes=10-20"))
+        .to_request();
+    let res = test::call_service(&srv, req).await;
+    assert_eq!(res.status(), StatusCode::PARTIAL_CONTENT);
+    assert!(!res.headers().contains_key(header::CONTENT_ENCODING));
+
+    // range request with accept-encoding returns a content-encoding header
+    let req = TestRequest::with_uri("/")
+        .append_header((header::RANGE, "bytes=10-20"))
+        .append_header((header::ACCEPT_ENCODING, "identity"))
+        .to_request();
+    let res = test::call_service(&srv, req).await;
+    assert_eq!(res.status(), StatusCode::PARTIAL_CONTENT);
+    assert_eq!(
+        res.headers().get(header::CONTENT_ENCODING).unwrap(),
+        "identity"
+    );
+}

actix-files/tests/guard.rs

@@ -12,9 +12,7 @@ async fn test_guard_filter() {
     let srv = test::init_service(
         App::new()
             .service(Files::new("/", "./tests/fixtures/guards/first").guard(Host("first.com")))
-            .service(
-                Files::new("/", "./tests/fixtures/guards/second").guard(Host("second.com")),
-            ),
+            .service(Files::new("/", "./tests/fixtures/guards/second").guard(Host("second.com"))),
     )
     .await;
 

actix-files/tests/traversal.rs

@@ -9,8 +9,7 @@ use actix_web::{
 async fn test_directory_traversal_prevention() {
     let srv = test::init_service(App::new().service(Files::new("/", "./tests"))).await;
 
-    let req =
-        TestRequest::with_uri("/../../../../../../../../../../../etc/passwd").to_request();
+    let req = TestRequest::with_uri("/../../../../../../../../../../../etc/passwd").to_request();
     let res = test::call_service(&srv, req).await;
     assert_eq!(res.status(), StatusCode::NOT_FOUND);
 

actix-http-test/CHANGES.md

@@ -1,71 +1,103 @@
 # Changes
 
-## Unreleased - 2021-xx-xx
+## Unreleased
 
+- Minimum supported Rust version (MSRV) is now 1.72.
+
+## 3.2.0
+
+- Minimum supported Rust version (MSRV) is now 1.68 due to transitive `time` dependency.
+
+## 3.1.0
+
+- Minimum supported Rust version (MSRV) is now 1.59.
+
+## 3.0.0
+
+- `TestServer::stop` is now async and will wait for the server and system to shutdown. [#2442]
+- Added `TestServer::client_headers` method. [#2097]
+- Update `actix-server` dependency to `2`.
+- Update `actix-tls` dependency to `3`.
+- Update `bytes` to `1.0`. [#1813]
+- Minimum supported Rust version (MSRV) is now 1.57.
+
+[#2442]: https://github.com/actix/actix-web/pull/2442
+[#2097]: https://github.com/actix/actix-web/pull/2097
+[#1813]: https://github.com/actix/actix-web/pull/1813
+
+<details>
+<summary>3.0.0 Pre-Releases</summary>
+
+## 3.0.0-beta.13
+
+- No significant changes since `3.0.0-beta.12`.
+
+## 3.0.0-beta.12
 
-## 3.0.0-beta.12 - 2022-01-31
 - No significant changes since `3.0.0-beta.11`.
 
+## 3.0.0-beta.11
 
-## 3.0.0-beta.11 - 2022-01-04
 - Minimum supported Rust version (MSRV) is now 1.54.
 
+## 3.0.0-beta.10
 
-## 3.0.0-beta.10 - 2021-12-27
 - Update `actix-server` to `2.0.0-rc.2`. [#2550]
 
 [#2550]: https://github.com/actix/actix-web/pull/2550
 
+## 3.0.0-beta.9
 
-## 3.0.0-beta.9 - 2021-12-11
 - No significant changes since `3.0.0-beta.8`.
 
+## 3.0.0-beta.8
 
-## 3.0.0-beta.8 - 2021-11-30
 - Update `actix-tls` to `3.0.0-rc.1`. [#2474]
 
 [#2474]: https://github.com/actix/actix-web/pull/2474
 
+## 3.0.0-beta.7
 
-## 3.0.0-beta.7 - 2021-11-22
 - Fix compatibility with experimental `io-uring` feature of `actix-rt`. [#2408]
 
 [#2408]: https://github.com/actix/actix-web/pull/2408
 
+## 3.0.0-beta.6
 
-## 3.0.0-beta.6 - 2021-11-15
 - `TestServer::stop` is now async and will wait for the server and system to shutdown. [#2442]
 - Update `actix-server` to `2.0.0-beta.9`. [#2442]
 - Minimum supported Rust version (MSRV) is now 1.52.
 
 [#2442]: https://github.com/actix/actix-web/pull/2442
 
+## 3.0.0-beta.5
 
-## 3.0.0-beta.5 - 2021-09-09
 - Minimum supported Rust version (MSRV) is now 1.51.
 
+## 3.0.0-beta.4
 
-## 3.0.0-beta.4 - 2021-04-02
 - Added `TestServer::client_headers` method. [#2097]
 
 [#2097]: https://github.com/actix/actix-web/pull/2097
 
+## 3.0.0-beta.3
 
-## 3.0.0-beta.3 - 2021-03-09
 - No notable changes.
 
+## 3.0.0-beta.2
 
-## 3.0.0-beta.2 - 2021-02-10
 - No notable changes.
 
+## 3.0.0-beta.1
 
-## 3.0.0-beta.1 - 2021-01-07
 - Update `bytes` to `1.0`. [#1813]
 
 [#1813]: https://github.com/actix/actix-web/pull/1813
 
+</details>
+
+## 2.1.0
 
-## 2.1.0 - 2020-11-25
 - Add ability to set address for `TestServer`. [#1645]
 - Upgrade `base64` to `0.13`.
 - Upgrade `serde_urlencoded` to `0.7`. [#1773]
@@ -73,12 +105,12 @@
 [#1773]: https://github.com/actix/actix-web/pull/1773
 [#1645]: https://github.com/actix/actix-web/pull/1645
 
+## 2.0.0
 
-## 2.0.0 - 2020-09-11
 - Update actix-codec and actix-utils dependencies.
 
+## 2.0.0-alpha.1
 
-## 2.0.0-alpha.1 - 2020-05-23
 - Update the `time` dependency to 0.2.7
 - Update `actix-connect` dependency to 2.0.0-alpha.2
 - Make `test_server` `async` fn.
@@ -87,56 +119,57 @@
 - Update `base64` dependency to 0.12
 - Update `env_logger` dependency to 0.7
 
-## 1.0.0 - 2019-12-13
+## 1.0.0
+
 - Replaced `TestServer::start()` with `test_server()`
 
+## 1.0.0-alpha.3
 
-## 1.0.0-alpha.3 - 2019-12-07
 - Migrate to `std::future`
 
+## 0.2.5
 
-## 0.2.5 - 2019-09-17
 - Update serde_urlencoded to "0.6.1"
 - Increase TestServerRuntime timeouts from 500ms to 3000ms
 - Do not override current `System`
 
+## 0.2.4
 
-## 0.2.4 - 2019-07-18
 - Update actix-server to 0.6
 
+## 0.2.3
 
-## 0.2.3 - 2019-07-16
 - Add `delete`, `options`, `patch` methods to `TestServerRunner`
 
+## 0.2.2
 
-## 0.2.2 - 2019-06-16
 - Add .put() and .sput() methods
 
+## 0.2.1
 
-## 0.2.1 - 2019-06-05
 - Add license files
 
+## 0.2.0
 
-## 0.2.0 - 2019-05-12
 - Update awc and actix-http deps
 
+## 0.1.1
 
-## 0.1.1 - 2019-04-24
 - Always make new connection for http client
 
+## 0.1.0
 
-## 0.1.0 - 2019-04-16
 - No changes
 
+## 0.1.0-alpha.3
 
-## 0.1.0-alpha.3 - 2019-04-02
 - Request functions accept path #743
 
+## 0.1.0-alpha.2
 
-## 0.1.0-alpha.2 - 2019-03-29
 - Added TestServerRuntime::load_body() method
 - Update actix-http and awc libraries
 
+## 0.1.0-alpha.1
 
-## 0.1.0-alpha.1 - 2019-03-28
 - Initial impl

actix-http-test/Cargo.toml

@@ -1,26 +1,34 @@
 [package]
 name = "actix-http-test"
-version = "3.0.0-beta.12"
+version = "3.2.0"
 authors = ["Nikolay Kim <fafhrd91@gmail.com>"]
 description = "Various helpers for Actix applications to use during testing"
 keywords = ["http", "web", "framework", "async", "futures"]
 homepage = "https://actix.rs"
-repository = "https://github.com/actix/actix-web.git"
+repository = "https://github.com/actix/actix-web"
 categories = [
-    "network-programming",
-    "asynchronous",
-    "web-programming::http-server",
-    "web-programming::websocket",
+  "network-programming",
+  "asynchronous",
+  "web-programming::http-server",
+  "web-programming::websocket",
 ]
 license = "MIT OR Apache-2.0"
-edition = "2018"
+edition = "2021"
 
 [package.metadata.docs.rs]
 features = []
 
-[lib]
-name = "actix_http_test"
-path = "src/lib.rs"
+[package.metadata.cargo_check_external_types]
+allowed_external_types = [
+  "actix_codec::*",
+  "actix_http::*",
+  "actix_server::*",
+  "awc::*",
+  "bytes::*",
+  "futures_core::*",
+  "http::*",
+  "tokio::*",
+]
 
 [features]
 default = []
@@ -29,27 +37,28 @@ default = []
 openssl = ["tls-openssl", "awc/openssl"]
 
 [dependencies]
-actix-service = "2.0.0"
-actix-codec = "0.4.1"
-actix-tls = "3.0.0"
-actix-utils = "3.0.0"
+actix-codec = "0.5"
 actix-rt = "2.2"
 actix-server = "2"
-awc = { version = "3.0.0-beta.20", default-features = false }
+actix-service = "2"
+actix-tls = "3"
+actix-utils = "3"
+awc = { version = "3", default-features = false }
 
-base64 = "0.13"
 bytes = "1"
-futures-core = { version = "0.3.7", default-features = false }
-http = "0.2.5"
+futures-core = { version = "0.3.17", default-features = false }
+http = "0.2.7"
 log = "0.4"
-socket2 = "0.4"
-serde = "1.0"
-serde_json = "1.0"
-slab = "0.4"
+serde = "1"
+serde_json = "1"
 serde_urlencoded = "0.7"
-tls-openssl = { version = "0.10.9", package = "openssl", optional = true }
-tokio = { version = "1.8.4", features = ["sync"] }
+slab = "0.4"
+socket2 = "0.5"
+tls-openssl = { version = "0.10.55", package = "openssl", optional = true }
+tokio = { version = "1.38.2", features = ["sync"] }
 
 [dev-dependencies]
-actix-web = { version = "4.0.0-rc.1", default-features = false, features = ["cookies"] }
-actix-http = "3.0.0-rc.1"
+actix-http = "3"
+
+[lints]
+workspace = true

actix-http-test/README.md

@@ -1,17 +1,20 @@
-# actix-http-test
+# `actix-http-test`
 
-> Various helpers for Actix applications to use during testing.
+<!-- prettier-ignore-start -->
 
 [![crates.io](https://img.shields.io/crates/v/actix-http-test?label=latest)](https://crates.io/crates/actix-http-test)
-[![Documentation](https://docs.rs/actix-http-test/badge.svg?version=3.0.0-beta.12)](https://docs.rs/actix-http-test/3.0.0-beta.12)
-[![Version](https://img.shields.io/badge/rustc-1.54+-ab6000.svg)](https://blog.rust-lang.org/2021/05/06/Rust-1.54.0.html)
+[![Documentation](https://docs.rs/actix-http-test/badge.svg?version=3.2.0)](https://docs.rs/actix-http-test/3.2.0)
+![Version](https://img.shields.io/badge/rustc-1.72+-ab6000.svg)
 ![MIT or Apache 2.0 licensed](https://img.shields.io/crates/l/actix-http-test)
 <br>
-[![Dependency Status](https://deps.rs/crate/actix-http-test/3.0.0-beta.12/status.svg)](https://deps.rs/crate/actix-http-test/3.0.0-beta.12)
+[![Dependency Status](https://deps.rs/crate/actix-http-test/3.2.0/status.svg)](https://deps.rs/crate/actix-http-test/3.2.0)
 [![Download](https://img.shields.io/crates/d/actix-http-test.svg)](https://crates.io/crates/actix-http-test)
 [![Chat on Discord](https://img.shields.io/discord/771444961383153695?label=chat&logo=discord)](https://discord.gg/NWpN5mmg3x)
 
-## Documentation & Resources
+<!-- prettier-ignore-end -->
 
-- [API Documentation](https://docs.rs/actix-http-test)
-- Minimum Supported Rust Version (MSRV): 1.54
+<!-- cargo-rdme start -->
+
+Various helpers for Actix applications to use during testing.
+
+<!-- cargo-rdme end -->

actix-http-test/src/lib.rs

@@ -1,9 +1,8 @@
 //! Various helpers for Actix applications to use during testing.
 
-#![deny(rust_2018_idioms, nonstandard_style)]
-#![warn(future_incompatible)]
 #![doc(html_logo_url = "https://actix.rs/img/logo.png")]
 #![doc(html_favicon_url = "https://actix.rs/favicon.ico")]
+#![cfg_attr(docsrs, feature(doc_auto_cfg))]
 
 #[cfg(feature = "openssl")]
 extern crate tls_openssl as openssl;
@@ -29,27 +28,31 @@ use tokio::sync::mpsc;
 /// for HTTP applications.
 ///
 /// # Examples
-/// ```no_run
-/// use actix_http::HttpService;
+///
+/// ```
+/// use actix_http::{HttpService, Response, Error, StatusCode};
 /// use actix_http_test::test_server;
-/// use actix_web::{web, App, HttpResponse, Error};
+/// use actix_service::{fn_service, map_config, ServiceFactoryExt as _};
 ///
-/// async fn my_handler() -> Result<HttpResponse, Error> {
-///     Ok(HttpResponse::Ok().into())
-/// }
-///
-/// #[actix_web::test]
+/// #[actix_rt::test]
+/// # async fn hidden_test() {}
 /// async fn test_example() {
-///     let mut srv = TestServer::start(||
-///         HttpService::new(
-///             App::new().service(web::resource("/").to(my_handler))
-///         )
-///     );
+///     let srv = test_server(|| {
+///         HttpService::build()
+///             .h1(fn_service(|req| async move {
+///                 Ok::<_, Error>(Response::ok())
+///             }))
+///             .tcp()
+///             .map_err(|_| ())
+///     })
+///     .await;
 ///
 ///     let req = srv.get("/");
 ///     let response = req.send().await.unwrap();
-///     assert!(response.status().is_success());
+///
+///     assert_eq!(response.status(), StatusCode::OK);
 /// }
+/// # actix_rt::System::new().block_on(test_example());
 /// ```
 pub async fn test_server<F: ServerServiceFactory<TcpStream>>(factory: F) -> TestServer {
     let tcp = net::TcpListener::bind("127.0.0.1:0").unwrap();
@@ -87,6 +90,7 @@ pub async fn test_server_with_addr<F: ServerServiceFactory<TcpStream>>(
 
         // notify TestServer that server and system have shut down
         // all thread managed resources should be dropped at this point
+        #[allow(clippy::let_underscore_future)]
         let _ = thread_stop_tx.send(());
     });
 
@@ -102,7 +106,7 @@ pub async fn test_server_with_addr<F: ServerServiceFactory<TcpStream>>(
             builder.set_verify(SslVerifyMode::NONE);
             let _ = builder
                 .set_alpn_protos(b"\x02h2\x08http/1.1")
-                .map_err(|e| log::error!("Can not set alpn protocol: {:?}", e));
+                .map_err(|err| log::error!("Can not set ALPN protocol: {err}"));
 
             Connector::new()
                 .conn_lifetime(Duration::from_secs(0))
@@ -294,6 +298,7 @@ impl Drop for TestServer {
         // without needing to await anything
 
         // signal server to stop
+        #[allow(clippy::let_underscore_future)]
         let _ = self.server.stop(true);
 
         // signal system to stop

actix-http/Cargo.toml

@@ -1,139 +1,180 @@
 [package]
 name = "actix-http"
-version = "3.0.0-rc.1"
-authors = [
-    "Nikolay Kim <fafhrd91@gmail.com>",
-    "Rob Ede <robjtede@icloud.com>",
-]
-description = "HTTP primitives for the Actix ecosystem"
+version = "3.11.0"
+authors = ["Nikolay Kim <fafhrd91@gmail.com>", "Rob Ede <robjtede@icloud.com>"]
+description = "HTTP types and services for the Actix ecosystem"
 keywords = ["actix", "http", "framework", "async", "futures"]
 homepage = "https://actix.rs"
-repository = "https://github.com/actix/actix-web.git"
+repository = "https://github.com/actix/actix-web"
 categories = [
-    "network-programming",
-    "asynchronous",
-    "web-programming::http-server",
-    "web-programming::websocket",
+  "network-programming",
+  "asynchronous",
+  "web-programming::http-server",
+  "web-programming::websocket",
 ]
-license = "MIT OR Apache-2.0"
-edition = "2018"
+license.workspace = true
+edition.workspace = true
+rust-version.workspace = true
 
 [package.metadata.docs.rs]
-# features that docs.rs will build with
-features = ["openssl", "rustls", "compress-brotli", "compress-gzip", "compress-zstd"]
+rustdoc-args = ["--cfg", "docsrs"]
+features = [
+  "http2",
+  "ws",
+  "openssl",
+  "rustls-0_20",
+  "rustls-0_21",
+  "rustls-0_22",
+  "rustls-0_23",
+  "compress-brotli",
+  "compress-gzip",
+  "compress-zstd",
+]
 
-[lib]
-name = "actix_http"
-path = "src/lib.rs"
+[package.metadata.cargo_check_external_types]
+allowed_external_types = [
+  "actix_codec::*",
+  "actix_service::*",
+  "actix_tls::*",
+  "actix_utils::*",
+  "bytes::*",
+  "bytestring::*",
+  "encoding_rs::*",
+  "futures_core::*",
+  "h2::*",
+  "http::*",
+  "httparse::*",
+  "language_tags::*",
+  "mime::*",
+  "openssl::*",
+  "rustls::*",
+  "tokio_util::*",
+  "tokio::*",
+]
 
 [features]
 default = []
 
 # HTTP/2 protocol support
-http2 = ["h2"]
+http2 = ["dep:h2"]
 
 # WebSocket protocol implementation
-ws = [
-    "local-channel",
-    "base64",
-    "rand",
-    "sha-1",
-]
+ws = ["dep:local-channel", "dep:base64", "dep:rand", "dep:sha1"]
 
 # TLS via OpenSSL
-openssl = ["actix-tls/accept", "actix-tls/openssl"]
+openssl = ["__tls", "actix-tls/accept", "actix-tls/openssl"]
 
-# TLS via Rustls
-rustls = ["actix-tls/accept", "actix-tls/rustls"]
+# TLS via Rustls v0.20
+rustls = ["__tls", "rustls-0_20"]
+
+# TLS via Rustls v0.20
+rustls-0_20 = ["__tls", "actix-tls/accept", "actix-tls/rustls-0_20"]
+
+# TLS via Rustls v0.21
+rustls-0_21 = ["__tls", "actix-tls/accept", "actix-tls/rustls-0_21"]
+
+# TLS via Rustls v0.22
+rustls-0_22 = ["__tls", "actix-tls/accept", "actix-tls/rustls-0_22"]
+
+# TLS via Rustls v0.23
+rustls-0_23 = ["__tls", "actix-tls/accept", "actix-tls/rustls-0_23"]
 
 # Compression codecs
-compress-brotli = ["__compress", "brotli"]
-compress-gzip   = ["__compress", "flate2"]
-compress-zstd   = ["__compress", "zstd"]
+compress-brotli = ["__compress", "dep:brotli"]
+compress-gzip = ["__compress", "dep:flate2"]
+compress-zstd = ["__compress", "dep:zstd"]
 
-# Internal (PRIVATE!) features used to aid testing and cheking feature status.
+# Internal (PRIVATE!) features used to aid testing and checking feature status.
 # Don't rely on these whatsoever. They are semver-exempt and may disappear at anytime.
 __compress = []
 
-[dependencies]
-actix-service = "2"
-actix-codec = "0.4.1"
-actix-utils = "3"
-actix-rt = { version = "2.2", default-features = false }
+# Internal (PRIVATE!) features used to aid checking feature status.
+# Don't rely on these whatsoever. They may disappear at anytime.
+__tls = []
 
-ahash = "0.7"
-bitflags = "1.2"
+[dependencies]
+actix-codec = "0.5"
+actix-rt = { version = "2.2", default-features = false }
+actix-service = "2"
+actix-utils = "3"
+
+bitflags = "2"
 bytes = "1"
 bytestring = "1"
-derive_more = "0.99.5"
+derive_more = { version = "2", features = ["as_ref", "deref", "deref_mut", "display", "error", "from"] }
 encoding_rs = "0.8"
-futures-core = { version = "0.3.7", default-features = false, features = ["alloc"] }
-http = "0.2.5"
+foldhash = "0.1"
+futures-core = { version = "0.3.17", default-features = false, features = ["alloc"] }
+http = "0.2.7"
 httparse = "1.5.1"
 httpdate = "1.0.1"
 itoa = "1"
 language-tags = "0.3"
-log = "0.4"
-mime = "0.3"
+mime = "0.3.4"
 percent-encoding = "2.1"
 pin-project-lite = "0.2"
 smallvec = "1.6.1"
+tokio = { version = "1.38.2", features = [] }
+tokio-util = { version = "0.7", features = ["io", "codec"] }
+tracing = { version = "0.1.30", default-features = false, features = ["log"] }
 
 # http2
-h2 = { version = "0.3.9", optional = true }
+h2 = { version = "0.3.26", optional = true }
 
 # websockets
+base64 = { version = "0.22", optional = true }
 local-channel = { version = "0.1", optional = true }
-base64 = { version = "0.13", optional = true }
-rand = { version = "0.8", optional = true }
-sha-1 = { version = "0.10", optional = true }
+rand = { version = "0.9", optional = true }
+sha1 = { version = "0.10", optional = true }
 
 # openssl/rustls
-actix-tls = { version = "3.0.0", default-features = false, optional = true }
+actix-tls = { version = "3.4", default-features = false, optional = true }
 
 # compress-*
-brotli = { version = "3.3.3", optional = true }
+brotli = { version = "8", optional = true }
 flate2 = { version = "1.0.13", optional = true }
-zstd = { version = "0.9", optional = true }
+zstd = { version = "0.13", optional = true }
 
 [dev-dependencies]
-actix-http-test = { version = "3.0.0-beta.12", features = ["openssl"] }
+actix-http-test = { version = "3", features = ["openssl"] }
 actix-server = "2"
-actix-tls = { version = "3.0.0", features = ["openssl"] }
-actix-web = "4.0.0-rc.1"
+actix-tls = { version = "3.4", features = ["openssl", "rustls-0_23-webpki-roots"] }
+actix-web = "4"
 
 async-stream = "0.3"
-criterion = { version = "0.3", features = ["html_reports"] }
-env_logger = "0.9"
-futures-util = { version = "0.3.7", default-features = false, features = ["alloc"] }
+criterion = { version = "0.5", features = ["html_reports"] }
+divan = "0.1.8"
+env_logger = "0.11"
+futures-util = { version = "0.3.17", default-features = false, features = ["alloc"] }
 memchr = "2.4"
-once_cell = "1.9"
-rcgen = "0.8"
+once_cell = "1.21"
+rcgen = "0.13"
 regex = "1.3"
-rustls-pemfile = "0.2"
-serde = { version = "1.0", features = ["derive"] }
+rustls-pemfile = "2"
+rustversion = "1"
+serde = { version = "1", features = ["derive"] }
 serde_json = "1.0"
 static_assertions = "1"
-tls-openssl = { package = "openssl", version = "0.10.9" }
-tls-rustls = { package = "rustls", version = "0.20.0" }
-tokio = { version = "1.8.4", features = ["net", "rt", "macros"] }
+tls-openssl = { package = "openssl", version = "0.10.55" }
+tls-rustls_023 = { package = "rustls", version = "0.23" }
+tokio = { version = "1.38.2", features = ["net", "rt", "macros"] }
+
+[lints]
+workspace = true
 
 [[example]]
 name = "ws"
-required-features = ["rustls"]
+required-features = ["ws", "rustls-0_23"]
+
+[[example]]
+name = "tls_rustls"
+required-features = ["http2", "rustls-0_23"]
 
 [[bench]]
-name = "write-camel-case"
+name = "response-body-compression"
 harness = false
+required-features = ["compress-brotli", "compress-gzip", "compress-zstd"]
 
 [[bench]]
-name = "status-line"
-harness = false
-
-[[bench]]
-name = "uninit-headers"
-harness = false
-
-[[bench]]
-name = "quality-value"
+name = "date-formatting"
 harness = false

actix-http/README.md

@@ -1,22 +1,21 @@
-# actix-http
+# `actix-http`
 
-> HTTP primitives for the Actix ecosystem.
+> HTTP types and services for the Actix ecosystem.
+
+<!-- prettier-ignore-start -->
 
 [![crates.io](https://img.shields.io/crates/v/actix-http?label=latest)](https://crates.io/crates/actix-http)
-[![Documentation](https://docs.rs/actix-http/badge.svg?version=3.0.0-rc.1)](https://docs.rs/actix-http/3.0.0-rc.1)
-[![Version](https://img.shields.io/badge/rustc-1.54+-ab6000.svg)](https://blog.rust-lang.org/2021/05/06/Rust-1.54.0.html)
+[![Documentation](https://docs.rs/actix-http/badge.svg?version=3.11.0)](https://docs.rs/actix-http/3.11.0)
+![Version](https://img.shields.io/badge/rustc-1.72+-ab6000.svg)
 ![MIT or Apache 2.0 licensed](https://img.shields.io/crates/l/actix-http.svg)
 <br />
-[![dependency status](https://deps.rs/crate/actix-http/3.0.0-rc.1/status.svg)](https://deps.rs/crate/actix-http/3.0.0-rc.1)
+[![dependency status](https://deps.rs/crate/actix-http/3.11.0/status.svg)](https://deps.rs/crate/actix-http/3.11.0)
 [![Download](https://img.shields.io/crates/d/actix-http.svg)](https://crates.io/crates/actix-http)
 [![Chat on Discord](https://img.shields.io/discord/771444961383153695?label=chat&logo=discord)](https://discord.gg/NWpN5mmg3x)
 
-## Documentation & Resources
+<!-- prettier-ignore-end -->
 
-- [API Documentation](https://docs.rs/actix-http)
-- Minimum Supported Rust Version (MSRV): 1.54
-
-## Example
+## Examples
 
 ```rust
 use std::{env, io};
@@ -25,7 +24,7 @@ use actix_http::{HttpService, Response};
 use actix_server::Server;
 use futures_util::future;
 use http::header::HeaderValue;
-use log::info;
+use tracing::info;
 
 #[actix_rt::main]
 async fn main() -> io::Result<()> {
@@ -49,18 +48,3 @@ async fn main() -> io::Result<()> {
         .await
 }
 ```
-
-## License
-
-This project is licensed under either of
-
-- Apache License, Version 2.0, ([LICENSE-APACHE](LICENSE-APACHE) or [http://www.apache.org/licenses/LICENSE-2.0](http://www.apache.org/licenses/LICENSE-2.0))
-- MIT license ([LICENSE-MIT](LICENSE-MIT) or [http://opensource.org/licenses/MIT](http://opensource.org/licenses/MIT))
-
-at your option.
-
-## Code of Conduct
-
-Contribution to the actix-http crate is organized under the terms of the
-Contributor Covenant, the maintainer of actix-http, @fafhrd91, promises to
-intervene to uphold that code of conduct.

actix-http/benches/date-formatting.rs

@@ -0,0 +1,20 @@
+use std::time::SystemTime;
+
+use actix_http::header::HttpDate;
+use divan::{black_box, AllocProfiler, Bencher};
+
+#[global_allocator]
+static ALLOC: AllocProfiler = AllocProfiler::system();
+
+#[divan::bench]
+fn date_formatting(b: Bencher<'_, '_>) {
+    let now = SystemTime::now();
+
+    b.bench(|| {
+        black_box(HttpDate::from(black_box(now)).to_string());
+    })
+}
+
+fn main() {
+    divan::main();
+}

actix-http/benches/quality-value.rs

@@ -1,95 +0,0 @@
-use criterion::{criterion_group, criterion_main, BenchmarkId, Criterion};
-
-const CODES: &[u16] = &[0, 1000, 201, 800, 550];
-
-fn bench_quality_display_impls(c: &mut Criterion) {
-    let mut group = c.benchmark_group("quality value display impls");
-
-    for i in CODES.iter() {
-        group.bench_with_input(BenchmarkId::new("New (fast?)", i), i, |b, &i| {
-            b.iter(|| _new::Quality(i).to_string())
-        });
-
-        group.bench_with_input(BenchmarkId::new("Naive", i), i, |b, &i| {
-            b.iter(|| _naive::Quality(i).to_string())
-        });
-    }
-
-    group.finish();
-}
-
-criterion_group!(benches, bench_quality_display_impls);
-criterion_main!(benches);
-
-mod _new {
-    use std::fmt;
-
-    pub struct Quality(pub(crate) u16);
-
-    impl fmt::Display for Quality {
-        fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
-            match self.0 {
-                0 => f.write_str("0"),
-                1000 => f.write_str("1"),
-
-                // some number in the range 1–999
-                x => {
-                    f.write_str("0.")?;
-
-                    // this implementation avoids string allocation otherwise required
-                    // for `.trim_end_matches('0')`
-
-                    if x < 10 {
-                        f.write_str("00")?;
-                        // 0 is handled so it's not possible to have a trailing 0, we can just return
-                        itoa_fmt(f, x)
-                    } else if x < 100 {
-                        f.write_str("0")?;
-                        if x % 10 == 0 {
-                            // trailing 0, divide by 10 and write
-                            itoa_fmt(f, x / 10)
-                        } else {
-                            itoa_fmt(f, x)
-                        }
-                    } else {
-                        // x is in range 101–999
-
-                        if x % 100 == 0 {
-                            // two trailing 0s, divide by 100 and write
-                            itoa_fmt(f, x / 100)
-                        } else if x % 10 == 0 {
-                            // one trailing 0, divide by 10 and write
-                            itoa_fmt(f, x / 10)
-                        } else {
-                            itoa_fmt(f, x)
-                        }
-                    }
-                }
-            }
-        }
-    }
-
-    pub fn itoa_fmt<W: fmt::Write, V: itoa::Integer>(mut wr: W, value: V) -> fmt::Result {
-        let mut buf = itoa::Buffer::new();
-        wr.write_str(buf.format(value))
-    }
-}
-
-mod _naive {
-    use std::fmt;
-
-    pub struct Quality(pub(crate) u16);
-
-    impl fmt::Display for Quality {
-        fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
-            match self.0 {
-                0 => f.write_str("0"),
-                1000 => f.write_str("1"),
-
-                x => {
-                    write!(f, "{}", format!("{:03}", x).trim_end_matches('0'))
-                }
-            }
-        }
-    }
-}

actix-http/benches/response-body-compression.rs

@@ -0,0 +1,88 @@
+use std::convert::Infallible;
+
+use actix_http::{encoding::Encoder, ContentEncoding, Request, Response, StatusCode};
+use actix_service::{fn_service, Service as _};
+use criterion::{black_box, criterion_group, criterion_main, Criterion};
+
+static BODY: &[u8] = include_bytes!("../Cargo.toml");
+
+fn compression_responses(c: &mut Criterion) {
+    let mut group = c.benchmark_group("compression responses");
+
+    group.bench_function("identity", |b| {
+        let rt = actix_rt::Runtime::new().unwrap();
+
+        let identity_svc = fn_service(|_: Request| async move {
+            let mut res = Response::with_body(StatusCode::OK, ());
+            let body = black_box(Encoder::response(
+                ContentEncoding::Identity,
+                res.head_mut(),
+                BODY,
+            ));
+            Ok::<_, Infallible>(black_box(res.set_body(black_box(body))))
+        });
+
+        b.iter(|| {
+            rt.block_on(identity_svc.call(Request::new())).unwrap();
+        });
+    });
+
+    group.bench_function("gzip", |b| {
+        let rt = actix_rt::Runtime::new().unwrap();
+
+        let identity_svc = fn_service(|_: Request| async move {
+            let mut res = Response::with_body(StatusCode::OK, ());
+            let body = black_box(Encoder::response(
+                ContentEncoding::Gzip,
+                res.head_mut(),
+                BODY,
+            ));
+            Ok::<_, Infallible>(black_box(res.set_body(black_box(body))))
+        });
+
+        b.iter(|| {
+            rt.block_on(identity_svc.call(Request::new())).unwrap();
+        });
+    });
+
+    group.bench_function("br", |b| {
+        let rt = actix_rt::Runtime::new().unwrap();
+
+        let identity_svc = fn_service(|_: Request| async move {
+            let mut res = Response::with_body(StatusCode::OK, ());
+            let body = black_box(Encoder::response(
+                ContentEncoding::Brotli,
+                res.head_mut(),
+                BODY,
+            ));
+            Ok::<_, Infallible>(black_box(res.set_body(black_box(body))))
+        });
+
+        b.iter(|| {
+            rt.block_on(identity_svc.call(Request::new())).unwrap();
+        });
+    });
+
+    group.bench_function("zstd", |b| {
+        let rt = actix_rt::Runtime::new().unwrap();
+
+        let identity_svc = fn_service(|_: Request| async move {
+            let mut res = Response::with_body(StatusCode::OK, ());
+            let body = black_box(Encoder::response(
+                ContentEncoding::Zstd,
+                res.head_mut(),
+                BODY,
+            ));
+            Ok::<_, Infallible>(black_box(res.set_body(black_box(body))))
+        });
+
+        b.iter(|| {
+            rt.block_on(identity_svc.call(Request::new())).unwrap();
+        });
+    });
+
+    group.finish();
+}
+
+criterion_group!(benches, compression_responses);
+criterion_main!(benches);

actix-http/benches/status-line.rs

@@ -1,214 +0,0 @@
-use criterion::{criterion_group, criterion_main, BenchmarkId, Criterion};
-
-use bytes::BytesMut;
-use http::Version;
-
-const CODES: &[u16] = &[201, 303, 404, 515];
-
-fn bench_write_status_line_11(c: &mut Criterion) {
-    let mut group = c.benchmark_group("write_status_line v1.1");
-
-    let version = Version::HTTP_11;
-
-    for i in CODES.iter() {
-        group.bench_with_input(BenchmarkId::new("Original (unsafe)", i), i, |b, &i| {
-            b.iter(|| {
-                let mut b = BytesMut::with_capacity(35);
-                _original::write_status_line(version, i, &mut b);
-            })
-        });
-
-        group.bench_with_input(BenchmarkId::new("New (safe)", i), i, |b, &i| {
-            b.iter(|| {
-                let mut b = BytesMut::with_capacity(35);
-                _new::write_status_line(version, i, &mut b);
-            })
-        });
-
-        group.bench_with_input(BenchmarkId::new("Naive", i), i, |b, &i| {
-            b.iter(|| {
-                let mut b = BytesMut::with_capacity(35);
-                _naive::write_status_line(version, i, &mut b);
-            })
-        });
-    }
-
-    group.finish();
-}
-
-fn bench_write_status_line_10(c: &mut Criterion) {
-    let mut group = c.benchmark_group("write_status_line v1.0");
-
-    let version = Version::HTTP_10;
-
-    for i in CODES.iter() {
-        group.bench_with_input(BenchmarkId::new("Original (unsafe)", i), i, |b, &i| {
-            b.iter(|| {
-                let mut b = BytesMut::with_capacity(35);
-                _original::write_status_line(version, i, &mut b);
-            })
-        });
-
-        group.bench_with_input(BenchmarkId::new("New (safe)", i), i, |b, &i| {
-            b.iter(|| {
-                let mut b = BytesMut::with_capacity(35);
-                _new::write_status_line(version, i, &mut b);
-            })
-        });
-
-        group.bench_with_input(BenchmarkId::new("Naive", i), i, |b, &i| {
-            b.iter(|| {
-                let mut b = BytesMut::with_capacity(35);
-                _naive::write_status_line(version, i, &mut b);
-            })
-        });
-    }
-
-    group.finish();
-}
-
-fn bench_write_status_line_09(c: &mut Criterion) {
-    let mut group = c.benchmark_group("write_status_line v0.9");
-
-    let version = Version::HTTP_09;
-
-    for i in CODES.iter() {
-        group.bench_with_input(BenchmarkId::new("Original (unsafe)", i), i, |b, &i| {
-            b.iter(|| {
-                let mut b = BytesMut::with_capacity(35);
-                _original::write_status_line(version, i, &mut b);
-            })
-        });
-
-        group.bench_with_input(BenchmarkId::new("New (safe)", i), i, |b, &i| {
-            b.iter(|| {
-                let mut b = BytesMut::with_capacity(35);
-                _new::write_status_line(version, i, &mut b);
-            })
-        });
-
-        group.bench_with_input(BenchmarkId::new("Naive", i), i, |b, &i| {
-            b.iter(|| {
-                let mut b = BytesMut::with_capacity(35);
-                _naive::write_status_line(version, i, &mut b);
-            })
-        });
-    }
-
-    group.finish();
-}
-
-criterion_group!(
-    benches,
-    bench_write_status_line_11,
-    bench_write_status_line_10,
-    bench_write_status_line_09
-);
-criterion_main!(benches);
-
-mod _naive {
-    use bytes::{BufMut, BytesMut};
-    use http::Version;
-
-    pub(crate) fn write_status_line(version: Version, n: u16, bytes: &mut BytesMut) {
-        match version {
-            Version::HTTP_11 => bytes.put_slice(b"HTTP/1.1 "),
-            Version::HTTP_10 => bytes.put_slice(b"HTTP/1.0 "),
-            Version::HTTP_09 => bytes.put_slice(b"HTTP/0.9 "),
-            _ => {
-                // other HTTP version handlers do not use this method
-            }
-        }
-
-        bytes.put_slice(n.to_string().as_bytes());
-    }
-}
-
-mod _new {
-    use bytes::{BufMut, BytesMut};
-    use http::Version;
-
-    const DIGITS_START: u8 = b'0';
-
-    pub(crate) fn write_status_line(version: Version, n: u16, bytes: &mut BytesMut) {
-        match version {
-            Version::HTTP_11 => bytes.put_slice(b"HTTP/1.1 "),
-            Version::HTTP_10 => bytes.put_slice(b"HTTP/1.0 "),
-            Version::HTTP_09 => bytes.put_slice(b"HTTP/0.9 "),
-            _ => {
-                // other HTTP version handlers do not use this method
-            }
-        }
-
-        let d100 = (n / 100) as u8;
-        let d10 = ((n / 10) % 10) as u8;
-        let d1 = (n % 10) as u8;
-
-        bytes.put_u8(DIGITS_START + d100);
-        bytes.put_u8(DIGITS_START + d10);
-        bytes.put_u8(DIGITS_START + d1);
-
-        bytes.put_u8(b' ');
-    }
-}
-
-mod _original {
-    use std::ptr;
-
-    use bytes::{BufMut, BytesMut};
-    use http::Version;
-
-    const DEC_DIGITS_LUT: &[u8] = b"0001020304050607080910111213141516171819\
-        2021222324252627282930313233343536373839\
-        4041424344454647484950515253545556575859\
-        6061626364656667686970717273747576777879\
-        8081828384858687888990919293949596979899";
-
-    pub(crate) const STATUS_LINE_BUF_SIZE: usize = 13;
-
-    pub(crate) fn write_status_line(version: Version, mut n: u16, bytes: &mut BytesMut) {
-        let mut buf: [u8; STATUS_LINE_BUF_SIZE] = *b"HTTP/1.1     ";
-
-        match version {
-            Version::HTTP_2 => buf[5] = b'2',
-            Version::HTTP_10 => buf[7] = b'0',
-            Version::HTTP_09 => {
-                buf[5] = b'0';
-                buf[7] = b'9';
-            }
-            _ => {}
-        }
-
-        let mut curr: isize = 12;
-        let buf_ptr = buf.as_mut_ptr();
-        let lut_ptr = DEC_DIGITS_LUT.as_ptr();
-        let four = n > 999;
-
-        // decode 2 more chars, if > 2 chars
-        let d1 = (n % 100) << 1;
-        n /= 100;
-        curr -= 2;
-        unsafe {
-            ptr::copy_nonoverlapping(lut_ptr.offset(d1 as isize), buf_ptr.offset(curr), 2);
-        }
-
-        // decode last 1 or 2 chars
-        if n < 10 {
-            curr -= 1;
-            unsafe {
-                *buf_ptr.offset(curr) = (n as u8) + b'0';
-            }
-        } else {
-            let d1 = n << 1;
-            curr -= 2;
-            unsafe {
-                ptr::copy_nonoverlapping(lut_ptr.offset(d1 as isize), buf_ptr.offset(curr), 2);
-            }
-        }
-
-        bytes.put_slice(&buf);
-        if four {
-            bytes.put_u8(b' ');
-        }
-    }
-}

actix-http/benches/uninit-headers.rs

@@ -1,134 +0,0 @@
-use criterion::{criterion_group, criterion_main, Criterion};
-
-use bytes::BytesMut;
-
-// A Miri run detects UB, seen on this playground:
-// https://play.rust-lang.org/?version=stable&mode=debug&edition=2018&gist=f5d9aa166aa48df8dca05fce2b6c3915
-
-fn bench_header_parsing(c: &mut Criterion) {
-    c.bench_function("Original (Unsound) [short]", |b| {
-        b.iter(|| {
-            let mut buf = BytesMut::from(REQ_SHORT);
-            _original::parse_headers(&mut buf);
-        })
-    });
-
-    c.bench_function("New (safe) [short]", |b| {
-        b.iter(|| {
-            let mut buf = BytesMut::from(REQ_SHORT);
-            _new::parse_headers(&mut buf);
-        })
-    });
-
-    c.bench_function("Original (Unsound) [realistic]", |b| {
-        b.iter(|| {
-            let mut buf = BytesMut::from(REQ);
-            _original::parse_headers(&mut buf);
-        })
-    });
-
-    c.bench_function("New (safe) [realistic]", |b| {
-        b.iter(|| {
-            let mut buf = BytesMut::from(REQ);
-            _new::parse_headers(&mut buf);
-        })
-    });
-}
-
-criterion_group!(benches, bench_header_parsing);
-criterion_main!(benches);
-
-const MAX_HEADERS: usize = 96;
-
-const EMPTY_HEADER_ARRAY: [httparse::Header<'static>; MAX_HEADERS] =
-    [httparse::EMPTY_HEADER; MAX_HEADERS];
-
-#[derive(Clone, Copy)]
-struct HeaderIndex {
-    name: (usize, usize),
-    value: (usize, usize),
-}
-
-const EMPTY_HEADER_INDEX: HeaderIndex = HeaderIndex {
-    name: (0, 0),
-    value: (0, 0),
-};
-
-const EMPTY_HEADER_INDEX_ARRAY: [HeaderIndex; MAX_HEADERS] = [EMPTY_HEADER_INDEX; MAX_HEADERS];
-
-impl HeaderIndex {
-    fn record(bytes: &[u8], headers: &[httparse::Header<'_>], indices: &mut [HeaderIndex]) {
-        let bytes_ptr = bytes.as_ptr() as usize;
-        for (header, indices) in headers.iter().zip(indices.iter_mut()) {
-            let name_start = header.name.as_ptr() as usize - bytes_ptr;
-            let name_end = name_start + header.name.len();
-            indices.name = (name_start, name_end);
-            let value_start = header.value.as_ptr() as usize - bytes_ptr;
-            let value_end = value_start + header.value.len();
-            indices.value = (value_start, value_end);
-        }
-    }
-}
-
-// test cases taken from:
-// https://github.com/seanmonstar/httparse/blob/master/benches/parse.rs
-
-const REQ_SHORT: &[u8] = b"\
-GET / HTTP/1.0\r\n\
-Host: example.com\r\n\
-Cookie: session=60; user_id=1\r\n\r\n";
-
-const REQ: &[u8] = b"\
-GET /wp-content/uploads/2010/03/hello-kitty-darth-vader-pink.jpg HTTP/1.1\r\n\
-Host: www.kittyhell.com\r\n\
-User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; ja-JP-mac; rv:1.9.2.3) Gecko/20100401 Firefox/3.6.3 Pathtraq/0.9\r\n\
-Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\n\
-Accept-Language: ja,en-us;q=0.7,en;q=0.3\r\n\
-Accept-Encoding: gzip,deflate\r\n\
-Accept-Charset: Shift_JIS,utf-8;q=0.7,*;q=0.7\r\n\
-Keep-Alive: 115\r\n\
-Connection: keep-alive\r\n\
-Cookie: wp_ozh_wsa_visits=2; wp_ozh_wsa_visit_lasttime=xxxxxxxxxx; __utma=xxxxxxxxx.xxxxxxxxxx.xxxxxxxxxx.xxxxxxxxxx.xxxxxxxxxx.x; __utmz=xxxxxxxxx.xxxxxxxxxx.x.x.utmccn=(referral)|utmcsr=reader.livedoor.com|utmcct=/reader/|utmcmd=referral|padding=under256\r\n\r\n";
-
-mod _new {
-    use super::*;
-
-    pub fn parse_headers(src: &mut BytesMut) -> usize {
-        let mut headers: [HeaderIndex; MAX_HEADERS] = EMPTY_HEADER_INDEX_ARRAY;
-        let mut parsed: [httparse::Header<'_>; MAX_HEADERS] = EMPTY_HEADER_ARRAY;
-
-        let mut req = httparse::Request::new(&mut parsed);
-        match req.parse(src).unwrap() {
-            httparse::Status::Complete(_len) => {
-                HeaderIndex::record(src, req.headers, &mut headers);
-                req.headers.len()
-            }
-            _ => unreachable!(),
-        }
-    }
-}
-
-mod _original {
-    use super::*;
-
-    use std::mem::MaybeUninit;
-
-    pub fn parse_headers(src: &mut BytesMut) -> usize {
-        #![allow(clippy::uninit_assumed_init)]
-
-        let mut headers: [HeaderIndex; MAX_HEADERS] =
-            unsafe { MaybeUninit::uninit().assume_init() };
-
-        let mut parsed: [httparse::Header<'_>; MAX_HEADERS] =
-            unsafe { MaybeUninit::uninit().assume_init() };
-
-        let mut req = httparse::Request::new(&mut parsed);
-        match req.parse(src).unwrap() {
-            httparse::Status::Complete(_len) => {
-                HeaderIndex::record(src, req.headers, &mut headers);
-                req.headers.len()
-            }
-            _ => unreachable!(),
-        }
-    }
-}

actix-http/benches/write-camel-case.rs

@@ -1,93 +0,0 @@
-use criterion::{black_box, criterion_group, criterion_main, BenchmarkId, Criterion};
-
-fn bench_write_camel_case(c: &mut Criterion) {
-    let mut group = c.benchmark_group("write_camel_case");
-
-    let names = ["connection", "Transfer-Encoding", "transfer-encoding"];
-
-    for &i in &names {
-        let bts = i.as_bytes();
-
-        group.bench_with_input(BenchmarkId::new("Original", i), bts, |b, bts| {
-            b.iter(|| {
-                let mut buf = black_box([0; 24]);
-                _original::write_camel_case(black_box(bts), &mut buf)
-            });
-        });
-
-        group.bench_with_input(BenchmarkId::new("New", i), bts, |b, bts| {
-            b.iter(|| {
-                let mut buf = black_box([0; 24]);
-                let len = black_box(bts.len());
-                _new::write_camel_case(black_box(bts), buf.as_mut_ptr(), len)
-            });
-        });
-    }
-
-    group.finish();
-}
-
-criterion_group!(benches, bench_write_camel_case);
-criterion_main!(benches);
-
-mod _new {
-    pub fn write_camel_case(value: &[u8], buf: *mut u8, len: usize) {
-        // first copy entire (potentially wrong) slice to output
-        let buffer = unsafe {
-            std::ptr::copy_nonoverlapping(value.as_ptr(), buf, len);
-            std::slice::from_raw_parts_mut(buf, len)
-        };
-
-        let mut iter = value.iter();
-
-        // first character should be uppercase
-        if let Some(c @ b'a'..=b'z') = iter.next() {
-            buffer[0] = c & 0b1101_1111;
-        }
-
-        // track 1 ahead of the current position since that's the location being assigned to
-        let mut index = 2;
-
-        // remaining characters after hyphens should also be uppercase
-        while let Some(&c) = iter.next() {
-            if c == b'-' {
-                // advance iter by one and uppercase if needed
-                if let Some(c @ b'a'..=b'z') = iter.next() {
-                    buffer[index] = c & 0b1101_1111;
-                }
-            }
-
-            index += 1;
-        }
-    }
-}
-
-mod _original {
-    pub fn write_camel_case(value: &[u8], buffer: &mut [u8]) {
-        let mut index = 0;
-        let key = value;
-        let mut key_iter = key.iter();
-
-        if let Some(c) = key_iter.next() {
-            if *c >= b'a' && *c <= b'z' {
-                buffer[index] = *c ^ b' ';
-                index += 1;
-            }
-        } else {
-            return;
-        }
-
-        while let Some(c) = key_iter.next() {
-            buffer[index] = *c;
-            index += 1;
-            if *c == b'-' {
-                if let Some(c) = key_iter.next() {
-                    if *c >= b'a' && *c <= b'z' {
-                        buffer[index] = *c ^ b' ';
-                        index += 1;
-                    }
-                }
-            }
-        }
-    }
-}

actix-http/examples/actix-web.rs

@@ -1,10 +1,10 @@
 use actix_http::HttpService;
 use actix_server::Server;
 use actix_service::map_config;
-use actix_web::{dev::AppConfig, get, App};
+use actix_web::{dev::AppConfig, get, App, Responder};
 
 #[get("/")]
-async fn index() -> &'static str {
+async fn index() -> impl Responder {
     "Hello, world. From Actix Web!"
 }
 
@@ -18,7 +18,8 @@ async fn main() -> std::io::Result<()> {
             HttpService::build()
                 // pass the app to service builder
                 // map_config is used to map App's configuration to ServiceBuilder
-                .finish(map_config(app, |_| AppConfig::default()))
+                // h1 will configure server to only use HTTP/1.1
+                .h1(map_config(app, |_| AppConfig::default()))
                 .tcp()
         })?
         .run()

actix-http/examples/echo.rs

@@ -5,6 +5,7 @@ use actix_server::Server;
 use bytes::BytesMut;
 use futures_util::StreamExt as _;
 use http::header::HeaderValue;
+use tracing::info;
 
 #[actix_rt::main]
 async fn main() -> io::Result<()> {
@@ -22,7 +23,7 @@ async fn main() -> io::Result<()> {
                         body.extend_from_slice(&item?);
                     }
 
-                    log::info!("request body: {:?}", body);
+                    info!("request body: {body:?}");
 
                     let res = Response::build(StatusCode::OK)
                         .insert_header(("x-head", HeaderValue::from_static("dummy value!")))
@@ -30,8 +31,7 @@ async fn main() -> io::Result<()> {
 
                     Ok::<_, Error>(res)
                 })
-                // No TLS
-                .tcp()
+                .tcp() // No TLS
         })?
         .run()
         .await

actix-http/examples/h2c-detect.rs

@@ -0,0 +1,34 @@
+//! An example that supports automatic selection of plaintext h1/h2c connections.
+//!
+//! Notably, both the following commands will work.
+//! ```console
+//! $ curl --http1.1 'http://localhost:8080/'
+//! $ curl --http2-prior-knowledge 'http://localhost:8080/'
+//! ```
+
+use std::{convert::Infallible, io};
+
+use actix_http::{body::BodyStream, HttpService, Request, Response, StatusCode};
+use actix_server::Server;
+
+#[tokio::main(flavor = "current_thread")]
+async fn main() -> io::Result<()> {
+    env_logger::init_from_env(env_logger::Env::new().default_filter_or("info"));
+
+    Server::build()
+        .bind("h2c-detect", ("127.0.0.1", 8080), || {
+            HttpService::build()
+                .finish(|_req: Request| async move {
+                    Ok::<_, Infallible>(Response::build(StatusCode::OK).body(BodyStream::new(
+                        futures_util::stream::iter([
+                            Ok::<_, String>("123".into()),
+                            Err("wertyuikmnbvcxdfty6t".to_owned()),
+                        ]),
+                    )))
+                })
+                .tcp_auto_h2c()
+        })?
+        .workers(2)
+        .run()
+        .await
+}

actix-http/examples/hello-world.rs

@@ -1,9 +1,8 @@
 use std::{convert::Infallible, io, time::Duration};
 
-use actix_http::{
-    header::HeaderValue, HttpMessage, HttpService, Request, Response, StatusCode,
-};
+use actix_http::{header::HeaderValue, HttpService, Request, Response, StatusCode};
 use actix_server::Server;
+use tracing::info;
 
 #[actix_rt::main]
 async fn main() -> io::Result<()> {
@@ -18,16 +17,13 @@ async fn main() -> io::Result<()> {
                     ext.insert(42u32);
                 })
                 .finish(|req: Request| async move {
-                    log::info!("{:?}", req);
+                    info!("{req:?}");
 
                     let mut res = Response::build(StatusCode::OK);
                     res.insert_header(("x-head", HeaderValue::from_static("dummy value!")));
 
-                    let forty_two = req.extensions().get::<u32>().unwrap().to_string();
-                    res.insert_header((
-                        "x-forty-two",
-                        HeaderValue::from_str(&forty_two).unwrap(),
-                    ));
+                    let forty_two = req.conn_data::<u32>().unwrap().to_string();
+                    res.insert_header(("x-forty-two", HeaderValue::from_str(&forty_two).unwrap()));
 
                     Ok::<_, Infallible>(res.body("Hello world!"))
                 })

actix-http/examples/streaming-error.rs

@@ -12,6 +12,7 @@ use actix_http::{body::BodyStream, HttpService, Response};
 use actix_server::Server;
 use async_stream::stream;
 use bytes::Bytes;
+use tracing::info;
 
 #[actix_rt::main]
 async fn main() -> io::Result<()> {
@@ -21,16 +22,16 @@ async fn main() -> io::Result<()> {
         .bind("streaming-error", ("127.0.0.1", 8080), || {
             HttpService::build()
                 .finish(|req| async move {
-                    log::info!("{:?}", req);
+                    info!("{req:?}");
                     let res = Response::ok();
 
                     Ok::<_, Infallible>(res.set_body(BodyStream::new(stream! {
                         yield Ok(Bytes::from("123"));
                         yield Ok(Bytes::from("456"));
 
-                        actix_rt::time::sleep(Duration::from_millis(1000)).await;
+                        actix_rt::time::sleep(Duration::from_secs(1)).await;
 
-                        yield Err(io::Error::new(io::ErrorKind::Other, ""));
+                        yield Err(io::Error::other("abc"));
                     })))
                 })
                 .tcp()

actix-http/examples/tls_rustls.rs

@@ -0,0 +1,76 @@
+//! Demonstrates TLS configuration (via Rustls) for HTTP/1.1 and HTTP/2 connections.
+//!
+//! Test using cURL:
+//!
+//! ```console
+//! $ curl --insecure https://127.0.0.1:8443
+//! Hello World!
+//! Protocol: HTTP/2.0
+//!
+//! $ curl --insecure --http1.1 https://127.0.0.1:8443
+//! Hello World!
+//! Protocol: HTTP/1.1
+//! ```
+
+extern crate tls_rustls_023 as rustls;
+
+use std::io;
+
+use actix_http::{Error, HttpService, Request, Response};
+use actix_utils::future::ok;
+
+#[actix_rt::main]
+async fn main() -> io::Result<()> {
+    env_logger::init_from_env(env_logger::Env::new().default_filter_or("info"));
+
+    tracing::info!("starting HTTP server at https://127.0.0.1:8443");
+
+    actix_server::Server::build()
+        .bind("echo", ("127.0.0.1", 8443), || {
+            HttpService::build()
+                .finish(|req: Request| {
+                    let body = format!(
+                        "Hello World!\n\
+                        Protocol: {:?}",
+                        req.head().version
+                    );
+                    ok::<_, Error>(Response::ok().set_body(body))
+                })
+                .rustls_0_23(rustls_config())
+        })?
+        .run()
+        .await
+}
+
+fn rustls_config() -> rustls::ServerConfig {
+    let rcgen::CertifiedKey { cert, key_pair } =
+        rcgen::generate_simple_self_signed(["localhost".to_owned()]).unwrap();
+    let cert_file = cert.pem();
+    let key_file = key_pair.serialize_pem();
+
+    let cert_file = &mut io::BufReader::new(cert_file.as_bytes());
+    let key_file = &mut io::BufReader::new(key_file.as_bytes());
+
+    let cert_chain = rustls_pemfile::certs(cert_file)
+        .collect::<Result<Vec<_>, _>>()
+        .unwrap();
+    let mut keys = rustls_pemfile::pkcs8_private_keys(key_file)
+        .collect::<Result<Vec<_>, _>>()
+        .unwrap();
+
+    let mut config = rustls::ServerConfig::builder()
+        .with_no_client_auth()
+        .with_single_cert(
+            cert_chain,
+            rustls::pki_types::PrivateKeyDer::Pkcs8(keys.remove(0)),
+        )
+        .unwrap();
+
+    const H1_ALPN: &[u8] = b"http/1.1";
+    const H2_ALPN: &[u8] = b"h2";
+
+    config.alpn_protocols.push(H2_ALPN.to_vec());
+    config.alpn_protocols.push(H1_ALPN.to_vec());
+
+    config
+}

actix-http/examples/ws.rs

@@ -1,7 +1,7 @@
 //! Sets up a WebSocket server over TCP and TLS.
 //! Sends a heartbeat message every 4 seconds but does not respond to any incoming frames.
 
-extern crate tls_rustls as rustls;
+extern crate tls_rustls_023 as rustls;
 
 use std::{
     io,
@@ -10,13 +10,13 @@ use std::{
     time::Duration,
 };
 
-use actix_codec::Encoder;
 use actix_http::{body::BodyStream, error::Error, ws, HttpService, Request, Response};
 use actix_rt::time::{interval, Interval};
 use actix_server::Server;
 use bytes::{Bytes, BytesMut};
 use bytestring::ByteString;
 use futures_core::{ready, Stream};
+use tokio_util::codec::Encoder;
 
 #[actix_rt::main]
 async fn main() -> io::Result<()> {
@@ -27,20 +27,22 @@ async fn main() -> io::Result<()> {
             HttpService::build().h1(handler).tcp()
         })?
         .bind("tls", ("127.0.0.1", 8443), || {
-            HttpService::build().finish(handler).rustls(tls_config())
+            HttpService::build()
+                .finish(handler)
+                .rustls_0_23(tls_config())
         })?
         .run()
         .await
 }
 
 async fn handler(req: Request) -> Result<Response<BodyStream<Heartbeat>>, Error> {
-    log::info!("handshaking");
+    tracing::info!("handshaking");
     let mut res = ws::handshake(req.head())?;
 
     // handshake will always fail under HTTP/2
 
-    log::info!("responding");
-    Ok(res.message_body(BodyStream::new(Heartbeat::new(ws::Codec::new())))?)
+    tracing::info!("responding");
+    res.message_body(BodyStream::new(Heartbeat::new(ws::Codec::new())))
 }
 
 struct Heartbeat {
@@ -61,7 +63,7 @@ impl Stream for Heartbeat {
     type Item = Result<Bytes, Error>;
 
     fn poll_next(mut self: Pin<&mut Self>, cx: &mut Context<'_>) -> Poll<Option<Self::Item>> {
-        log::trace!("poll");
+        tracing::trace!("poll");
 
         ready!(self.as_mut().interval.poll_tick(cx));
 
@@ -82,27 +84,27 @@ impl Stream for Heartbeat {
 fn tls_config() -> rustls::ServerConfig {
     use std::io::BufReader;
 
-    use rustls::{Certificate, PrivateKey};
     use rustls_pemfile::{certs, pkcs8_private_keys};
 
-    let cert = rcgen::generate_simple_self_signed(vec!["localhost".to_owned()]).unwrap();
-    let cert_file = cert.serialize_pem().unwrap();
-    let key_file = cert.serialize_private_key_pem();
+    let rcgen::CertifiedKey { cert, key_pair } =
+        rcgen::generate_simple_self_signed(["localhost".to_owned()]).unwrap();
+    let cert_file = cert.pem();
+    let key_file = key_pair.serialize_pem();
 
     let cert_file = &mut BufReader::new(cert_file.as_bytes());
     let key_file = &mut BufReader::new(key_file.as_bytes());
 
-    let cert_chain = certs(cert_file)
-        .unwrap()
-        .into_iter()
-        .map(Certificate)
-        .collect();
-    let mut keys = pkcs8_private_keys(key_file).unwrap();
+    let cert_chain = certs(cert_file).collect::<Result<Vec<_>, _>>().unwrap();
+    let mut keys = pkcs8_private_keys(key_file)
+        .collect::<Result<Vec<_>, _>>()
+        .unwrap();
 
     let mut config = rustls::ServerConfig::builder()
-        .with_safe_defaults()
         .with_no_client_auth()
-        .with_single_cert(cert_chain, PrivateKey(keys.remove(0)))
+        .with_single_cert(
+            cert_chain,
+            rustls::pki_types::PrivateKeyDer::Pkcs8(keys.remove(0)),
+        )
         .unwrap();
 
     config.alpn_protocols.push(b"http/1.1".to_vec());

actix-http/src/body/body_stream.rs

@@ -47,9 +47,8 @@ where
 
     /// Attempts to pull out the next value of the underlying [`Stream`].
     ///
-    /// Empty values are skipped to prevent [`BodyStream`]'s transmission being
-    /// ended on a zero-length chunk, but rather proceed until the underlying
-    /// [`Stream`] ends.
+    /// Empty values are skipped to prevent [`BodyStream`]'s transmission being ended on a
+    /// zero-length chunk, but rather proceed until the underlying [`Stream`] ends.
     fn poll_next(
         mut self: Pin<&mut Self>,
         cx: &mut Context<'_>,
@@ -80,7 +79,7 @@ mod tests {
     use futures_core::ready;
     use futures_util::{stream, FutureExt as _};
     use pin_project_lite::pin_project;
-    use static_assertions::{assert_impl_all, assert_not_impl_all};
+    use static_assertions::{assert_impl_all, assert_not_impl_any};
 
     use super::*;
     use crate::body::to_bytes;
@@ -91,10 +90,10 @@ mod tests {
     assert_impl_all!(BodyStream<stream::Empty<Result<Bytes, Infallible>>>: MessageBody);
     assert_impl_all!(BodyStream<stream::Repeat<Result<Bytes, Infallible>>>: MessageBody);
 
-    assert_not_impl_all!(BodyStream<stream::Empty<Bytes>>: MessageBody);
-    assert_not_impl_all!(BodyStream<stream::Repeat<Bytes>>: MessageBody);
+    assert_not_impl_any!(BodyStream<stream::Empty<Bytes>>: MessageBody);
+    assert_not_impl_any!(BodyStream<stream::Repeat<Bytes>>: MessageBody);
     // crate::Error is not Clone
-    assert_not_impl_all!(BodyStream<stream::Repeat<Result<Bytes, crate::Error>>>: MessageBody);
+    assert_not_impl_any!(BodyStream<stream::Repeat<Result<Bytes, crate::Error>>>: MessageBody);
 
     #[actix_rt::test]
     async fn skips_empty_chunks() {
@@ -132,7 +131,7 @@ mod tests {
         assert_eq!(to_bytes(body).await.ok(), Some(Bytes::from("12")));
     }
     #[derive(Debug, Display, Error)]
-    #[display(fmt = "stream error")]
+    #[display("stream error")]
     struct StreamErr;
 
     #[actix_rt::test]

actix-http/src/body/boxed.rs

@@ -77,12 +77,8 @@ impl MessageBody for BoxBody {
         cx: &mut Context<'_>,
     ) -> Poll<Option<Result<Bytes, Self::Error>>> {
         match &mut self.0 {
-            BoxBodyInner::None(body) => {
-                Pin::new(body).poll_next(cx).map_err(|err| match err {})
-            }
-            BoxBodyInner::Bytes(body) => {
-                Pin::new(body).poll_next(cx).map_err(|err| match err {})
-            }
+            BoxBodyInner::None(body) => Pin::new(body).poll_next(cx).map_err(|err| match err {}),
+            BoxBodyInner::Bytes(body) => Pin::new(body).poll_next(cx).map_err(|err| match err {}),
             BoxBodyInner::Stream(body) => Pin::new(body).poll_next(cx),
         }
     }
@@ -104,15 +100,13 @@ impl MessageBody for BoxBody {
 
 #[cfg(test)]
 mod tests {
-
-    use static_assertions::{assert_impl_all, assert_not_impl_all};
+    use static_assertions::{assert_impl_all, assert_not_impl_any};
 
     use super::*;
     use crate::body::to_bytes;
 
-    assert_impl_all!(BoxBody: MessageBody, fmt::Debug, Unpin);
-
-    assert_not_impl_all!(BoxBody: Send, Sync, Unpin);
+    assert_impl_all!(BoxBody: fmt::Debug, MessageBody, Unpin);
+    assert_not_impl_any!(BoxBody: Send, Sync);
 
     #[actix_rt::test]
     async fn nested_boxed_body() {

actix-http/src/body/either.rs

@@ -10,6 +10,17 @@ use super::{BodySize, BoxBody, MessageBody};
 use crate::Error;
 
 pin_project! {
+    /// An "either" type specialized for body types.
+    ///
+    /// It is common, in middleware especially, to conditionally return an inner service's unknown/
+    /// generic body `B` type or return early with a new response. This type's "right" variant
+    /// defaults to `BoxBody` since error responses are the common case.
+    ///
+    /// For example, middleware will often have `type Response = ServiceResponse<EitherBody<B>>`.
+    /// This means that the inner service's response body type maps to the `Left` variant and the
+    /// middleware's own error responses use the default `Right` variant of `BoxBody`. Of course,
+    /// there's no reason it couldn't use `EitherBody<B, String>` instead if its alternative
+    /// responses have a known type.
     #[project = EitherBodyProj]
     #[derive(Debug, Clone)]
     pub enum EitherBody<L, R = BoxBody> {
@@ -22,7 +33,10 @@ pin_project! {
 }
 
 impl<L> EitherBody<L, BoxBody> {
-    /// Creates new `EitherBody` using left variant and boxed right variant.
+    /// Creates new `EitherBody` left variant with a boxed right variant.
+    ///
+    /// If the expected `R` type will be inferred and is not `BoxBody` then use the
+    /// [`left`](Self::left) constructor instead.
     #[inline]
     pub fn new(body: L) -> Self {
         Self::Left { body }

actix-http/src/body/message_body.rs

@@ -19,7 +19,7 @@ use super::{BodySize, BoxBody};
 /// It is not usually necessary to create custom body types, this trait is already [implemented for
 /// a large number of sensible body types](#foreign-impls) including:
 /// - Empty body: `()`
-/// - Text-based: `String`, `&'static str`, `ByteString`.
+/// - Text-based: `String`, `&'static str`, [`ByteString`](https://docs.rs/bytestring/1).
 /// - Byte-based: `Bytes`, `BytesMut`, `Vec<u8>`, `&'static [u8]`;
 /// - Streams: [`BodyStream`](super::BodyStream), [`SizedStream`](super::SizedStream)
 ///
@@ -120,8 +120,28 @@ pub trait MessageBody {
 }
 
 mod foreign_impls {
+    use std::{borrow::Cow, ops::DerefMut};
+
     use super::*;
 
+    impl<B> MessageBody for &mut B
+    where
+        B: MessageBody + Unpin + ?Sized,
+    {
+        type Error = B::Error;
+
+        fn size(&self) -> BodySize {
+            (**self).size()
+        }
+
+        fn poll_next(
+            mut self: Pin<&mut Self>,
+            cx: &mut Context<'_>,
+        ) -> Poll<Option<Result<Bytes, Self::Error>>> {
+            Pin::new(&mut **self).poll_next(cx)
+        }
+    }
+
     impl MessageBody for Infallible {
         type Error = Infallible;
 
@@ -179,8 +199,9 @@ mod foreign_impls {
         }
     }
 
-    impl<B> MessageBody for Pin<Box<B>>
+    impl<T, B> MessageBody for Pin<T>
     where
+        T: DerefMut<Target = B> + Unpin,
         B: MessageBody + ?Sized,
     {
         type Error = B::Error;
@@ -303,6 +324,39 @@ mod foreign_impls {
         }
     }
 
+    impl MessageBody for Cow<'static, [u8]> {
+        type Error = Infallible;
+
+        #[inline]
+        fn size(&self) -> BodySize {
+            BodySize::Sized(self.len() as u64)
+        }
+
+        #[inline]
+        fn poll_next(
+            self: Pin<&mut Self>,
+            _cx: &mut Context<'_>,
+        ) -> Poll<Option<Result<Bytes, Self::Error>>> {
+            if self.is_empty() {
+                Poll::Ready(None)
+            } else {
+                let bytes = match mem::take(self.get_mut()) {
+                    Cow::Borrowed(b) => Bytes::from_static(b),
+                    Cow::Owned(b) => Bytes::from(b),
+                };
+                Poll::Ready(Some(Ok(bytes)))
+            }
+        }
+
+        #[inline]
+        fn try_into_bytes(self) -> Result<Bytes, Self> {
+            match self {
+                Cow::Borrowed(b) => Ok(Bytes::from_static(b)),
+                Cow::Owned(b) => Ok(Bytes::from(b)),
+            }
+        }
+    }
+
     impl MessageBody for &'static str {
         type Error = Infallible;
 
@@ -358,6 +412,39 @@ mod foreign_impls {
         }
     }
 
+    impl MessageBody for Cow<'static, str> {
+        type Error = Infallible;
+
+        #[inline]
+        fn size(&self) -> BodySize {
+            BodySize::Sized(self.len() as u64)
+        }
+
+        #[inline]
+        fn poll_next(
+            self: Pin<&mut Self>,
+            _cx: &mut Context<'_>,
+        ) -> Poll<Option<Result<Bytes, Self::Error>>> {
+            if self.is_empty() {
+                Poll::Ready(None)
+            } else {
+                let bytes = match mem::take(self.get_mut()) {
+                    Cow::Borrowed(s) => Bytes::from_static(s.as_bytes()),
+                    Cow::Owned(s) => Bytes::from(s.into_bytes()),
+                };
+                Poll::Ready(Some(Ok(bytes)))
+            }
+        }
+
+        #[inline]
+        fn try_into_bytes(self) -> Result<Bytes, Self> {
+            match self {
+                Cow::Borrowed(s) => Ok(Bytes::from_static(s.as_bytes())),
+                Cow::Owned(s) => Ok(Bytes::from(s.into_bytes())),
+            }
+        }
+    }
+
     impl MessageBody for bytestring::ByteString {
         type Error = Infallible;
 
@@ -444,7 +531,7 @@ where
 mod tests {
     use actix_rt::pin;
     use actix_utils::future::poll_fn;
-    use bytes::{Bytes, BytesMut};
+    use futures_util::stream;
 
     use super::*;
     use crate::body::{self, EitherBody};
@@ -467,6 +554,7 @@ mod tests {
         };
     }
 
+    #[allow(unused_allocation)] // triggered by `Box::new(()).size()`
     #[actix_rt::test]
     async fn boxing_equivalence() {
         assert_eq!(().size(), BodySize::Sized(0));
@@ -481,6 +569,35 @@ mod tests {
         assert_poll_next_none!(pl);
     }
 
+    #[actix_rt::test]
+    async fn mut_equivalence() {
+        assert_eq!(().size(), BodySize::Sized(0));
+        assert_eq!(().size(), (&(&mut ())).size());
+
+        let pl = &mut ();
+        pin!(pl);
+        assert_poll_next_none!(pl);
+
+        let pl = &mut Box::new(());
+        pin!(pl);
+        assert_poll_next_none!(pl);
+
+        let mut body = body::SizedStream::new(
+            8,
+            stream::iter([
+                Ok::<_, std::io::Error>(Bytes::from("1234")),
+                Ok(Bytes::from("5678")),
+            ]),
+        );
+        let body = &mut body;
+        assert_eq!(body.size(), BodySize::Sized(8));
+        pin!(body);
+        assert_poll_next!(body, Bytes::from_static(b"1234"));
+        assert_poll_next!(body, Bytes::from_static(b"5678"));
+        assert_poll_next_none!(body);
+    }
+
+    #[allow(clippy::let_unit_value)]
     #[actix_rt::test]
     async fn test_unit() {
         let pl = ();
@@ -606,4 +723,18 @@ mod tests {
         let not_body = resp_body.downcast_ref::<()>();
         assert!(not_body.is_none());
     }
+
+    #[actix_rt::test]
+    async fn non_owning_to_bytes() {
+        let mut body = BoxBody::new(());
+        let bytes = body::to_bytes(&mut body).await.unwrap();
+        assert_eq!(bytes, Bytes::new());
+
+        let mut body = body::BodyStream::new(stream::iter([
+            Ok::<_, std::io::Error>(Bytes::from("1234")),
+            Ok(Bytes::from("5678")),
+        ]));
+        let bytes = body::to_bytes(&mut body).await.unwrap();
+        assert_eq!(bytes, Bytes::from_static(b"12345678"));
+    }
 }

actix-http/src/body/mod.rs

@@ -14,12 +14,14 @@ mod size;
 mod sized_stream;
 mod utils;
 
-pub use self::body_stream::BodyStream;
-pub use self::boxed::BoxBody;
-pub use self::either::EitherBody;
-pub use self::message_body::MessageBody;
 pub(crate) use self::message_body::MessageBodyMapErr;
-pub use self::none::None;
-pub use self::size::BodySize;
-pub use self::sized_stream::SizedStream;
-pub use self::utils::to_bytes;
+pub use self::{
+    body_stream::BodyStream,
+    boxed::BoxBody,
+    either::EitherBody,
+    message_body::MessageBody,
+    none::None,
+    size::BodySize,
+    sized_stream::SizedStream,
+    utils::{to_bytes, to_bytes_limited, BodyLimitExceeded},
+};

actix-http/src/body/sized_stream.rs

@@ -44,7 +44,7 @@ where
 
     #[inline]
     fn size(&self) -> BodySize {
-        BodySize::Sized(self.size as u64)
+        BodySize::Sized(self.size)
     }
 
     /// Attempts to pull out the next value of the underlying [`Stream`].
@@ -76,7 +76,7 @@ mod tests {
     use actix_rt::pin;
     use actix_utils::future::poll_fn;
     use futures_util::stream;
-    use static_assertions::{assert_impl_all, assert_not_impl_all};
+    use static_assertions::{assert_impl_all, assert_not_impl_any};
 
     use super::*;
     use crate::body::to_bytes;
@@ -87,10 +87,10 @@ mod tests {
     assert_impl_all!(SizedStream<stream::Empty<Result<Bytes, Infallible>>>: MessageBody);
     assert_impl_all!(SizedStream<stream::Repeat<Result<Bytes, Infallible>>>: MessageBody);
 
-    assert_not_impl_all!(SizedStream<stream::Empty<Bytes>>: MessageBody);
-    assert_not_impl_all!(SizedStream<stream::Repeat<Bytes>>: MessageBody);
+    assert_not_impl_any!(SizedStream<stream::Empty<Bytes>>: MessageBody);
+    assert_not_impl_any!(SizedStream<stream::Repeat<Bytes>>: MessageBody);
     // crate::Error is not Clone
-    assert_not_impl_all!(SizedStream<stream::Repeat<Result<Bytes, crate::Error>>>: MessageBody);
+    assert_not_impl_any!(SizedStream<stream::Repeat<Result<Bytes, crate::Error>>>: MessageBody);
 
     #[actix_rt::test]
     async fn skips_empty_chunks() {

actix-http/src/body/utils.rs

@@ -3,75 +3,196 @@ use std::task::Poll;
 use actix_rt::pin;
 use actix_utils::future::poll_fn;
 use bytes::{Bytes, BytesMut};
+use derive_more::{Display, Error};
 use futures_core::ready;
 
 use super::{BodySize, MessageBody};
 
-/// Collects the body produced by a `MessageBody` implementation into `Bytes`.
+/// Collects all the bytes produced by `body`.
 ///
 /// Any errors produced by the body stream are returned immediately.
 ///
+/// Consider using [`to_bytes_limited`] instead to protect against memory exhaustion.
+///
 /// # Examples
+///
 /// ```
 /// use actix_http::body::{self, to_bytes};
 /// use bytes::Bytes;
 ///
-/// # async fn test_to_bytes() {
+/// # actix_rt::System::new().block_on(async {
 /// let body = body::None::new();
 /// let bytes = to_bytes(body).await.unwrap();
 /// assert!(bytes.is_empty());
 ///
 /// let body = Bytes::from_static(b"123");
 /// let bytes = to_bytes(body).await.unwrap();
-/// assert_eq!(bytes, b"123"[..]);
-/// # }
+/// assert_eq!(bytes, "123");
+/// # });
 /// ```
 pub async fn to_bytes<B: MessageBody>(body: B) -> Result<Bytes, B::Error> {
+    to_bytes_limited(body, usize::MAX)
+        .await
+        .expect("body should never yield more than usize::MAX bytes")
+}
+
+/// Error type returned from [`to_bytes_limited`] when body produced exceeds limit.
+#[derive(Debug, Display, Error)]
+#[display("limit exceeded while collecting body bytes")]
+#[non_exhaustive]
+pub struct BodyLimitExceeded;
+
+/// Collects the bytes produced by `body`, up to `limit` bytes.
+///
+/// If a chunk read from `poll_next` causes the total number of bytes read to exceed `limit`, an
+/// `Err(BodyLimitExceeded)` is returned.
+///
+/// Any errors produced by the body stream are returned immediately as `Ok(Err(B::Error))`.
+///
+/// # Examples
+///
+/// ```
+/// use actix_http::body::{self, to_bytes_limited};
+/// use bytes::Bytes;
+///
+/// # actix_rt::System::new().block_on(async {
+/// let body = body::None::new();
+/// let bytes = to_bytes_limited(body, 10).await.unwrap().unwrap();
+/// assert!(bytes.is_empty());
+///
+/// let body = Bytes::from_static(b"123");
+/// let bytes = to_bytes_limited(body, 10).await.unwrap().unwrap();
+/// assert_eq!(bytes, "123");
+///
+/// let body = Bytes::from_static(b"123");
+/// assert!(to_bytes_limited(body, 2).await.is_err());
+/// # });
+/// ```
+pub async fn to_bytes_limited<B: MessageBody>(
+    body: B,
+    limit: usize,
+) -> Result<Result<Bytes, B::Error>, BodyLimitExceeded> {
+    /// Sensible default (32kB) for initial, bounded allocation when collecting body bytes.
+    const INITIAL_ALLOC_BYTES: usize = 32 * 1024;
+
     let cap = match body.size() {
-        BodySize::None | BodySize::Sized(0) => return Ok(Bytes::new()),
-        BodySize::Sized(size) => size as usize,
-        // good enough first guess for chunk size
-        BodySize::Stream => 32_768,
+        BodySize::None | BodySize::Sized(0) => return Ok(Ok(Bytes::new())),
+        BodySize::Sized(size) if size as usize > limit => return Err(BodyLimitExceeded),
+        BodySize::Sized(size) => (size as usize).min(INITIAL_ALLOC_BYTES),
+        BodySize::Stream => INITIAL_ALLOC_BYTES,
     };
 
+    let mut exceeded_limit = false;
     let mut buf = BytesMut::with_capacity(cap);
 
     pin!(body);
 
-    poll_fn(|cx| loop {
+    match poll_fn(|cx| loop {
         let body = body.as_mut();
 
         match ready!(body.poll_next(cx)) {
-            Some(Ok(bytes)) => buf.extend_from_slice(&*bytes),
+            Some(Ok(bytes)) => {
+                // if limit is exceeded...
+                if buf.len() + bytes.len() > limit {
+                    // ...set flag to true and break out of poll_fn
+                    exceeded_limit = true;
+                    return Poll::Ready(Ok(()));
+                }
+
+                buf.extend_from_slice(&bytes)
+            }
             None => return Poll::Ready(Ok(())),
             Some(Err(err)) => return Poll::Ready(Err(err)),
         }
     })
-    .await?;
+    .await
+    {
+        // propagate error returned from body poll
+        Err(err) => Ok(Err(err)),
 
-    Ok(buf.freeze())
+        // limit was exceeded while reading body
+        Ok(()) if exceeded_limit => Err(BodyLimitExceeded),
+
+        // otherwise return body buffer
+        Ok(()) => Ok(Ok(buf.freeze())),
+    }
 }
 
 #[cfg(test)]
-mod test {
+mod tests {
+    use std::io;
+
     use futures_util::{stream, StreamExt as _};
 
     use super::*;
-    use crate::{body::BodyStream, Error};
+    use crate::{
+        body::{BodyStream, SizedStream},
+        Error,
+    };
 
     #[actix_rt::test]
-    async fn test_to_bytes() {
+    async fn to_bytes_complete() {
         let bytes = to_bytes(()).await.unwrap();
         assert!(bytes.is_empty());
 
         let body = Bytes::from_static(b"123");
         let bytes = to_bytes(body).await.unwrap();
         assert_eq!(bytes, b"123"[..]);
+    }
 
+    #[actix_rt::test]
+    async fn to_bytes_streams() {
         let stream = stream::iter(vec![Bytes::from_static(b"123"), Bytes::from_static(b"abc")])
             .map(Ok::<_, Error>);
         let body = BodyStream::new(stream);
         let bytes = to_bytes(body).await.unwrap();
         assert_eq!(bytes, b"123abc"[..]);
     }
+
+    #[actix_rt::test]
+    async fn to_bytes_limited_complete() {
+        let bytes = to_bytes_limited((), 0).await.unwrap().unwrap();
+        assert!(bytes.is_empty());
+
+        let bytes = to_bytes_limited((), 1).await.unwrap().unwrap();
+        assert!(bytes.is_empty());
+
+        assert!(to_bytes_limited(Bytes::from_static(b"12"), 0)
+            .await
+            .is_err());
+        assert!(to_bytes_limited(Bytes::from_static(b"12"), 1)
+            .await
+            .is_err());
+        assert!(to_bytes_limited(Bytes::from_static(b"12"), 2).await.is_ok());
+        assert!(to_bytes_limited(Bytes::from_static(b"12"), 3).await.is_ok());
+    }
+
+    #[actix_rt::test]
+    async fn to_bytes_limited_streams() {
+        // hinting a larger body fails
+        let body = SizedStream::new(8, stream::empty().map(Ok::<_, Error>));
+        assert!(to_bytes_limited(body, 3).await.is_err());
+
+        // hinting a smaller body is okay
+        let body = SizedStream::new(3, stream::empty().map(Ok::<_, Error>));
+        assert!(to_bytes_limited(body, 3).await.unwrap().unwrap().is_empty());
+
+        // hinting a smaller body then returning a larger one fails
+        let stream = stream::iter(vec![Bytes::from_static(b"1234")]).map(Ok::<_, Error>);
+        let body = SizedStream::new(3, stream);
+        assert!(to_bytes_limited(body, 3).await.is_err());
+
+        let stream = stream::iter(vec![Bytes::from_static(b"123"), Bytes::from_static(b"abc")])
+            .map(Ok::<_, Error>);
+        let body = BodyStream::new(stream);
+        assert!(to_bytes_limited(body, 3).await.is_err());
+    }
+
+    #[actix_rt::test]
+    async fn to_body_limit_error() {
+        let err_stream = stream::once(async { Err(io::Error::other("")) });
+        let body = SizedStream::new(8, err_stream);
+        // not too big, but propagates error from body stream
+        assert!(to_bytes_limited(body, 10).await.unwrap().is_err());
+    }
 }

actix-http/src/builder.rs

@@ -186,7 +186,7 @@ where
         self
     }
 
-    /// Finish service configuration and create a HTTP Service for HTTP/1 protocol.
+    /// Finish service configuration and create a service for the HTTP/1 protocol.
     pub fn h1<F, B>(self, service: F) -> H1Service<T, S, B, X, U>
     where
         B: MessageBody,
@@ -209,7 +209,7 @@ where
             .on_connect_ext(self.on_connect_ext)
     }
 
-    /// Finish service configuration and create a HTTP service for HTTP/2 protocol.
+    /// Finish service configuration and create a service for the HTTP/2 protocol.
     #[cfg(feature = "http2")]
     pub fn h2<F, B>(self, service: F) -> crate::h2::H2Service<T, S, B>
     where

actix-http/src/config.rs

@@ -35,7 +35,7 @@ impl Default for ServiceConfig {
 }
 
 impl ServiceConfig {
-    /// Create instance of `ServiceConfig`
+    /// Create instance of `ServiceConfig`.
     pub fn new(
         keep_alive: KeepAlive,
         client_request_timeout: Duration,
@@ -104,8 +104,13 @@ impl ServiceConfig {
         self.0.date_service.now()
     }
 
-    pub(crate) fn write_date_header(&self, dst: &mut BytesMut, camel_case: bool) {
-        let mut buf: [u8; 39] = [0; 39];
+    /// Writes date header to `dst` buffer.
+    ///
+    /// Low-level method that utilizes the built-in efficient date service, requiring fewer syscalls
+    /// than normal. Note that a CRLF (`\r\n`) is included in what is written.
+    #[doc(hidden)]
+    pub fn write_date_header(&self, dst: &mut BytesMut, camel_case: bool) {
+        let mut buf: [u8; 37] = [0; 37];
 
         buf[..6].copy_from_slice(if camel_case { b"Date: " } else { b"date: " });
 
@@ -113,7 +118,7 @@ impl ServiceConfig {
             .date_service
             .with_date(|date| buf[6..35].copy_from_slice(&date.bytes));
 
-        buf[35..].copy_from_slice(b"\r\n\r\n");
+        buf[35..].copy_from_slice(b"\r\n");
         dst.extend_from_slice(&buf);
     }
 
@@ -127,15 +132,15 @@ impl ServiceConfig {
 
 #[cfg(test)]
 mod tests {
-    use super::*;
-    use crate::{date::DATE_VALUE_LENGTH, notify_on_drop};
-
     use actix_rt::{
         task::yield_now,
         time::{sleep, sleep_until},
     };
     use memchr::memmem;
 
+    use super::*;
+    use crate::{date::DATE_VALUE_LENGTH, notify_on_drop};
+
     #[actix_rt::test]
     async fn test_date_service_update() {
         let settings =

actix-http/src/date.rs

@@ -28,7 +28,7 @@ impl Date {
 
     fn update(&mut self) {
         self.pos = 0;
-        write!(self, "{}", httpdate::fmt_http_date(SystemTime::now())).unwrap();
+        write!(self, "{}", httpdate::HttpDate::from(SystemTime::now())).unwrap();
     }
 }
 

actix-http/src/encoding/decoder.rs

@@ -9,17 +9,15 @@ use std::{
 
 use actix_rt::task::{spawn_blocking, JoinHandle};
 use bytes::Bytes;
-use futures_core::{ready, Stream};
-
 #[cfg(feature = "compress-gzip")]
 use flate2::write::{GzDecoder, ZlibDecoder};
-
+use futures_core::{ready, Stream};
 #[cfg(feature = "compress-zstd")]
 use zstd::stream::write::Decoder as ZstdDecoder;
 
 use crate::{
     encoding::Writer,
-    error::{BlockingError, PayloadError},
+    error::PayloadError,
     header::{ContentEncoding, HeaderMap, CONTENT_ENCODING},
 };
 
@@ -47,14 +45,17 @@ where
             ContentEncoding::Brotli => Some(ContentDecoder::Brotli(Box::new(
                 brotli::DecompressorWriter::new(Writer::new(), 8_096),
             ))),
+
             #[cfg(feature = "compress-gzip")]
-            ContentEncoding::Deflate => Some(ContentDecoder::Deflate(Box::new(
-                ZlibDecoder::new(Writer::new()),
-            ))),
+            ContentEncoding::Deflate => Some(ContentDecoder::Deflate(Box::new(ZlibDecoder::new(
+                Writer::new(),
+            )))),
+
             #[cfg(feature = "compress-gzip")]
             ContentEncoding::Gzip => Some(ContentDecoder::Gzip(Box::new(GzDecoder::new(
                 Writer::new(),
             )))),
+
             #[cfg(feature = "compress-zstd")]
             ContentEncoding::Zstd => Some(ContentDecoder::Zstd(Box::new(
                 ZstdDecoder::new(Writer::new()).expect(
@@ -98,8 +99,9 @@ where
 
         loop {
             if let Some(ref mut fut) = this.fut {
-                let (chunk, decoder) =
-                    ready!(Pin::new(fut).poll(cx)).map_err(|_| BlockingError)??;
+                let (chunk, decoder) = ready!(Pin::new(fut).poll(cx)).map_err(|_| {
+                    PayloadError::Io(io::Error::other("Blocking task was cancelled unexpectedly"))
+                })??;
 
                 *this.decoder = Some(decoder);
                 this.fut.take();
@@ -159,10 +161,13 @@ where
 enum ContentDecoder {
     #[cfg(feature = "compress-gzip")]
     Deflate(Box<ZlibDecoder<Writer>>),
+
     #[cfg(feature = "compress-gzip")]
     Gzip(Box<GzDecoder<Writer>>),
+
     #[cfg(feature = "compress-brotli")]
     Brotli(Box<brotli::DecompressorWriter<Writer>>),
+
     // We need explicit 'static lifetime here because ZstdDecoder need lifetime
     // argument, and we use `spawn_blocking` in `Decoder::poll_next` that require `FnOnce() -> R + Send + 'static`
     #[cfg(feature = "compress-zstd")]
@@ -183,7 +188,7 @@ impl ContentDecoder {
                         Ok(None)
                     }
                 }
-                Err(e) => Err(e),
+                Err(err) => Err(err),
             },
 
             #[cfg(feature = "compress-gzip")]
@@ -197,7 +202,7 @@ impl ContentDecoder {
                         Ok(None)
                     }
                 }
-                Err(e) => Err(e),
+                Err(err) => Err(err),
             },
 
             #[cfg(feature = "compress-gzip")]
@@ -210,7 +215,7 @@ impl ContentDecoder {
                         Ok(None)
                     }
                 }
-                Err(e) => Err(e),
+                Err(err) => Err(err),
             },
 
             #[cfg(feature = "compress-zstd")]
@@ -223,7 +228,7 @@ impl ContentDecoder {
                         Ok(None)
                     }
                 }
-                Err(e) => Err(e),
+                Err(err) => Err(err),
             },
         }
     }
@@ -242,7 +247,7 @@ impl ContentDecoder {
                         Ok(None)
                     }
                 }
-                Err(e) => Err(e),
+                Err(err) => Err(err),
             },
 
             #[cfg(feature = "compress-gzip")]
@@ -257,7 +262,7 @@ impl ContentDecoder {
                         Ok(None)
                     }
                 }
-                Err(e) => Err(e),
+                Err(err) => Err(err),
             },
 
             #[cfg(feature = "compress-gzip")]
@@ -272,7 +277,7 @@ impl ContentDecoder {
                         Ok(None)
                     }
                 }
-                Err(e) => Err(e),
+                Err(err) => Err(err),
             },
 
             #[cfg(feature = "compress-zstd")]
@@ -287,7 +292,7 @@ impl ContentDecoder {
                         Ok(None)
                     }
                 }
-                Err(e) => Err(e),
+                Err(err) => Err(err),
             },
         }
     }

actix-http/src/encoding/encoder.rs

@@ -11,19 +11,17 @@ use std::{
 use actix_rt::task::{spawn_blocking, JoinHandle};
 use bytes::Bytes;
 use derive_more::Display;
-use futures_core::ready;
-use pin_project_lite::pin_project;
-
 #[cfg(feature = "compress-gzip")]
 use flate2::write::{GzEncoder, ZlibEncoder};
-
+use futures_core::ready;
+use pin_project_lite::pin_project;
+use tracing::trace;
 #[cfg(feature = "compress-zstd")]
 use zstd::stream::write::Encoder as ZstdEncoder;
 
 use super::Writer;
 use crate::{
     body::{self, BodySize, MessageBody},
-    error::BlockingError,
     header::{self, ContentEncoding, HeaderValue, CONTENT_ENCODING},
     ResponseHead, StatusCode,
 };
@@ -52,10 +50,21 @@ impl<B: MessageBody> Encoder<B> {
         }
     }
 
+    fn empty() -> Self {
+        Encoder {
+            body: EncoderBody::Full { body: Bytes::new() },
+            encoder: None,
+            fut: None,
+            eof: true,
+        }
+    }
+
     pub fn response(encoding: ContentEncoding, head: &mut ResponseHead, body: B) -> Self {
-        // no need to compress an empty body
-        if matches!(body.size(), BodySize::None) {
-            return Self::none();
+        // no need to compress empty bodies
+        match body.size() {
+            BodySize::None => return Self::none(),
+            BodySize::Sized(0) => return Self::empty(),
+            _ => {}
         }
 
         let should_encode = !(head.headers().contains_key(&CONTENT_ENCODING)
@@ -173,7 +182,11 @@ where
 
             if let Some(ref mut fut) = this.fut {
                 let mut encoder = ready!(Pin::new(fut).poll(cx))
-                    .map_err(|_| EncoderError::Blocking(BlockingError))?
+                    .map_err(|_| {
+                        EncoderError::Io(io::Error::other(
+                            "Blocking task was cancelled unexpectedly",
+                        ))
+                    })?
                     .map_err(EncoderError::Io)?;
 
                 let chunk = encoder.take();
@@ -252,7 +265,7 @@ fn update_head(encoding: ContentEncoding, head: &mut ResponseHead) {
     head.headers_mut()
         .insert(header::CONTENT_ENCODING, encoding.to_header_value());
     head.headers_mut()
-        .insert(header::VARY, HeaderValue::from_static("accept-encoding"));
+        .append(header::VARY, HeaderValue::from_static("accept-encoding"));
 
     head.no_chunking(false);
 }
@@ -352,7 +365,7 @@ impl ContentEncoder {
             ContentEncoder::Brotli(ref mut encoder) => match encoder.write_all(data) {
                 Ok(_) => Ok(()),
                 Err(err) => {
-                    log::trace!("Error decoding br encoding: {}", err);
+                    trace!("Error decoding br encoding: {}", err);
                     Err(err)
                 }
             },
@@ -361,7 +374,7 @@ impl ContentEncoder {
             ContentEncoder::Gzip(ref mut encoder) => match encoder.write_all(data) {
                 Ok(_) => Ok(()),
                 Err(err) => {
-                    log::trace!("Error decoding gzip encoding: {}", err);
+                    trace!("Error decoding gzip encoding: {}", err);
                     Err(err)
                 }
             },
@@ -370,7 +383,7 @@ impl ContentEncoder {
             ContentEncoder::Deflate(ref mut encoder) => match encoder.write_all(data) {
                 Ok(_) => Ok(()),
                 Err(err) => {
-                    log::trace!("Error decoding deflate encoding: {}", err);
+                    trace!("Error decoding deflate encoding: {}", err);
                     Err(err)
                 }
             },
@@ -379,7 +392,7 @@ impl ContentEncoder {
             ContentEncoder::Zstd(ref mut encoder) => match encoder.write_all(data) {
                 Ok(_) => Ok(()),
                 Err(err) => {
-                    log::trace!("Error decoding ztsd encoding: {}", err);
+                    trace!("Error decoding ztsd encoding: {}", err);
                     Err(err)
                 }
             },
@@ -400,13 +413,12 @@ fn new_brotli_compressor() -> Box<brotli::CompressorWriter<Writer>> {
 #[derive(Debug, Display)]
 #[non_exhaustive]
 pub enum EncoderError {
-    #[display(fmt = "body")]
+    /// Wrapped body stream error.
+    #[display("body")]
     Body(Box<dyn StdError>),
 
-    #[display(fmt = "blocking")]
-    Blocking(BlockingError),
-
-    #[display(fmt = "io")]
+    /// Generic I/O error.
+    #[display("io")]
     Io(io::Error),
 }
 
@@ -414,7 +426,6 @@ impl StdError for EncoderError {
     fn source(&self) -> Option<&(dyn StdError + 'static)> {
         match self {
             EncoderError::Body(err) => Some(&**err),
-            EncoderError::Blocking(err) => Some(err),
             EncoderError::Io(err) => Some(err),
         }
     }

actix-http/src/encoding/mod.rs

@@ -7,13 +7,12 @@ use bytes::{Bytes, BytesMut};
 mod decoder;
 mod encoder;
 
-pub use self::decoder::Decoder;
-pub use self::encoder::Encoder;
+pub use self::{decoder::Decoder, encoder::Encoder};
 
 /// Special-purpose writer for streaming (de-)compression.
 ///
 /// Pre-allocates 8KiB of capacity.
-pub(self) struct Writer {
+struct Writer {
     buf: BytesMut,
 }
 

actix-http/src/error.rs

@@ -3,12 +3,11 @@
 use std::{error::Error as StdError, fmt, io, str::Utf8Error, string::FromUtf8Error};
 
 use derive_more::{Display, Error, From};
+pub use http::{status::InvalidStatusCode, Error as HttpError};
 use http::{uri::InvalidUri, StatusCode};
 
 use crate::{body::BoxBody, Response};
 
-pub use http::Error as HttpError;
-
 pub struct Error {
     inner: Box<ErrorInner>,
 }
@@ -51,7 +50,7 @@ impl Error {
         Self::new(Kind::SendResponse)
     }
 
-    #[allow(unused)] // reserved for future use (TODO: remove allow when being used)
+    #[allow(unused)] // available for future use
     pub(crate) fn new_io() -> Self {
         Self::new(Kind::Io)
     }
@@ -81,35 +80,37 @@ impl From<Error> for Response<BoxBody> {
 
 #[derive(Debug, Clone, Copy, PartialEq, Eq, Display)]
 pub(crate) enum Kind {
-    #[display(fmt = "error processing HTTP")]
+    #[display("error processing HTTP")]
     Http,
 
-    #[display(fmt = "error parsing HTTP message")]
+    #[display("error parsing HTTP message")]
     Parse,
 
-    #[display(fmt = "request payload read error")]
+    #[display("request payload read error")]
     Payload,
 
-    #[display(fmt = "response body write error")]
+    #[display("response body write error")]
     Body,
 
-    #[display(fmt = "send response error")]
+    #[display("send response error")]
     SendResponse,
 
-    #[display(fmt = "error in WebSocket process")]
+    #[display("error in WebSocket process")]
     Ws,
 
-    #[display(fmt = "connection error")]
+    #[display("connection error")]
     Io,
 
-    #[display(fmt = "encoder error")]
+    #[display("encoder error")]
     Encoder,
 }
 
 impl fmt::Debug for Error {
     fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
-        // TODO: more detail
-        f.write_str("actix_http::Error")
+        f.debug_struct("actix_http::Error")
+            .field("kind", &self.inner.kind)
+            .field("cause", &self.inner.cause)
+            .finish()
     }
 }
 
@@ -159,44 +160,44 @@ impl From<crate::ws::ProtocolError> for Error {
 #[non_exhaustive]
 pub enum ParseError {
     /// An invalid `Method`, such as `GE.T`.
-    #[display(fmt = "Invalid Method specified")]
+    #[display("invalid method specified")]
     Method,
 
     /// An invalid `Uri`, such as `exam ple.domain`.
-    #[display(fmt = "Uri error: {}", _0)]
+    #[display("URI error: {}", _0)]
     Uri(InvalidUri),
 
     /// An invalid `HttpVersion`, such as `HTP/1.1`
-    #[display(fmt = "Invalid HTTP version specified")]
+    #[display("invalid HTTP version specified")]
     Version,
 
     /// An invalid `Header`.
-    #[display(fmt = "Invalid Header provided")]
+    #[display("invalid Header provided")]
     Header,
 
     /// A message head is too large to be reasonable.
-    #[display(fmt = "Message head is too large")]
+    #[display("message head is too large")]
     TooLarge,
 
     /// A message reached EOF, but is not complete.
-    #[display(fmt = "Message is incomplete")]
+    #[display("message is incomplete")]
     Incomplete,
 
     /// An invalid `Status`, such as `1337 ELITE`.
-    #[display(fmt = "Invalid Status provided")]
+    #[display("invalid status provided")]
     Status,
 
     /// A timeout occurred waiting for an IO event.
     #[allow(dead_code)]
-    #[display(fmt = "Timeout")]
+    #[display("timeout")]
     Timeout,
 
-    /// An `io::Error` that occurred while trying to read or write to a network stream.
-    #[display(fmt = "IO error: {}", _0)]
+    /// An I/O error that occurred while trying to read or write to a network stream.
+    #[display("I/O error: {}", _0)]
     Io(io::Error),
 
     /// Parsing a field as string failed.
-    #[display(fmt = "UTF8 error: {}", _0)]
+    #[display("UTF-8 error: {}", _0)]
     Utf8(Utf8Error),
 }
 
@@ -250,42 +251,33 @@ impl From<ParseError> for Response<BoxBody> {
     }
 }
 
-/// A set of errors that can occur running blocking tasks in thread pool.
-#[derive(Debug, Display, Error)]
-#[display(fmt = "Blocking thread pool is gone")]
-// TODO: non-exhaustive
-pub struct BlockingError;
-
 /// A set of errors that can occur during payload parsing.
 #[derive(Debug, Display)]
 #[non_exhaustive]
 pub enum PayloadError {
     /// A payload reached EOF, but is not complete.
-    #[display(
-        fmt = "A payload reached EOF, but is not complete. Inner error: {:?}",
-        _0
-    )]
+    #[display("payload reached EOF before completing: {:?}", _0)]
     Incomplete(Option<io::Error>),
 
     /// Content encoding stream corruption.
-    #[display(fmt = "Can not decode content-encoding.")]
+    #[display("can not decode content-encoding")]
     EncodingCorrupted,
 
     /// Payload reached size limit.
-    #[display(fmt = "Payload reached size limit.")]
+    #[display("payload reached size limit")]
     Overflow,
 
     /// Payload length is unknown.
-    #[display(fmt = "Payload length is unknown.")]
+    #[display("payload length is unknown")]
     UnknownLength,
 
     /// HTTP/2 payload error.
     #[cfg(feature = "http2")]
-    #[display(fmt = "{}", _0)]
+    #[display("{}", _0)]
     Http2Payload(::h2::Error),
 
     /// Generic I/O error.
-    #[display(fmt = "{}", _0)]
+    #[display("{}", _0)]
     Io(io::Error),
 }
 
@@ -293,13 +285,13 @@ impl std::error::Error for PayloadError {
     fn source(&self) -> Option<&(dyn std::error::Error + 'static)> {
         match self {
             PayloadError::Incomplete(None) => None,
-            PayloadError::Incomplete(Some(err)) => Some(err as &dyn std::error::Error),
+            PayloadError::Incomplete(Some(err)) => Some(err),
             PayloadError::EncodingCorrupted => None,
             PayloadError::Overflow => None,
             PayloadError::UnknownLength => None,
             #[cfg(feature = "http2")]
-            PayloadError::Http2Payload(err) => Some(err as &dyn std::error::Error),
-            PayloadError::Io(err) => Some(err as &dyn std::error::Error),
+            PayloadError::Http2Payload(err) => Some(err),
+            PayloadError::Io(err) => Some(err),
         }
     }
 }
@@ -323,15 +315,6 @@ impl From<io::Error> for PayloadError {
     }
 }
 
-impl From<BlockingError> for PayloadError {
-    fn from(_: BlockingError) -> Self {
-        PayloadError::Io(io::Error::new(
-            io::ErrorKind::Other,
-            "Operation is canceled",
-        ))
-    }
-}
-
 impl From<PayloadError> for Error {
     fn from(err: PayloadError) -> Self {
         Self::new_payload().with_cause(err)
@@ -340,48 +323,53 @@ impl From<PayloadError> for Error {
 
 /// A set of errors that can occur during dispatching HTTP requests.
 #[derive(Debug, Display, From)]
+#[non_exhaustive]
 pub enum DispatchError {
     /// Service error.
-    #[display(fmt = "Service Error")]
+    #[display("service error")]
     Service(Response<BoxBody>),
 
     /// Body streaming error.
-    #[display(fmt = "Body error: {}", _0)]
+    #[display("body error: {}", _0)]
     Body(Box<dyn StdError>),
 
     /// Upgrade service error.
+    #[display("upgrade error")]
     Upgrade,
 
     /// An `io::Error` that occurred while trying to read or write to a network stream.
-    #[display(fmt = "IO error: {}", _0)]
+    #[display("I/O error: {}", _0)]
     Io(io::Error),
 
     /// Request parse error.
-    #[display(fmt = "Request parse error: {}", _0)]
+    #[display("request parse error: {}", _0)]
     Parse(ParseError),
 
     /// HTTP/2 error.
-    #[display(fmt = "{}", _0)]
+    #[display("{}", _0)]
     #[cfg(feature = "http2")]
     H2(h2::Error),
 
     /// The first request did not complete within the specified timeout.
-    #[display(fmt = "The first request did not complete within the specified timeout")]
+    #[display("request did not complete within the specified timeout")]
     SlowRequestTimeout,
 
-    /// Disconnect timeout. Makes sense for ssl streams.
-    #[display(fmt = "Connection shutdown timeout")]
+    /// Disconnect timeout. Makes sense for TLS streams.
+    #[display("connection shutdown timeout")]
     DisconnectTimeout,
 
+    /// Handler dropped payload before reading EOF.
+    #[display("handler dropped payload before reading EOF")]
+    HandlerDroppedPayload,
+
     /// Internal error.
-    #[display(fmt = "Internal error")]
+    #[display("internal error")]
     InternalError,
 }
 
 impl StdError for DispatchError {
     fn source(&self) -> Option<&(dyn StdError + 'static)> {
         match self {
-            // TODO: error source extraction?
             DispatchError::Service(_res) => None,
             DispatchError::Body(err) => Some(&**err),
             DispatchError::Io(err) => Some(err),
@@ -397,23 +385,21 @@ impl StdError for DispatchError {
 
 /// A set of error that can occur during parsing content type.
 #[derive(Debug, Display, Error)]
-#[cfg_attr(test, derive(PartialEq))]
+#[cfg_attr(test, derive(PartialEq, Eq))]
 #[non_exhaustive]
 pub enum ContentTypeError {
-    /// Can not parse content type
-    #[display(fmt = "Can not parse content type")]
+    /// Can not parse content type.
+    #[display("could not parse content type")]
     ParseError,
 
-    /// Unknown content encoding
-    #[display(fmt = "Unknown content encoding")]
+    /// Unknown content encoding.
+    #[display("unknown content encoding")]
     UnknownEncoding,
 }
 
 #[cfg(test)]
 mod tests {
-    use std::io;
-
-    use http::{Error as HttpError, StatusCode};
+    use http::Error as HttpError;
 
     use super::*;
 
@@ -429,24 +415,24 @@ mod tests {
 
     #[test]
     fn test_as_response() {
-        let orig = io::Error::new(io::ErrorKind::Other, "other");
+        let orig = io::Error::other("other");
         let err: Error = ParseError::Io(orig).into();
         assert_eq!(
             format!("{}", err),
-            "error parsing HTTP message: IO error: other"
+            "error parsing HTTP message: I/O error: other"
         );
     }
 
     #[test]
     fn test_error_display() {
-        let orig = io::Error::new(io::ErrorKind::Other, "other");
+        let orig = io::Error::other("other");
         let err = Error::new_io().with_cause(orig);
         assert_eq!("connection error: other", err.to_string());
     }
 
     #[test]
     fn test_error_http_response() {
-        let orig = io::Error::new(io::ErrorKind::Other, "other");
+        let orig = io::Error::other("other");
         let err = Error::new_io().with_cause(orig);
         let resp: Response<BoxBody> = err.into();
         assert_eq!(resp.status(), StatusCode::INTERNAL_SERVER_ERROR);
@@ -454,13 +440,13 @@ mod tests {
 
     #[test]
     fn test_payload_error() {
-        let err: PayloadError = io::Error::new(io::ErrorKind::Other, "ParseError").into();
+        let err: PayloadError = io::Error::other("ParseError").into();
         assert!(err.to_string().contains("ParseError"));
 
         let err = PayloadError::Incomplete(None);
         assert_eq!(
             err.to_string(),
-            "A payload reached EOF, but is not complete. Inner error: None"
+            "payload reached EOF before completing: None"
         );
     }
 
@@ -480,7 +466,7 @@ mod tests {
             match ParseError::from($from) {
                 e @ $error => {
                     let desc = format!("{}", e);
-                    assert_eq!(desc, format!("IO error: {}", $from));
+                    assert_eq!(desc, format!("I/O error: {}", $from));
                 }
                 _ => unreachable!("{:?}", $from),
             }
@@ -489,7 +475,7 @@ mod tests {
 
     #[test]
     fn test_from() {
-        from_and_cause!(io::Error::new(io::ErrorKind::Other, "other") => ParseError::Io(..));
+        from_and_cause!(io::Error::other("other") => ParseError::Io(..));
         from!(httparse::Error::HeaderName => ParseError::Header);
         from!(httparse::Error::HeaderName => ParseError::Header);
         from!(httparse::Error::HeaderValue => ParseError::Header);

actix-http/src/extensions.rs

@@ -1,17 +1,38 @@
 use std::{
     any::{Any, TypeId},
+    collections::HashMap,
     fmt,
+    hash::{BuildHasherDefault, Hasher},
 };
 
-use ahash::AHashMap;
+/// A hasher for `TypeId`s that takes advantage of its known characteristics.
+///
+/// Author of `anymap` crate has done research on the topic:
+/// https://github.com/chris-morgan/anymap/blob/2e9a5704/src/lib.rs#L599
+#[derive(Debug, Default)]
+struct NoOpHasher(u64);
+
+impl Hasher for NoOpHasher {
+    fn write(&mut self, _bytes: &[u8]) {
+        unimplemented!("This NoOpHasher can only handle u64s")
+    }
+
+    fn write_u64(&mut self, i: u64) {
+        self.0 = i;
+    }
+
+    fn finish(&self) -> u64 {
+        self.0
+    }
+}
 
 /// A type map for request extensions.
 ///
 /// All entries into this map must be owned types (or static references).
 #[derive(Default)]
 pub struct Extensions {
-    /// Use AHasher with a std HashMap with for faster lookups on the small `TypeId` keys.
-    map: AHashMap<TypeId, Box<dyn Any>>,
+    // use no-op hasher with a std HashMap with for faster lookups on the small `TypeId` keys
+    map: HashMap<TypeId, Box<dyn Any>, BuildHasherDefault<NoOpHasher>>,
 }
 
 impl Extensions {
@@ -19,7 +40,7 @@ impl Extensions {
     #[inline]
     pub fn new() -> Extensions {
         Extensions {
-            map: AHashMap::new(),
+            map: HashMap::default(),
         }
     }
 
@@ -83,6 +104,46 @@ impl Extensions {
             .and_then(|boxed| boxed.downcast_mut())
     }
 
+    /// Inserts the given `value` into the extensions if it is not present, then returns a reference
+    /// to the value in the extensions.
+    ///
+    /// ```
+    /// # use actix_http::Extensions;
+    /// let mut map = Extensions::new();
+    /// assert_eq!(map.get::<Vec<u32>>(), None);
+    ///
+    /// map.get_or_insert(Vec::<u32>::new()).push(1);
+    /// assert_eq!(map.get::<Vec<u32>>(), Some(&vec![1]));
+    ///
+    /// map.get_or_insert(Vec::<u32>::new()).push(2);
+    /// assert_eq!(map.get::<Vec<u32>>(), Some(&vec![1,2]));
+    /// ```
+    pub fn get_or_insert<T: 'static>(&mut self, value: T) -> &mut T {
+        self.get_or_insert_with(|| value)
+    }
+
+    /// Inserts a value computed from `f` into the extensions if the given `value` is not present,
+    /// then returns a reference to the value in the extensions.
+    ///
+    /// ```
+    /// # use actix_http::Extensions;
+    /// let mut map = Extensions::new();
+    /// assert_eq!(map.get::<Vec<u32>>(), None);
+    ///
+    /// map.get_or_insert_with(Vec::<u32>::new).push(1);
+    /// assert_eq!(map.get::<Vec<u32>>(), Some(&vec![1]));
+    ///
+    /// map.get_or_insert_with(Vec::<u32>::new).push(2);
+    /// assert_eq!(map.get::<Vec<u32>>(), Some(&vec![1,2]));
+    /// ```
+    pub fn get_or_insert_with<T: 'static, F: FnOnce() -> T>(&mut self, default: F) -> &mut T {
+        self.map
+            .entry(TypeId::of::<T>())
+            .or_insert_with(|| Box::new(default()))
+            .downcast_mut()
+            .expect("extensions map should now contain a T value")
+    }
+
     /// Remove an item from the map of a given type.
     ///
     /// If an item of this type was already stored, it will be returned.

actix-http/src/h1/chunked.rs

@@ -1,6 +1,7 @@
 use std::{io, task::Poll};
 
 use bytes::{Buf as _, Bytes, BytesMut};
+use tracing::{debug, trace};
 
 macro_rules! byte (
     ($rdr:ident) => ({
@@ -14,7 +15,7 @@ macro_rules! byte (
     })
 );
 
-#[derive(Debug, PartialEq, Clone)]
+#[derive(Debug, Clone, PartialEq, Eq)]
 pub(super) enum ChunkedState {
     Size,
     SizeLws,
@@ -70,13 +71,13 @@ impl ChunkedState {
 
         match size.checked_mul(radix) {
             Some(n) => {
-                *size = n as u64;
+                *size = n;
                 *size += rem as u64;
 
                 Poll::Ready(Ok(ChunkedState::Size))
             }
             None => {
-                log::debug!("chunk size would overflow u64");
+                debug!("chunk size would overflow u64");
                 Poll::Ready(Err(io::Error::new(
                     io::ErrorKind::InvalidInput,
                     "Invalid chunk size line: Size is too big",
@@ -124,7 +125,7 @@ impl ChunkedState {
         rem: &mut u64,
         buf: &mut Option<Bytes>,
     ) -> Poll<Result<ChunkedState, io::Error>> {
-        log::trace!("Chunked read, remaining={:?}", rem);
+        trace!("Chunked read, remaining={:?}", rem);
 
         let len = rdr.len() as u64;
         if len == 0 {

actix-http/src/h1/client.rs

@@ -1,9 +1,9 @@
 use std::{fmt, io};
 
-use actix_codec::{Decoder, Encoder};
 use bitflags::bitflags;
 use bytes::{Bytes, BytesMut};
 use http::{Method, Version};
+use tokio_util::codec::{Decoder, Encoder};
 
 use super::{
     decoder::{self, PayloadDecoder, PayloadItem, PayloadType},
@@ -16,6 +16,7 @@ use crate::{
 };
 
 bitflags! {
+    #[derive(Debug, Clone, Copy)]
     struct Flags: u8 {
         const HEAD               = 0b0000_0001;
         const KEEP_ALIVE_ENABLED = 0b0000_1000;
@@ -128,7 +129,10 @@ impl Decoder for ClientCodec {
     type Error = ParseError;
 
     fn decode(&mut self, src: &mut BytesMut) -> Result<Option<Self::Item>, Self::Error> {
-        debug_assert!(!self.inner.payload.is_some(), "Payload decoder is set");
+        debug_assert!(
+            self.inner.payload.is_none(),
+            "Payload decoder should not be set"
+        );
 
         if let Some((req, payload)) = self.inner.decoder.decode(src)? {
             if let Some(conn_type) = req.conn_type() {

actix-http/src/h1/codec.rs

@@ -1,19 +1,18 @@
 use std::{fmt, io};
 
-use actix_codec::{Decoder, Encoder};
 use bitflags::bitflags;
 use bytes::BytesMut;
 use http::{Method, Version};
+use tokio_util::codec::{Decoder, Encoder};
 
 use super::{
     decoder::{self, PayloadDecoder, PayloadItem, PayloadType},
     encoder, Message, MessageType,
 };
-use crate::{
-    body::BodySize, error::ParseError, ConnectionType, Request, Response, ServiceConfig,
-};
+use crate::{body::BodySize, error::ParseError, ConnectionType, Request, Response, ServiceConfig};
 
 bitflags! {
+    #[derive(Debug, Clone, Copy)]
     struct Flags: u8 {
         const HEAD               = 0b0000_0001;
         const KEEP_ALIVE_ENABLED = 0b0000_0010;
@@ -125,11 +124,13 @@ impl Decoder for Codec {
             self.flags.set(Flags::HEAD, head.method == Method::HEAD);
             self.version = head.version;
             self.conn_type = head.connection_type();
+
             if self.conn_type == ConnectionType::KeepAlive
                 && !self.flags.contains(Flags::KEEP_ALIVE_ENABLED)
             {
                 self.conn_type = ConnectionType::Close
             }
+
             match payload {
                 PayloadType::None => self.payload = None,
                 PayloadType::Payload(pl) => self.payload = Some(pl),
@@ -197,9 +198,6 @@ impl Encoder<Message<(Response<()>, BodySize)>> for Codec {
 
 #[cfg(test)]
 mod tests {
-    use bytes::BytesMut;
-    use http::Method;
-
     use super::*;
     use crate::HttpMessage as _;
 

actix-http/src/h1/decoder.rs

@@ -1,4 +1,4 @@
-use std::{convert::TryFrom, io, marker::PhantomData, mem::MaybeUninit, task::Poll};
+use std::{io, marker::PhantomData, mem::MaybeUninit, task::Poll};
 
 use actix_codec::Decoder;
 use bytes::{Bytes, BytesMut};
@@ -6,7 +6,7 @@ use http::{
     header::{self, HeaderName, HeaderValue},
     Method, StatusCode, Uri, Version,
 };
-use log::{debug, error, trace};
+use tracing::{debug, error, trace};
 
 use super::chunked::ChunkedState;
 use crate::{error::ParseError, header::HeaderMap, ConnectionType, Request, ResponseHead};
@@ -46,6 +46,23 @@ pub(crate) enum PayloadLength {
     None,
 }
 
+impl PayloadLength {
+    /// Returns true if variant is `None`.
+    fn is_none(&self) -> bool {
+        matches!(self, Self::None)
+    }
+
+    /// Returns true if variant is represents zero-length (not none) payload.
+    fn is_zero(&self) -> bool {
+        matches!(
+            self,
+            PayloadLength::Payload(PayloadType::Payload(PayloadDecoder {
+                kind: Kind::Length(0)
+            }))
+        )
+    }
+}
+
 pub(crate) trait MessageType: Sized {
     fn set_connection_type(&mut self, conn_type: Option<ConnectionType>);
 
@@ -59,6 +76,7 @@ pub(crate) trait MessageType: Sized {
         &mut self,
         slice: &Bytes,
         raw_headers: &[HeaderIndex],
+        version: Version,
     ) -> Result<PayloadLength, ParseError> {
         let mut ka = None;
         let mut has_upgrade_websocket = false;
@@ -76,9 +94,7 @@ pub(crate) trait MessageType: Sized {
                 // SAFETY: httparse already checks header value is only visible ASCII bytes
                 // from_maybe_shared_unchecked contains debug assertions so they are omitted here
                 let value = unsafe {
-                    HeaderValue::from_maybe_shared_unchecked(
-                        slice.slice(idx.value.0..idx.value.1),
-                    )
+                    HeaderValue::from_maybe_shared_unchecked(slice.slice(idx.value.0..idx.value.1))
                 };
 
                 match name {
@@ -87,21 +103,23 @@ pub(crate) trait MessageType: Sized {
                         return Err(ParseError::Header);
                     }
 
-                    header::CONTENT_LENGTH => match value.to_str() {
-                        Ok(s) if s.trim().starts_with('+') => {
-                            debug!("illegal Content-Length: {:?}", s);
+                    header::CONTENT_LENGTH => match value.to_str().map(str::trim) {
+                        Ok(val) if val.starts_with('+') => {
+                            debug!("illegal Content-Length: {:?}", val);
                             return Err(ParseError::Header);
                         }
-                        Ok(s) => {
-                            if let Ok(len) = s.parse::<u64>() {
-                                if len != 0 {
-                                    content_length = Some(len);
-                                }
+
+                        Ok(val) => {
+                            if let Ok(len) = val.parse::<u64>() {
+                                // accept 0 lengths here and remove them in `decode` after all
+                                // headers have been processed to prevent request smuggling issues
+                                content_length = Some(len);
                             } else {
-                                debug!("illegal Content-Length: {:?}", s);
+                                debug!("illegal Content-Length: {:?}", val);
                                 return Err(ParseError::Header);
                             }
                         }
+
                         Err(_) => {
                             debug!("illegal Content-Length: {:?}", value);
                             return Err(ParseError::Header);
@@ -114,22 +132,23 @@ pub(crate) trait MessageType: Sized {
                         return Err(ParseError::Header);
                     }
 
-                    header::TRANSFER_ENCODING => {
+                    header::TRANSFER_ENCODING if version == Version::HTTP_11 => {
                         seen_te = true;
 
-                        if let Ok(s) = value.to_str().map(str::trim) {
-                            if s.eq_ignore_ascii_case("chunked") {
+                        if let Ok(val) = value.to_str().map(str::trim) {
+                            if val.eq_ignore_ascii_case("chunked") {
                                 chunked = true;
-                            } else if s.eq_ignore_ascii_case("identity") {
+                            } else if val.eq_ignore_ascii_case("identity") {
                                 // allow silently since multiple TE headers are already checked
                             } else {
-                                debug!("illegal Transfer-Encoding: {:?}", s);
+                                debug!("illegal Transfer-Encoding: {:?}", val);
                                 return Err(ParseError::Header);
                             }
                         } else {
                             return Err(ParseError::Header);
                         }
                     }
+
                     // connection keep-alive state
                     header::CONNECTION => {
                         ka = if let Ok(conn) = value.to_str().map(str::trim) {
@@ -146,6 +165,7 @@ pub(crate) trait MessageType: Sized {
                             None
                         };
                     }
+
                     header::UPGRADE => {
                         if let Ok(val) = value.to_str().map(str::trim) {
                             if val.eq_ignore_ascii_case("websocket") {
@@ -153,19 +173,23 @@ pub(crate) trait MessageType: Sized {
                             }
                         }
                     }
+
                     header::EXPECT => {
                         let bytes = value.as_bytes();
                         if bytes.len() >= 4 && &bytes[0..4] == b"100-" {
                             expect = true;
                         }
                     }
+
                     _ => {}
                 }
 
                 headers.append(name, value);
             }
         }
+
         self.set_connection_type(ka);
+
         if expect {
             self.set_expect()
         }
@@ -209,15 +233,16 @@ impl MessageType for Request {
 
         let (len, method, uri, ver, h_len) = {
             // SAFETY:
-            // Create an uninitialized array of `MaybeUninit`. The `assume_init` is
-            // safe because the type we are claiming to have initialized here is a
-            // bunch of `MaybeUninit`s, which do not require initialization.
+            // Create an uninitialized array of `MaybeUninit`. The `assume_init` is safe because the
+            // type we are claiming to have initialized here is a bunch of `MaybeUninit`s, which
+            // do not require initialization.
             let mut parsed = unsafe {
                 MaybeUninit::<[MaybeUninit<httparse::Header<'_>>; MAX_HEADERS]>::uninit()
                     .assume_init()
             };
 
             let mut req = httparse::Request::new(&mut []);
+
             match req.parse_with_uninit_headers(src, &mut parsed)? {
                 httparse::Status::Complete(len) => {
                     let method = Method::from_bytes(req.method.unwrap().as_bytes())
@@ -232,6 +257,7 @@ impl MessageType for Request {
 
                     (len, method, uri, version, req.headers.len())
                 }
+
                 httparse::Status::Partial => {
                     return if src.len() >= MAX_BUFFER_SIZE {
                         trace!("MAX_BUFFER_SIZE unprocessed data reached, closing");
@@ -247,7 +273,21 @@ impl MessageType for Request {
         let mut msg = Request::new();
 
         // convert headers
-        let length = msg.set_headers(&src.split_to(len).freeze(), &headers[..h_len])?;
+        let mut length = msg.set_headers(&src.split_to(len).freeze(), &headers[..h_len], ver)?;
+
+        // disallow HTTP/1.0 POST requests that do not contain a Content-Length headers
+        // see https://datatracker.ietf.org/doc/html/rfc1945#section-7.2.2
+        if ver == Version::HTTP_10 && method == Method::POST && length.is_none() {
+            debug!("no Content-Length specified for HTTP/1.0 POST request");
+            return Err(ParseError::Header);
+        }
+
+        // Remove CL value if 0 now that all headers and HTTP/1.0 special cases are processed.
+        // Protects against some request smuggling attacks.
+        // See https://github.com/actix/actix-web/issues/2767.
+        if length.is_zero() {
+            length = PayloadLength::None;
+        }
 
         // payload decoder
         let decoder = match length {
@@ -291,22 +331,35 @@ impl MessageType for ResponseHead {
         let mut headers: [HeaderIndex; MAX_HEADERS] = EMPTY_HEADER_INDEX_ARRAY;
 
         let (len, ver, status, h_len) = {
-            let mut parsed: [httparse::Header<'_>; MAX_HEADERS] = EMPTY_HEADER_ARRAY;
+            // SAFETY:
+            // Create an uninitialized array of `MaybeUninit`. The `assume_init` is safe because the
+            // type we are claiming to have initialized here is a bunch of `MaybeUninit`s, which
+            // do not require initialization.
+            let mut parsed = unsafe {
+                MaybeUninit::<[MaybeUninit<httparse::Header<'_>>; MAX_HEADERS]>::uninit()
+                    .assume_init()
+            };
 
-            let mut res = httparse::Response::new(&mut parsed);
-            match res.parse(src)? {
+            let mut res = httparse::Response::new(&mut []);
+
+            let mut config = httparse::ParserConfig::default();
+            config.allow_spaces_after_header_name_in_responses(true);
+
+            match config.parse_response_with_uninit_headers(&mut res, src, &mut parsed)? {
                 httparse::Status::Complete(len) => {
                     let version = if res.version.unwrap() == 1 {
                         Version::HTTP_11
                     } else {
                         Version::HTTP_10
                     };
-                    let status = StatusCode::from_u16(res.code.unwrap())
-                        .map_err(|_| ParseError::Status)?;
+
+                    let status =
+                        StatusCode::from_u16(res.code.unwrap()).map_err(|_| ParseError::Status)?;
                     HeaderIndex::record(src, res.headers, &mut headers);
 
                     (len, version, status, res.headers.len())
                 }
+
                 httparse::Status::Partial => {
                     return if src.len() >= MAX_BUFFER_SIZE {
                         error!("MAX_BUFFER_SIZE unprocessed data reached, closing");
@@ -322,7 +375,14 @@ impl MessageType for ResponseHead {
         msg.version = ver;
 
         // convert headers
-        let length = msg.set_headers(&src.split_to(len).freeze(), &headers[..h_len])?;
+        let mut length = msg.set_headers(&src.split_to(len).freeze(), &headers[..h_len], ver)?;
+
+        // Remove CL value if 0 now that all headers and HTTP/1.0 special cases are processed.
+        // Protects against some request smuggling attacks.
+        // See https://github.com/actix/actix-web/issues/2767.
+        if length.is_zero() {
+            length = PayloadLength::None;
+        }
 
         // message payload
         let decoder = if let PayloadLength::Payload(pl) = length {
@@ -358,9 +418,6 @@ pub(crate) const EMPTY_HEADER_INDEX: HeaderIndex = HeaderIndex {
 pub(crate) const EMPTY_HEADER_INDEX_ARRAY: [HeaderIndex; MAX_HEADERS] =
     [EMPTY_HEADER_INDEX; MAX_HEADERS];
 
-pub(crate) const EMPTY_HEADER_ARRAY: [httparse::Header<'static>; MAX_HEADERS] =
-    [httparse::EMPTY_HEADER; MAX_HEADERS];
-
 impl HeaderIndex {
     pub(crate) fn record(
         bytes: &[u8],
@@ -379,7 +436,7 @@ impl HeaderIndex {
     }
 }
 
-#[derive(Debug, Clone, PartialEq)]
+#[derive(Debug, Clone, PartialEq, Eq)]
 /// Chunk type yielded while decoding a payload.
 pub enum PayloadItem {
     Chunk(Bytes),
@@ -389,7 +446,7 @@ pub enum PayloadItem {
 /// Decoder that can handle different payload types.
 ///
 /// If a message body does not use `Transfer-Encoding`, it should include a `Content-Length`.
-#[derive(Debug, Clone, PartialEq)]
+#[derive(Debug, Clone, PartialEq, Eq)]
 pub struct PayloadDecoder {
     kind: Kind,
 }
@@ -415,7 +472,7 @@ impl PayloadDecoder {
     }
 }
 
-#[derive(Debug, Clone, PartialEq)]
+#[derive(Debug, Clone, PartialEq, Eq)]
 enum Kind {
     /// A reader used when a `Content-Length` header is passed with a positive integer.
     Length(u64),
@@ -475,7 +532,7 @@ impl Decoder for PayloadDecoder {
                     *state = match state.step(src, size, &mut buf) {
                         Poll::Pending => return Ok(None),
                         Poll::Ready(Ok(state)) => state,
-                        Poll::Ready(Err(e)) => return Err(e),
+                        Poll::Ready(Err(err)) => return Err(err),
                     };
 
                     if *state == ChunkedState::End {
@@ -506,15 +563,8 @@ impl Decoder for PayloadDecoder {
 
 #[cfg(test)]
 mod tests {
-    use bytes::{Bytes, BytesMut};
-    use http::{Method, Version};
-
     use super::*;
-    use crate::{
-        error::ParseError,
-        header::{HeaderName, SET_COOKIE},
-        HttpMessage as _,
-    };
+    use crate::{header::SET_COOKIE, HttpMessage as _};
 
     impl PayloadType {
         pub(crate) fn unwrap(self) -> PayloadDecoder {
@@ -594,14 +644,100 @@ mod tests {
     }
 
     #[test]
-    fn test_parse_post() {
-        let mut buf = BytesMut::from("POST /test2 HTTP/1.0\r\n\r\n");
+    fn parse_h09_reject() {
+        let mut buf = BytesMut::from(
+            "GET /test1 HTTP/0.9\r\n\
+            \r\n",
+        );
+
+        let mut reader = MessageDecoder::<Request>::default();
+        reader.decode(&mut buf).unwrap_err();
+
+        let mut buf = BytesMut::from(
+            "POST /test2 HTTP/0.9\r\n\
+            Content-Length: 3\r\n\
+            \r\n
+            abc",
+        );
+
+        let mut reader = MessageDecoder::<Request>::default();
+        reader.decode(&mut buf).unwrap_err();
+    }
+
+    #[test]
+    fn parse_h10_get() {
+        let mut buf = BytesMut::from(
+            "GET /test1 HTTP/1.0\r\n\
+            \r\n",
+        );
+
+        let mut reader = MessageDecoder::<Request>::default();
+        let (req, _) = reader.decode(&mut buf).unwrap().unwrap();
+        assert_eq!(req.version(), Version::HTTP_10);
+        assert_eq!(*req.method(), Method::GET);
+        assert_eq!(req.path(), "/test1");
+
+        let mut buf = BytesMut::from(
+            "GET /test2 HTTP/1.0\r\n\
+            Content-Length: 0\r\n\
+            \r\n",
+        );
+
+        let mut reader = MessageDecoder::<Request>::default();
+        let (req, _) = reader.decode(&mut buf).unwrap().unwrap();
+        assert_eq!(req.version(), Version::HTTP_10);
+        assert_eq!(*req.method(), Method::GET);
+        assert_eq!(req.path(), "/test2");
+
+        let mut buf = BytesMut::from(
+            "GET /test3 HTTP/1.0\r\n\
+            Content-Length: 3\r\n\
+            \r\n
+            abc",
+        );
+
+        let mut reader = MessageDecoder::<Request>::default();
+        let (req, _) = reader.decode(&mut buf).unwrap().unwrap();
+        assert_eq!(req.version(), Version::HTTP_10);
+        assert_eq!(*req.method(), Method::GET);
+        assert_eq!(req.path(), "/test3");
+    }
+
+    #[test]
+    fn parse_h10_post() {
+        let mut buf = BytesMut::from(
+            "POST /test1 HTTP/1.0\r\n\
+            Content-Length: 3\r\n\
+            \r\n\
+            abc",
+        );
+
+        let mut reader = MessageDecoder::<Request>::default();
+        let (req, _) = reader.decode(&mut buf).unwrap().unwrap();
+        assert_eq!(req.version(), Version::HTTP_10);
+        assert_eq!(*req.method(), Method::POST);
+        assert_eq!(req.path(), "/test1");
+
+        let mut buf = BytesMut::from(
+            "POST /test2 HTTP/1.0\r\n\
+            Content-Length: 0\r\n\
+            \r\n",
+        );
 
         let mut reader = MessageDecoder::<Request>::default();
         let (req, _) = reader.decode(&mut buf).unwrap().unwrap();
         assert_eq!(req.version(), Version::HTTP_10);
         assert_eq!(*req.method(), Method::POST);
         assert_eq!(req.path(), "/test2");
+
+        let mut buf = BytesMut::from(
+            "POST /test3 HTTP/1.0\r\n\
+            \r\n",
+        );
+
+        let mut reader = MessageDecoder::<Request>::default();
+        let err = reader.decode(&mut buf).unwrap_err();
+        assert!(err.to_string().contains("Header"))
     }
 
     #[test]
@@ -697,121 +833,98 @@ mod tests {
 
     #[test]
     fn test_conn_default_1_0() {
-        let mut buf = BytesMut::from("GET /test HTTP/1.0\r\n\r\n");
-        let req = parse_ready!(&mut buf);
-
+        let req = parse_ready!(&mut BytesMut::from("GET /test HTTP/1.0\r\n\r\n"));
         assert_eq!(req.head().connection_type(), ConnectionType::Close);
     }
 
     #[test]
     fn test_conn_default_1_1() {
-        let mut buf = BytesMut::from("GET /test HTTP/1.1\r\n\r\n");
-        let req = parse_ready!(&mut buf);
-
+        let req = parse_ready!(&mut BytesMut::from("GET /test HTTP/1.1\r\n\r\n"));
         assert_eq!(req.head().connection_type(), ConnectionType::KeepAlive);
     }
 
     #[test]
     fn test_conn_close() {
-        let mut buf = BytesMut::from(
+        let req = parse_ready!(&mut BytesMut::from(
             "GET /test HTTP/1.1\r\n\
              connection: close\r\n\r\n",
-        );
-        let req = parse_ready!(&mut buf);
-
+        ));
         assert_eq!(req.head().connection_type(), ConnectionType::Close);
 
-        let mut buf = BytesMut::from(
+        let req = parse_ready!(&mut BytesMut::from(
             "GET /test HTTP/1.1\r\n\
              connection: Close\r\n\r\n",
-        );
-        let req = parse_ready!(&mut buf);
-
+        ));
         assert_eq!(req.head().connection_type(), ConnectionType::Close);
     }
 
     #[test]
     fn test_conn_close_1_0() {
-        let mut buf = BytesMut::from(
+        let req = parse_ready!(&mut BytesMut::from(
             "GET /test HTTP/1.0\r\n\
              connection: close\r\n\r\n",
-        );
-
-        let req = parse_ready!(&mut buf);
-
+        ));
         assert_eq!(req.head().connection_type(), ConnectionType::Close);
     }
 
     #[test]
     fn test_conn_keep_alive_1_0() {
-        let mut buf = BytesMut::from(
+        let req = parse_ready!(&mut BytesMut::from(
             "GET /test HTTP/1.0\r\n\
              connection: keep-alive\r\n\r\n",
-        );
-        let req = parse_ready!(&mut buf);
-
+        ));
         assert_eq!(req.head().connection_type(), ConnectionType::KeepAlive);
 
-        let mut buf = BytesMut::from(
+        let req = parse_ready!(&mut BytesMut::from(
             "GET /test HTTP/1.0\r\n\
              connection: Keep-Alive\r\n\r\n",
-        );
-        let req = parse_ready!(&mut buf);
-
+        ));
         assert_eq!(req.head().connection_type(), ConnectionType::KeepAlive);
     }
 
     #[test]
     fn test_conn_keep_alive_1_1() {
-        let mut buf = BytesMut::from(
+        let req = parse_ready!(&mut BytesMut::from(
             "GET /test HTTP/1.1\r\n\
              connection: keep-alive\r\n\r\n",
-        );
-        let req = parse_ready!(&mut buf);
-
+        ));
         assert_eq!(req.head().connection_type(), ConnectionType::KeepAlive);
     }
 
     #[test]
     fn test_conn_other_1_0() {
-        let mut buf = BytesMut::from(
+        let req = parse_ready!(&mut BytesMut::from(
             "GET /test HTTP/1.0\r\n\
              connection: other\r\n\r\n",
-        );
-        let req = parse_ready!(&mut buf);
-
+        ));
         assert_eq!(req.head().connection_type(), ConnectionType::Close);
     }
 
     #[test]
     fn test_conn_other_1_1() {
-        let mut buf = BytesMut::from(
+        let req = parse_ready!(&mut BytesMut::from(
             "GET /test HTTP/1.1\r\n\
              connection: other\r\n\r\n",
-        );
-        let req = parse_ready!(&mut buf);
-
+        ));
         assert_eq!(req.head().connection_type(), ConnectionType::KeepAlive);
     }
 
     #[test]
     fn test_conn_upgrade() {
-        let mut buf = BytesMut::from(
+        let req = parse_ready!(&mut BytesMut::from(
             "GET /test HTTP/1.1\r\n\
              upgrade: websockets\r\n\
              connection: upgrade\r\n\r\n",
-        );
-        let req = parse_ready!(&mut buf);
+        ));
 
         assert!(req.upgrade());
         assert_eq!(req.head().connection_type(), ConnectionType::Upgrade);
 
-        let mut buf = BytesMut::from(
+        let req = parse_ready!(&mut BytesMut::from(
             "GET /test HTTP/1.1\r\n\
              upgrade: Websockets\r\n\
              connection: Upgrade\r\n\r\n",
-        );
-        let req = parse_ready!(&mut buf);
+        ));
 
         assert!(req.upgrade());
         assert_eq!(req.head().connection_type(), ConnectionType::Upgrade);
@@ -819,59 +932,62 @@ mod tests {
 
     #[test]
     fn test_conn_upgrade_connect_method() {
-        let mut buf = BytesMut::from(
+        let req = parse_ready!(&mut BytesMut::from(
             "CONNECT /test HTTP/1.1\r\n\
              content-type: text/plain\r\n\r\n",
-        );
-        let req = parse_ready!(&mut buf);
+        ));
 
         assert!(req.upgrade());
     }
 
     #[test]
-    fn test_headers_content_length_err_1() {
-        let mut buf = BytesMut::from(
+    fn test_headers_bad_content_length() {
+        // string CL
+        expect_parse_err!(&mut BytesMut::from(
             "GET /test HTTP/1.1\r\n\
              content-length: line\r\n\r\n",
-        );
+        ));
 
-        expect_parse_err!(&mut buf)
+        // negative CL
+        expect_parse_err!(&mut BytesMut::from(
+            "GET /test HTTP/1.1\r\n\
+             content-length: -1\r\n\r\n",
+        ));
     }
 
     #[test]
-    fn test_headers_content_length_err_2() {
+    fn octal_ish_cl_parsed_as_decimal() {
         let mut buf = BytesMut::from(
-            "GET /test HTTP/1.1\r\n\
-             content-length: -1\r\n\r\n",
+            "POST /test HTTP/1.1\r\n\
+             content-length: 011\r\n\r\n",
         );
-
-        expect_parse_err!(&mut buf);
+        let mut reader = MessageDecoder::<Request>::default();
+        let (_req, pl) = reader.decode(&mut buf).unwrap().unwrap();
+        assert!(matches!(
+            pl,
+            PayloadType::Payload(pl) if pl == PayloadDecoder::length(11)
+        ));
     }
 
     #[test]
     fn test_invalid_header() {
-        let mut buf = BytesMut::from(
+        expect_parse_err!(&mut BytesMut::from(
             "GET /test HTTP/1.1\r\n\
              test line\r\n\r\n",
-        );
-
-        expect_parse_err!(&mut buf);
+        ));
     }
 
     #[test]
     fn test_invalid_name() {
-        let mut buf = BytesMut::from(
+        expect_parse_err!(&mut BytesMut::from(
             "GET /test HTTP/1.1\r\n\
              test[]: line\r\n\r\n",
-        );
-
-        expect_parse_err!(&mut buf);
+        ));
     }
 
     #[test]
     fn test_http_request_bad_status_line() {
-        let mut buf = BytesMut::from("getpath \r\n\r\n");
-        expect_parse_err!(&mut buf);
+        expect_parse_err!(&mut BytesMut::from("getpath \r\n\r\n"));
     }
 
     #[test]
@@ -911,11 +1027,10 @@ mod tests {
 
     #[test]
     fn test_http_request_parser_utf8() {
-        let mut buf = BytesMut::from(
+        let req = parse_ready!(&mut BytesMut::from(
             "GET /test HTTP/1.1\r\n\
              x-test: тест\r\n\r\n",
-        );
-        let req = parse_ready!(&mut buf);
+        ));
 
         assert_eq!(
             req.headers().get("x-test").unwrap().as_bytes(),
@@ -925,24 +1040,18 @@ mod tests {
 
     #[test]
     fn test_http_request_parser_two_slashes() {
-        let mut buf = BytesMut::from("GET //path HTTP/1.1\r\n\r\n");
-        let req = parse_ready!(&mut buf);
-
+        let req = parse_ready!(&mut BytesMut::from("GET //path HTTP/1.1\r\n\r\n"));
         assert_eq!(req.path(), "//path");
     }
 
     #[test]
     fn test_http_request_parser_bad_method() {
-        let mut buf = BytesMut::from("!12%()+=~$ /get HTTP/1.1\r\n\r\n");
-
-        expect_parse_err!(&mut buf);
+        expect_parse_err!(&mut BytesMut::from("!12%()+=~$ /get HTTP/1.1\r\n\r\n"));
     }
 
     #[test]
     fn test_http_request_parser_bad_version() {
-        let mut buf = BytesMut::from("GET //get HT/11\r\n\r\n");
-
-        expect_parse_err!(&mut buf);
+        expect_parse_err!(&mut BytesMut::from("GET //get HT/11\r\n\r\n"));
     }
 
     #[test]
@@ -959,29 +1068,66 @@ mod tests {
 
     #[test]
     fn hrs_multiple_content_length() {
-        let mut buf = BytesMut::from(
+        expect_parse_err!(&mut BytesMut::from(
             "GET / HTTP/1.1\r\n\
             Host: example.com\r\n\
             Content-Length: 4\r\n\
             Content-Length: 2\r\n\
             \r\n\
             abcd",
-        );
+        ));
 
-        expect_parse_err!(&mut buf);
+        expect_parse_err!(&mut BytesMut::from(
+            "GET / HTTP/1.1\r\n\
+            Host: example.com\r\n\
+            Content-Length: 0\r\n\
+            Content-Length: 2\r\n\
+            \r\n\
+            ab",
+        ));
     }
 
     #[test]
     fn hrs_content_length_plus() {
-        let mut buf = BytesMut::from(
+        expect_parse_err!(&mut BytesMut::from(
             "GET / HTTP/1.1\r\n\
             Host: example.com\r\n\
             Content-Length: +3\r\n\
             \r\n\
             000",
+        ));
+    }
+
+    #[test]
+    fn hrs_te_http10() {
+        // in HTTP/1.0 transfer encoding is ignored and must therefore contain a CL header
+
+        expect_parse_err!(&mut BytesMut::from(
+            "POST / HTTP/1.0\r\n\
+            Host: example.com\r\n\
+            Transfer-Encoding: chunked\r\n\
+            \r\n\
+            3\r\n\
+            aaa\r\n\
+            0\r\n\
+            ",
+        ));
+    }
+
+    #[test]
+    fn hrs_cl_and_te_http10() {
+        // in HTTP/1.0 transfer encoding is simply ignored so it's fine to have both
+
+        let mut buf = BytesMut::from(
+            "GET / HTTP/1.0\r\n\
+            Host: example.com\r\n\
+            Content-Length: 3\r\n\
+            Transfer-Encoding: chunked\r\n\
+            \r\n\
+            000",
         );
 
-        expect_parse_err!(&mut buf);
+        parse_ready!(&mut buf);
     }
 
     #[test]

actix-http/src/h1/dispatcher.rs

@@ -8,21 +8,16 @@ use std::{
     task::{Context, Poll},
 };
 
-use actix_codec::{AsyncRead, AsyncWrite, Decoder as _, Encoder as _, Framed, FramedParts};
+use actix_codec::{Framed, FramedParts};
 use actix_rt::time::sleep_until;
 use actix_service::Service;
 use bitflags::bitflags;
 use bytes::{Buf, BytesMut};
 use futures_core::ready;
 use pin_project_lite::pin_project;
-
-use crate::{
-    body::{BodySize, BoxBody, MessageBody},
-    config::ServiceConfig,
-    error::{DispatchError, ParseError, PayloadError},
-    service::HttpFlow,
-    Error, Extensions, OnConnectData, Request, Response, StatusCode,
-};
+use tokio::io::{AsyncRead, AsyncWrite};
+use tokio_util::codec::{Decoder as _, Encoder as _};
+use tracing::{error, trace};
 
 use super::{
     codec::Codec,
@@ -31,12 +26,20 @@ use super::{
     timer::TimerState,
     Message, MessageType,
 };
+use crate::{
+    body::{BodySize, BoxBody, MessageBody},
+    config::ServiceConfig,
+    error::{DispatchError, ParseError, PayloadError},
+    service::HttpFlow,
+    Error, Extensions, OnConnectData, Request, Response, StatusCode,
+};
 
 const LW_BUFFER_SIZE: usize = 1024;
 const HW_BUFFER_SIZE: usize = 1024 * 8;
 const MAX_PIPELINED_MESSAGES: usize = 16;
 
 bitflags! {
+    #[derive(Debug, Clone, Copy)]
     pub struct Flags: u8 {
         /// Set when stream is read for first time.
         const STARTED          = 0b0000_0001;
@@ -151,7 +154,8 @@ pin_project! {
         error: Option<DispatchError>,
 
         #[pin]
-        state: State<S, B, X>,
+        pub(super) state: State<S, B, X>,
+        // when Some(_) dispatcher is in state of receiving request payload
         payload: Option<PayloadSender>,
         messages: VecDeque<DispatcherMessage>,
 
@@ -174,7 +178,7 @@ enum DispatcherMessage {
 
 pin_project! {
     #[project = StateProj]
-    enum State<S, B, X>
+    pub(super) enum State<S, B, X>
     where
         S: Service<Request>,
         X: Service<Request, Response = Request>,
@@ -194,7 +198,7 @@ where
     X: Service<Request, Response = Request>,
     B: MessageBody,
 {
-    fn is_none(&self) -> bool {
+    pub(super) fn is_none(&self) -> bool {
         matches!(self, State::None)
     }
 }
@@ -208,9 +212,7 @@ where
     fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
         match self {
             Self::None => write!(f, "State::None"),
-            Self::ExpectCall { .. } => {
-                f.debug_struct("State::ExpectCall").finish_non_exhaustive()
-            }
+            Self::ExpectCall { .. } => f.debug_struct("State::ExpectCall").finish_non_exhaustive(),
             Self::ServiceCall { .. } => {
                 f.debug_struct("State::ServiceCall").finish_non_exhaustive()
             }
@@ -271,9 +273,7 @@ where
 
                     head_timer: TimerState::new(config.client_request_deadline().is_some()),
                     ka_timer: TimerState::new(config.keep_alive().enabled()),
-                    shutdown_timer: TimerState::new(
-                        config.client_disconnect_deadline().is_some(),
-                    ),
+                    shutdown_timer: TimerState::new(config.client_disconnect_deadline().is_some()),
 
                     io: Some(io),
                     read_buf: BytesMut::with_capacity(HW_BUFFER_SIZE),
@@ -335,7 +335,7 @@ where
         while written < len {
             match io.as_mut().poll_write(cx, &write_buf[written..])? {
                 Poll::Ready(0) => {
-                    log::error!("write zero; closing");
+                    error!("write zero; closing");
                     return Poll::Ready(Err(io::Error::new(io::ErrorKind::WriteZero, "")));
                 }
 
@@ -374,8 +374,6 @@ where
                 DispatchError::Io(err)
             })?;
 
-        this.flags.set(Flags::KEEP_ALIVE, this.codec.keep_alive());
-
         Ok(size)
     }
 
@@ -453,12 +451,15 @@ where
                     }
 
                     // return with upgrade request and poll it exclusively
-                    Some(DispatcherMessage::Upgrade(req)) => {
-                        return Ok(PollResponse::Upgrade(req))
-                    }
+                    Some(DispatcherMessage::Upgrade(req)) => return Ok(PollResponse::Upgrade(req)),
 
                     // all messages are dealt with
-                    None => return Ok(PollResponse::DoNothing),
+                    None => {
+                        // start keep-alive if last request allowed it
+                        this.flags.set(Flags::KEEP_ALIVE, this.codec.keep_alive());
+
+                        return Ok(PollResponse::DoNothing);
+                    }
                 },
 
                 StateProj::ServiceCall { fut } => {
@@ -511,8 +512,10 @@ where
                             }
 
                             Poll::Ready(Some(Err(err))) => {
+                                let err = err.into();
+                                tracing::error!("Response payload stream error: {err:?}");
                                 this.flags.insert(Flags::FINISHED);
-                                return Err(DispatchError::Body(err.into()));
+                                return Err(DispatchError::Body(err));
                             }
 
                             Poll::Pending => return Ok(PollResponse::DoNothing),
@@ -548,6 +551,7 @@ where
                             }
 
                             Poll::Ready(Some(Err(err))) => {
+                                tracing::error!("Response payload stream error: {err:?}");
                                 this.flags.insert(Flags::FINISHED);
                                 return Err(DispatchError::Body(
                                     Error::new_body().with_cause(err).into(),
@@ -564,7 +568,7 @@ where
                 }
 
                 StateProj::ExpectCall { fut } => {
-                    log::trace!("  calling expect service");
+                    trace!("  calling expect service");
 
                     match fut.poll(cx) {
                         // expect resolved. write continue to buffer and set InnerDispatcher state
@@ -667,9 +671,7 @@ where
                 }
 
                 _ => {
-                    unreachable!(
-                        "State must be set to ServiceCall or ExceptCall in handle_request"
-                    )
+                    unreachable!("State must be set to ServiceCall or ExceptCall in handle_request")
                 }
             }
         }
@@ -678,10 +680,7 @@ where
     /// Process one incoming request.
     ///
     /// Returns true if any meaningful work was done.
-    fn poll_request(
-        mut self: Pin<&mut Self>,
-        cx: &mut Context<'_>,
-    ) -> Result<bool, DispatchError> {
+    fn poll_request(mut self: Pin<&mut Self>, cx: &mut Context<'_>) -> Result<bool, DispatchError> {
         let pipeline_queue_full = self.messages.len() >= MAX_PIPELINED_MESSAGES;
         let can_not_read = !self.can_read(cx);
 
@@ -694,6 +693,7 @@ where
 
         let mut updated = false;
 
+        // decode from read buf as many full requests as possible
         loop {
             match this.codec.decode(this.read_buf) {
                 Ok(Some(msg)) => {
@@ -706,7 +706,7 @@ where
 
                             req.head_mut().peer_addr = *this.peer_addr;
 
-                            req.conn_data = this.conn_data.as_ref().map(Rc::clone);
+                            req.conn_data.clone_from(this.conn_data);
 
                             match this.codec.message_type() {
                                 // request has no payload
@@ -746,7 +746,7 @@ where
                             if let Some(ref mut payload) = this.payload {
                                 payload.feed_data(chunk);
                             } else {
-                                log::error!("Internal server error: unexpected payload chunk");
+                                error!("Internal server error: unexpected payload chunk");
                                 this.flags.insert(Flags::READ_DISCONNECT);
                                 this.messages.push_back(DispatcherMessage::Error(
                                     Response::internal_server_error().drop_body(),
@@ -760,7 +760,7 @@ where
                             if let Some(mut payload) = this.payload.take() {
                                 payload.feed_eof();
                             } else {
-                                log::error!("Internal server error: unexpected eof");
+                                error!("Internal server error: unexpected eof");
                                 this.flags.insert(Flags::READ_DISCONNECT);
                                 this.messages.push_back(DispatcherMessage::Error(
                                     Response::internal_server_error().drop_body(),
@@ -777,7 +777,7 @@ where
                 Ok(None) => break,
 
                 Err(ParseError::Io(err)) => {
-                    log::trace!("I/O error: {}", &err);
+                    trace!("I/O error: {}", &err);
                     self.as_mut().client_disconnected();
                     this = self.as_mut().project();
                     *this.error = Some(DispatchError::Io(err));
@@ -785,7 +785,7 @@ where
                 }
 
                 Err(ParseError::TooLarge) => {
-                    log::trace!("request head was too big; returning 431 response");
+                    trace!("request head was too big; returning 431 response");
 
                     if let Some(mut payload) = this.payload.take() {
                         payload.set_error(PayloadError::Overflow);
@@ -805,7 +805,7 @@ where
                 }
 
                 Err(err) => {
-                    log::trace!("parse error {}", &err);
+                    trace!("parse error {}", &err);
 
                     if let Some(mut payload) = this.payload.take() {
                         payload.set_error(PayloadError::EncodingCorrupted);
@@ -836,10 +836,7 @@ where
             if timer.as_mut().poll(cx).is_ready() {
                 // timeout on first request (slow request) return 408
 
-                log::trace!(
-                    "timed out on slow request; \
-                        replying with 408 and closing connection"
-                );
+                trace!("timed out on slow request; replying with 408 and closing connection");
 
                 let _ = self.as_mut().send_error_response(
                     Response::with_body(StatusCode::REQUEST_TIMEOUT, ()),
@@ -853,10 +850,7 @@ where
         Ok(())
     }
 
-    fn poll_ka_timer(
-        mut self: Pin<&mut Self>,
-        cx: &mut Context<'_>,
-    ) -> Result<(), DispatchError> {
+    fn poll_ka_timer(mut self: Pin<&mut Self>, cx: &mut Context<'_>) -> Result<(), DispatchError> {
         let this = self.as_mut().project();
         if let TimerState::Active { timer } = this.ka_timer {
             debug_assert!(
@@ -868,15 +862,21 @@ where
                 "dispatcher should not be in keep-alive phase if state is not none: {:?}",
                 this.state,
             );
-            debug_assert!(
-                this.write_buf.is_empty(),
-                "dispatcher should not be in keep-alive phase if write_buf is not empty",
-            );
+
+            // Assert removed by @robjtede on account of issue #2655. There are cases where an I/O
+            // flush can be pending after entering the keep-alive state causing the subsequent flush
+            // wake up to panic here. This appears to be a Linux-only problem. Leaving original code
+            // below for posterity because a simple and reliable test could not be found to trigger
+            // the behavior.
+            // debug_assert!(
+            //     this.write_buf.is_empty(),
+            //     "dispatcher should not be in keep-alive phase if write_buf is not empty",
+            // );
 
             // keep-alive timer has timed out
             if timer.as_mut().poll(cx).is_ready() {
                 // no tasks at hand
-                log::trace!("timer timed out; closing connection");
+                trace!("timer timed out; closing connection");
                 this.flags.insert(Flags::SHUTDOWN);
 
                 if let Some(deadline) = this.config.client_disconnect_deadline() {
@@ -906,7 +906,7 @@ where
 
             // timed-out during shutdown; drop connection
             if timer.as_mut().poll(cx).is_ready() {
-                log::trace!("timed-out during shutdown");
+                trace!("timed-out during shutdown");
                 return Err(DispatchError::DisconnectTimeout);
             }
         }
@@ -915,10 +915,7 @@ where
     }
 
     /// Poll head, keep-alive, and disconnect timer.
-    fn poll_timers(
-        mut self: Pin<&mut Self>,
-        cx: &mut Context<'_>,
-    ) -> Result<(), DispatchError> {
+    fn poll_timers(mut self: Pin<&mut Self>, cx: &mut Context<'_>) -> Result<(), DispatchError> {
         self.as_mut().poll_head_timer(cx)?;
         self.as_mut().poll_ka_timer(cx)?;
         self.as_mut().poll_shutdown_timer(cx)?;
@@ -932,10 +929,7 @@ where
     /// - `std::io::ErrorKind::ConnectionReset` after partial read;
     /// - all data read done.
     #[inline(always)] // TODO: bench this inline
-    fn read_available(
-        self: Pin<&mut Self>,
-        cx: &mut Context<'_>,
-    ) -> Result<bool, DispatchError> {
+    fn read_available(self: Pin<&mut Self>, cx: &mut Context<'_>) -> Result<bool, DispatchError> {
         let this = self.project();
 
         if this.flags.contains(Flags::READ_DISCONNECT) {
@@ -967,9 +961,11 @@ where
                 //
                 // A Request head too large to parse is only checked on `httparse::Status::Partial`.
 
-                if this.payload.is_none() {
-                    // When dispatcher has a payload the responsibility of wake up it would be shift
-                    // to h1::payload::Payload.
+                match this.payload {
+                    // When dispatcher has a payload the responsibility of wake ups is shifted to
+                    // `h1::payload::Payload` unless the payload is needing a read, in which case it
+                    // might not have access to the waker and could result in the dispatcher
+                    // getting stuck until timeout.
                     //
                     // Reason:
                     // Self wake up when there is payload would waste poll and/or result in
@@ -980,7 +976,8 @@ where
                     // read anymore. At this case read_buf could always remain beyond
                     // MAX_BUFFER_SIZE and self wake up would be busy poll dispatcher and
                     // waste resources.
-                    cx.waker().wake_by_ref();
+                    Some(ref p) if p.need_read(cx) != PayloadStatus::Read => {}
+                    _ => cx.waker().wake_by_ref(),
                 }
 
                 return Ok(false);
@@ -992,7 +989,7 @@ where
                 this.read_buf.reserve(HW_BUFFER_SIZE - remaining);
             }
 
-            match actix_codec::poll_read_buf(io.as_mut(), cx, this.read_buf) {
+            match tokio_util::io::poll_read_buf(io.as_mut(), cx, this.read_buf) {
                 Poll::Ready(Ok(n)) => {
                     this.flags.remove(Flags::FINISHED);
 
@@ -1065,12 +1062,12 @@ where
 
         match this.inner.project() {
             DispatcherStateProj::Upgrade { fut: upgrade } => upgrade.poll(cx).map_err(|err| {
-                log::error!("Upgrade handler error: {}", err);
+                error!("Upgrade handler error: {}", err);
                 DispatchError::Upgrade
             }),
 
             DispatcherStateProj::Normal { mut inner } => {
-                log::trace!("start flags: {:?}", &inner.flags);
+                trace!("start flags: {:?}", &inner.flags);
 
                 trace_timer_states(
                     "start",
@@ -1177,7 +1174,7 @@ where
 
                     // client is gone
                     if inner.flags.contains(Flags::WRITE_DISCONNECT) {
-                        log::trace!("client is gone; disconnecting");
+                        trace!("client is gone; disconnecting");
                         return Poll::Ready(Ok(()));
                     }
 
@@ -1186,14 +1183,14 @@ where
 
                     // read half is closed; we do not process any responses
                     if inner_p.flags.contains(Flags::READ_DISCONNECT) && state_is_none {
-                        log::trace!("read half closed; start shutdown");
+                        trace!("read half closed; start shutdown");
                         inner_p.flags.insert(Flags::SHUTDOWN);
                     }
 
                     // keep-alive and stream errors
                     if state_is_none && inner_p.write_buf.is_empty() {
                         if let Some(err) = inner_p.error.take() {
-                            log::error!("stream error: {}", &err);
+                            error!("stream error: {}", &err);
                             return Poll::Ready(Err(err));
                         }
 
@@ -1222,7 +1219,7 @@ where
                     Poll::Pending
                 };
 
-                log::trace!("end flags: {:?}", &inner.flags);
+                trace!("end flags: {:?}", &inner.flags);
 
                 poll
             }
@@ -1237,17 +1234,17 @@ fn trace_timer_states(
     ka_timer: &TimerState,
     shutdown_timer: &TimerState,
 ) {
-    log::trace!("{} timers:", label);
+    trace!("{} timers:", label);
 
     if head_timer.is_enabled() {
-        log::trace!("  head {}", &head_timer);
+        trace!("  head {}", &head_timer);
     }
 
     if ka_timer.is_enabled() {
-        log::trace!("  keep-alive {}", &ka_timer);
+        trace!("  keep-alive {}", &ka_timer);
     }
 
     if shutdown_timer.is_enabled() {
-        log::trace!("  shutdown {}", &shutdown_timer);
+        trace!("  shutdown {}", &shutdown_timer);
     }
 }

actix-http/src/h1/dispatcher_tests.rs

@@ -1,14 +1,11 @@
 use std::{future::Future, str, task::Poll, time::Duration};
 
-use actix_rt::time::sleep;
-use actix_service::fn_service;
-use actix_utils::future::{ready, Ready};
-use bytes::Bytes;
-use futures_util::future::lazy;
-
 use actix_codec::Framed;
-use actix_service::Service;
-use bytes::{Buf, BytesMut};
+use actix_rt::{pin, time::sleep};
+use actix_service::{fn_service, Service};
+use actix_utils::future::{ready, Ready};
+use bytes::{Buf, Bytes, BytesMut};
+use futures_util::future::lazy;
 
 use super::dispatcher::{Dispatcher, DispatcherState, DispatcherStateProj, Flags};
 use crate::{
@@ -43,8 +40,8 @@ fn status_service(
     fn_service(move |_req: Request| ready(Ok::<_, Error>(Response::new(status))))
 }
 
-fn echo_path_service(
-) -> impl Service<Request, Response = Response<impl MessageBody>, Error = Error> {
+fn echo_path_service() -> impl Service<Request, Response = Response<impl MessageBody>, Error = Error>
+{
     fn_service(|req: Request| {
         let path = req.path().as_bytes();
         ready(Ok::<_, Error>(
@@ -53,10 +50,18 @@ fn echo_path_service(
     })
 }
 
+fn drop_payload_service() -> impl Service<Request, Response = Response<&'static str>, Error = Error>
+{
+    fn_service(|mut req: Request| async move {
+        let _ = req.take_payload();
+        Ok::<_, Error>(Response::with_body(StatusCode::OK, "payload dropped"))
+    })
+}
+
 fn echo_payload_service() -> impl Service<Request, Response = Response<Bytes>, Error = Error> {
     fn_service(|mut req: Request| {
         Box::pin(async move {
-            use futures_util::stream::StreamExt as _;
+            use futures_util::StreamExt as _;
 
             let mut pl = req.take_payload();
             let mut body = BytesMut::new();
@@ -89,7 +94,7 @@ async fn late_request() {
         None,
         OnConnectData::default(),
     );
-    actix_rt::pin!(h1);
+    pin!(h1);
 
     lazy(|cx| {
         assert!(matches!(&h1.inner, DispatcherState::Normal { .. }));
@@ -156,7 +161,7 @@ async fn oneshot_connection() {
         None,
         OnConnectData::default(),
     );
-    actix_rt::pin!(h1);
+    pin!(h1);
 
     lazy(|cx| {
         assert!(matches!(&h1.inner, DispatcherState::Normal { .. }));
@@ -173,13 +178,16 @@ async fn oneshot_connection() {
         stabilize_date_header(&mut res);
         let res = &res[..];
 
-        let exp = b"\
-                HTTP/1.1 200 OK\r\n\
-                content-length: 5\r\n\
-                connection: close\r\n\
-                date: Thu, 01 Jan 1970 12:34:56 UTC\r\n\r\n\
-                /abcd\
-                ";
+        let exp = http_msg(
+            r"
+            HTTP/1.1 200 OK
+            content-length: 5
+            connection: close
+            date: Thu, 01 Jan 1970 12:34:56 UTC
+
+            /abcd
+            ",
+        );
 
         assert_eq!(
             res,
@@ -188,7 +196,7 @@ async fn oneshot_connection() {
                response: {:?}\n\
                expected: {:?}",
             String::from_utf8_lossy(res),
-            String::from_utf8_lossy(exp)
+            String::from_utf8_lossy(&exp)
         );
     })
     .await;
@@ -214,7 +222,7 @@ async fn keep_alive_timeout() {
         None,
         OnConnectData::default(),
     );
-    actix_rt::pin!(h1);
+    pin!(h1);
 
     lazy(|cx| {
         assert!(matches!(&h1.inner, DispatcherState::Normal { .. }));
@@ -293,7 +301,7 @@ async fn keep_alive_follow_up_req() {
         None,
         OnConnectData::default(),
     );
-    actix_rt::pin!(h1);
+    pin!(h1);
 
     lazy(|cx| {
         assert!(matches!(&h1.inner, DispatcherState::Normal { .. }));
@@ -413,7 +421,7 @@ async fn req_parse_err() {
             OnConnectData::default(),
         );
 
-        actix_rt::pin!(h1);
+        pin!(h1);
 
         match h1.as_mut().poll(cx) {
             Poll::Pending => panic!(),
@@ -459,7 +467,7 @@ async fn pipelining_ok_then_ok() {
             OnConnectData::default(),
         );
 
-        actix_rt::pin!(h1);
+        pin!(h1);
 
         assert!(matches!(&h1.inner, DispatcherState::Normal { .. }));
 
@@ -529,7 +537,7 @@ async fn pipelining_ok_then_bad() {
             OnConnectData::default(),
         );
 
-        actix_rt::pin!(h1);
+        pin!(h1);
 
         assert!(matches!(&h1.inner, DispatcherState::Normal { .. }));
 
@@ -601,7 +609,7 @@ async fn expect_handling() {
                 ",
         );
 
-        actix_rt::pin!(h1);
+        pin!(h1);
 
         assert!(h1.as_mut().poll(cx).is_pending());
         assert!(matches!(&h1.inner, DispatcherState::Normal { .. }));
@@ -626,7 +634,7 @@ async fn expect_handling() {
 
         if let DispatcherState::Normal { ref inner } = h1.inner {
             let io = inner.io.as_ref().unwrap();
-            let mut res = (&io.write_buf()[..]).to_owned();
+            let mut res = io.write_buf()[..].to_owned();
             stabilize_date_header(&mut res);
 
             assert_eq!(
@@ -678,7 +686,7 @@ async fn expect_eager() {
                 ",
         );
 
-        actix_rt::pin!(h1);
+        pin!(h1);
 
         assert!(h1.as_mut().poll(cx).is_ready());
         assert!(matches!(&h1.inner, DispatcherState::Normal { .. }));
@@ -688,7 +696,7 @@ async fn expect_eager() {
 
         if let DispatcherState::Normal { ref inner } = h1.inner {
             let io = inner.io.as_ref().unwrap();
-            let mut res = (&io.write_buf()[..]).to_owned();
+            let mut res = io.write_buf()[..].to_owned();
             stabilize_date_header(&mut res);
 
             // Despite the content-length header and even though the request payload has not
@@ -761,7 +769,7 @@ async fn upgrade_handling() {
                 ",
         );
 
-        actix_rt::pin!(h1);
+        pin!(h1);
 
         assert!(h1.as_mut().poll(cx).is_ready());
         assert!(matches!(&h1.inner, DispatcherState::Upgrade { .. }));
@@ -771,3 +779,194 @@ async fn upgrade_handling() {
     })
     .await;
 }
+
+// fix in #2624 reverted temporarily
+// complete fix tracked in #2745
+#[ignore]
+#[actix_rt::test]
+async fn handler_drop_payload() {
+    let _ = env_logger::try_init();
+
+    let mut buf = TestBuffer::new(http_msg(
+        r"
+        POST /drop-payload HTTP/1.1
+        Content-Length: 3
+        
+        abc
+        ",
+    ));
+
+    let services = HttpFlow::new(
+        drop_payload_service(),
+        ExpectHandler,
+        None::<UpgradeHandler>,
+    );
+
+    let h1 = Dispatcher::new(
+        buf.clone(),
+        services,
+        ServiceConfig::default(),
+        None,
+        OnConnectData::default(),
+    );
+    pin!(h1);
+
+    lazy(|cx| {
+        assert!(h1.as_mut().poll(cx).is_pending());
+
+        // polls: manual
+        assert_eq!(h1.poll_count, 1);
+
+        let mut res = BytesMut::from(buf.take_write_buf().as_ref());
+        stabilize_date_header(&mut res);
+        let res = &res[..];
+
+        let exp = http_msg(
+            r"
+            HTTP/1.1 200 OK
+            content-length: 15
+            date: Thu, 01 Jan 1970 12:34:56 UTC
+
+            payload dropped
+            ",
+        );
+
+        assert_eq!(
+            res,
+            exp,
+            "\nexpected response not in write buffer:\n\
+               response: {:?}\n\
+               expected: {:?}",
+            String::from_utf8_lossy(res),
+            String::from_utf8_lossy(&exp)
+        );
+
+        if let DispatcherStateProj::Normal { inner } = h1.as_mut().project().inner.project() {
+            assert!(inner.state.is_none());
+        }
+    })
+    .await;
+
+    lazy(|cx| {
+        // add message that claims to have payload longer than provided
+        buf.extend_read_buf(http_msg(
+            r"
+            POST /drop-payload HTTP/1.1
+            Content-Length: 200
+            
+            abc
+            ",
+        ));
+
+        assert!(h1.as_mut().poll(cx).is_pending());
+
+        // polls: manual => manual
+        assert_eq!(h1.poll_count, 2);
+
+        let mut res = BytesMut::from(buf.take_write_buf().as_ref());
+        stabilize_date_header(&mut res);
+        let res = &res[..];
+
+        // expect response immediately even though request side has not finished reading payload
+        let exp = http_msg(
+            r"
+            HTTP/1.1 200 OK
+            content-length: 15
+            date: Thu, 01 Jan 1970 12:34:56 UTC
+
+            payload dropped
+            ",
+        );
+
+        assert_eq!(
+            res,
+            exp,
+            "\nexpected response not in write buffer:\n\
+               response: {:?}\n\
+               expected: {:?}",
+            String::from_utf8_lossy(res),
+            String::from_utf8_lossy(&exp)
+        );
+    })
+    .await;
+
+    lazy(|cx| {
+        assert!(h1.as_mut().poll(cx).is_ready());
+
+        // polls: manual => manual => manual
+        assert_eq!(h1.poll_count, 3);
+
+        let mut res = BytesMut::from(buf.take_write_buf().as_ref());
+        stabilize_date_header(&mut res);
+        let res = &res[..];
+
+        // expect that unrequested error response is sent back since connection could not be cleaned
+        let exp = http_msg(
+            r"
+            HTTP/1.1 500 Internal Server Error
+            content-length: 0
+            connection: close
+            date: Thu, 01 Jan 1970 12:34:56 UTC
+
+            ",
+        );
+
+        assert_eq!(
+            res,
+            exp,
+            "\nexpected response not in write buffer:\n\
+               response: {:?}\n\
+               expected: {:?}",
+            String::from_utf8_lossy(res),
+            String::from_utf8_lossy(&exp)
+        );
+    })
+    .await;
+}
+
+fn http_msg(msg: impl AsRef<str>) -> BytesMut {
+    let mut msg = msg
+        .as_ref()
+        .trim()
+        .split('\n')
+        .map(|line| [line.trim_start(), "\r"].concat())
+        .collect::<Vec<_>>()
+        .join("\n");
+
+    // remove trailing \r
+    msg.pop();
+
+    if !msg.is_empty() && !msg.contains("\r\n\r\n") {
+        msg.push_str("\r\n\r\n");
+    }
+
+    BytesMut::from(msg.as_bytes())
+}
+
+#[test]
+fn http_msg_creates_msg() {
+    assert_eq!(http_msg(r""), "");
+
+    assert_eq!(
+        http_msg(
+            r"
+            POST / HTTP/1.1
+            Content-Length: 3
+            
+            abc
+            "
+        ),
+        "POST / HTTP/1.1\r\nContent-Length: 3\r\n\r\nabc"
+    );
+
+    assert_eq!(
+        http_msg(
+            r"
+            GET / HTTP/1.1
+            Content-Length: 3
+            
+            "
+        ),
+        "GET / HTTP/1.1\r\nContent-Length: 3\r\n\r\n"
+    );
+}

actix-http/src/h1/encoder.rs

@@ -210,14 +210,14 @@ pub(crate) trait MessageType: Sized {
             dst.advance_mut(pos);
         }
 
-        // optimized date header, set_date writes \r\n
         if !has_date {
+            // optimized date header, write_date_header writes its own \r\n
             config.write_date_header(dst, camel_case);
-        } else {
-            // msg eof
-            dst.extend_from_slice(b"\r\n");
         }
 
+        // end-of-headers marker
+        dst.extend_from_slice(b"\r\n");
+
         Ok(())
     }
 
@@ -310,10 +310,10 @@ impl MessageType for RequestHeadType {
                 Version::HTTP_11 => "HTTP/1.1",
                 Version::HTTP_2 => "HTTP/2.0",
                 Version::HTTP_3 => "HTTP/3.0",
-                _ => return Err(io::Error::new(io::ErrorKind::Other, "unsupported version")),
+                _ => return Err(io::Error::other("Unsupported version")),
             }
         )
-        .map_err(|e| io::Error::new(io::ErrorKind::Other, e))
+        .map_err(io::Error::other)
     }
 }
 
@@ -433,7 +433,7 @@ impl TransferEncoding {
                     buf.extend_from_slice(b"0\r\n\r\n");
                 } else {
                     writeln!(helpers::MutWriter(buf), "{:X}\r", msg.len())
-                        .map_err(|e| io::Error::new(io::ErrorKind::Other, e))?;
+                        .map_err(io::Error::other)?;
 
                     buf.reserve(msg.len() + 2);
                     buf.extend_from_slice(msg);
@@ -450,7 +450,7 @@ impl TransferEncoding {
 
                     buf.extend_from_slice(&msg[..len as usize]);
 
-                    *remaining -= len as u64;
+                    *remaining -= len;
                     Ok(*remaining == 0)
                 } else {
                     Ok(true)
@@ -517,6 +517,7 @@ unsafe fn write_camel_case(value: &[u8], buf: *mut u8, len: usize) {
             if let Some(c @ b'a'..=b'z') = iter.next() {
                 buffer[index] = c & 0b1101_1111;
             }
+            index += 1;
         }
 
         index += 1;
@@ -528,7 +529,7 @@ mod tests {
     use std::rc::Rc;
 
     use bytes::Bytes;
-    use http::header::AUTHORIZATION;
+    use http::header::{AUTHORIZATION, UPGRADE_INSECURE_REQUESTS};
 
     use super::*;
     use crate::{
@@ -559,6 +560,9 @@ mod tests {
         head.headers
             .insert(CONTENT_TYPE, HeaderValue::from_static("plain/text"));
 
+        head.headers
+            .insert(UPGRADE_INSECURE_REQUESTS, HeaderValue::from_static("1"));
+
         let mut head = RequestHeadType::Owned(head);
 
         let _ = head.encode_headers(
@@ -574,6 +578,7 @@ mod tests {
         assert!(data.contains("Connection: close\r\n"));
         assert!(data.contains("Content-Type: plain/text\r\n"));
         assert!(data.contains("Date: date\r\n"));
+        assert!(data.contains("Upgrade-Insecure-Requests: 1\r\n"));
 
         let _ = head.encode_headers(
             &mut bytes,

actix-http/src/h1/mod.rs

@@ -17,14 +17,16 @@ mod timer;
 mod upgrade;
 mod utils;
 
-pub use self::client::{ClientCodec, ClientPayloadCodec};
-pub use self::codec::Codec;
-pub use self::dispatcher::Dispatcher;
-pub use self::expect::ExpectHandler;
-pub use self::payload::Payload;
-pub use self::service::{H1Service, H1ServiceHandler};
-pub use self::upgrade::UpgradeHandler;
-pub use self::utils::SendResponse;
+pub use self::{
+    client::{ClientCodec, ClientPayloadCodec},
+    codec::Codec,
+    dispatcher::Dispatcher,
+    expect::ExpectHandler,
+    payload::Payload,
+    service::{H1Service, H1ServiceHandler},
+    upgrade::UpgradeHandler,
+    utils::SendResponse,
+};
 
 #[derive(Debug)]
 /// Codec message

actix-http/src/h1/payload.rs

@@ -16,7 +16,7 @@ use crate::error::PayloadError;
 /// max buffer size 32k
 pub(crate) const MAX_BUFFER_SIZE: usize = 32_768;
 
-#[derive(Debug, PartialEq)]
+#[derive(Debug, PartialEq, Eq)]
 pub enum PayloadStatus {
     Read,
     Pause,
@@ -117,6 +117,7 @@ impl PayloadSender {
         }
     }
 
+    #[allow(clippy::needless_pass_by_ref_mut)]
     #[inline]
     pub fn need_read(&self, cx: &mut Context<'_>) -> PayloadStatus {
         // we check need_read only if Payload (other side) is alive,
@@ -174,7 +175,7 @@ impl Inner {
 
     /// Register future waiting data from payload.
     /// Waker would be used in `Inner::wake`
-    fn register(&mut self, cx: &mut Context<'_>) {
+    fn register(&mut self, cx: &Context<'_>) {
         if self
             .task
             .as_ref()
@@ -186,7 +187,7 @@ impl Inner {
 
     // Register future feeding data to payload.
     /// Waker would be used in `Inner::wake_io`
-    fn register_io(&mut self, cx: &mut Context<'_>) {
+    fn register_io(&mut self, cx: &Context<'_>) {
         if self
             .io_task
             .as_ref()
@@ -221,7 +222,7 @@ impl Inner {
 
     fn poll_next(
         mut self: Pin<&mut Self>,
-        cx: &mut Context<'_>,
+        cx: &Context<'_>,
     ) -> Poll<Option<Result<Bytes, PayloadError>>> {
         if let Some(data) = self.items.pop_front() {
             self.len -= data.len();
@@ -252,18 +253,15 @@ impl Inner {
 
 #[cfg(test)]
 mod tests {
-    use std::panic::{RefUnwindSafe, UnwindSafe};
-
     use actix_utils::future::poll_fn;
     use static_assertions::{assert_impl_all, assert_not_impl_any};
 
     use super::*;
 
     assert_impl_all!(Payload: Unpin);
-    assert_not_impl_any!(Payload: Send, Sync, UnwindSafe, RefUnwindSafe);
+    assert_not_impl_any!(Payload: Send, Sync);
 
     assert_impl_all!(Inner: Unpin, Send, Sync);
-    assert_not_impl_any!(Inner: UnwindSafe, RefUnwindSafe);
 
     #[actix_rt::test]
     async fn test_unread_data() {

actix-http/src/h1/service.rs

@@ -13,7 +13,9 @@ use actix_service::{
 };
 use actix_utils::future::ready;
 use futures_core::future::LocalBoxFuture;
+use tracing::error;
 
+use super::{codec::Codec, dispatcher::Dispatcher, ExpectHandler, UpgradeHandler};
 use crate::{
     body::{BoxBody, MessageBody},
     config::ServiceConfig,
@@ -22,8 +24,6 @@ use crate::{
     ConnectCallback, OnConnectData, Request, Response,
 };
 
-use super::{codec::Codec, dispatcher::Dispatcher, ExpectHandler, UpgradeHandler};
-
 /// `ServiceFactory` implementation for HTTP1 transport
 pub struct H1Service<T, S, B, X = ExpectHandler, U = UpgradeHandler> {
     srv: S,
@@ -81,13 +81,8 @@ where
     /// Create simple tcp stream service
     pub fn tcp(
         self,
-    ) -> impl ServiceFactory<
-        TcpStream,
-        Config = (),
-        Response = (),
-        Error = DispatchError,
-        InitError = (),
-    > {
+    ) -> impl ServiceFactory<TcpStream, Config = (), Response = (), Error = DispatchError, InitError = ()>
+    {
         fn_service(|io: TcpStream| {
             let peer_addr = io.peer_addr().ok();
             ready(Ok((io, peer_addr)))
@@ -98,8 +93,6 @@ where
 
 #[cfg(feature = "openssl")]
 mod openssl {
-    use super::*;
-
     use actix_tls::accept::{
         openssl::{
             reexports::{Error as SslError, SslAcceptor},
@@ -108,6 +101,8 @@ mod openssl {
         TlsError,
     };
 
+    use super::*;
+
     impl<S, B, X, U> H1Service<TlsStream<TcpStream>, S, B, X, U>
     where
         S: ServiceFactory<Request, Config = ()>,
@@ -157,14 +152,13 @@ mod openssl {
     }
 }
 
-#[cfg(feature = "rustls")]
-mod rustls {
-
+#[cfg(feature = "rustls-0_20")]
+mod rustls_0_20 {
     use std::io;
 
     use actix_service::ServiceFactoryExt as _;
     use actix_tls::accept::{
-        rustls::{reexports::ServerConfig, Acceptor, TlsStream},
+        rustls_0_20::{reexports::ServerConfig, Acceptor, TlsStream},
         TlsError,
     };
 
@@ -194,7 +188,7 @@ mod rustls {
         U::Error: fmt::Display + Into<Response<BoxBody>>,
         U::InitError: fmt::Debug,
     {
-        /// Create Rustls based service.
+        /// Create Rustls v0.20 based service.
         pub fn rustls(
             self,
             config: ServerConfig,
@@ -219,6 +213,189 @@ mod rustls {
     }
 }
 
+#[cfg(feature = "rustls-0_21")]
+mod rustls_0_21 {
+    use std::io;
+
+    use actix_service::ServiceFactoryExt as _;
+    use actix_tls::accept::{
+        rustls_0_21::{reexports::ServerConfig, Acceptor, TlsStream},
+        TlsError,
+    };
+
+    use super::*;
+
+    impl<S, B, X, U> H1Service<TlsStream<TcpStream>, S, B, X, U>
+    where
+        S: ServiceFactory<Request, Config = ()>,
+        S::Future: 'static,
+        S::Error: Into<Response<BoxBody>>,
+        S::InitError: fmt::Debug,
+        S::Response: Into<Response<B>>,
+
+        B: MessageBody,
+
+        X: ServiceFactory<Request, Config = (), Response = Request>,
+        X::Future: 'static,
+        X::Error: Into<Response<BoxBody>>,
+        X::InitError: fmt::Debug,
+
+        U: ServiceFactory<
+            (Request, Framed<TlsStream<TcpStream>, Codec>),
+            Config = (),
+            Response = (),
+        >,
+        U::Future: 'static,
+        U::Error: fmt::Display + Into<Response<BoxBody>>,
+        U::InitError: fmt::Debug,
+    {
+        /// Create Rustls v0.21 based service.
+        pub fn rustls_021(
+            self,
+            config: ServerConfig,
+        ) -> impl ServiceFactory<
+            TcpStream,
+            Config = (),
+            Response = (),
+            Error = TlsError<io::Error, DispatchError>,
+            InitError = (),
+        > {
+            Acceptor::new(config)
+                .map_init_err(|_| {
+                    unreachable!("TLS acceptor service factory does not error on init")
+                })
+                .map_err(TlsError::into_service_error)
+                .map(|io: TlsStream<TcpStream>| {
+                    let peer_addr = io.get_ref().0.peer_addr().ok();
+                    (io, peer_addr)
+                })
+                .and_then(self.map_err(TlsError::Service))
+        }
+    }
+}
+
+#[cfg(feature = "rustls-0_22")]
+mod rustls_0_22 {
+    use std::io;
+
+    use actix_service::ServiceFactoryExt as _;
+    use actix_tls::accept::{
+        rustls_0_22::{reexports::ServerConfig, Acceptor, TlsStream},
+        TlsError,
+    };
+
+    use super::*;
+
+    impl<S, B, X, U> H1Service<TlsStream<TcpStream>, S, B, X, U>
+    where
+        S: ServiceFactory<Request, Config = ()>,
+        S::Future: 'static,
+        S::Error: Into<Response<BoxBody>>,
+        S::InitError: fmt::Debug,
+        S::Response: Into<Response<B>>,
+
+        B: MessageBody,
+
+        X: ServiceFactory<Request, Config = (), Response = Request>,
+        X::Future: 'static,
+        X::Error: Into<Response<BoxBody>>,
+        X::InitError: fmt::Debug,
+
+        U: ServiceFactory<
+            (Request, Framed<TlsStream<TcpStream>, Codec>),
+            Config = (),
+            Response = (),
+        >,
+        U::Future: 'static,
+        U::Error: fmt::Display + Into<Response<BoxBody>>,
+        U::InitError: fmt::Debug,
+    {
+        /// Create Rustls v0.22 based service.
+        pub fn rustls_0_22(
+            self,
+            config: ServerConfig,
+        ) -> impl ServiceFactory<
+            TcpStream,
+            Config = (),
+            Response = (),
+            Error = TlsError<io::Error, DispatchError>,
+            InitError = (),
+        > {
+            Acceptor::new(config)
+                .map_init_err(|_| {
+                    unreachable!("TLS acceptor service factory does not error on init")
+                })
+                .map_err(TlsError::into_service_error)
+                .map(|io: TlsStream<TcpStream>| {
+                    let peer_addr = io.get_ref().0.peer_addr().ok();
+                    (io, peer_addr)
+                })
+                .and_then(self.map_err(TlsError::Service))
+        }
+    }
+}
+
+#[cfg(feature = "rustls-0_23")]
+mod rustls_0_23 {
+    use std::io;
+
+    use actix_service::ServiceFactoryExt as _;
+    use actix_tls::accept::{
+        rustls_0_23::{reexports::ServerConfig, Acceptor, TlsStream},
+        TlsError,
+    };
+
+    use super::*;
+
+    impl<S, B, X, U> H1Service<TlsStream<TcpStream>, S, B, X, U>
+    where
+        S: ServiceFactory<Request, Config = ()>,
+        S::Future: 'static,
+        S::Error: Into<Response<BoxBody>>,
+        S::InitError: fmt::Debug,
+        S::Response: Into<Response<B>>,
+
+        B: MessageBody,
+
+        X: ServiceFactory<Request, Config = (), Response = Request>,
+        X::Future: 'static,
+        X::Error: Into<Response<BoxBody>>,
+        X::InitError: fmt::Debug,
+
+        U: ServiceFactory<
+            (Request, Framed<TlsStream<TcpStream>, Codec>),
+            Config = (),
+            Response = (),
+        >,
+        U::Future: 'static,
+        U::Error: fmt::Display + Into<Response<BoxBody>>,
+        U::InitError: fmt::Debug,
+    {
+        /// Create Rustls v0.23 based service.
+        pub fn rustls_0_23(
+            self,
+            config: ServerConfig,
+        ) -> impl ServiceFactory<
+            TcpStream,
+            Config = (),
+            Response = (),
+            Error = TlsError<io::Error, DispatchError>,
+            InitError = (),
+        > {
+            Acceptor::new(config)
+                .map_init_err(|_| {
+                    unreachable!("TLS acceptor service factory does not error on init")
+                })
+                .map_err(TlsError::into_service_error)
+                .map(|io: TlsStream<TcpStream>| {
+                    let peer_addr = io.get_ref().0.peer_addr().ok();
+                    (io, peer_addr)
+                })
+                .and_then(self.map_err(TlsError::Service))
+        }
+    }
+}
+
 impl<T, S, B, X, U> H1Service<T, S, B, X, U>
 where
     S: ServiceFactory<Request, Config = ()>,
@@ -303,15 +480,15 @@ where
         let cfg = self.cfg.clone();
 
         Box::pin(async move {
-            let expect = expect
-                .await
-                .map_err(|e| log::error!("Init http expect service error: {:?}", e))?;
+            let expect = expect.await.map_err(|err| {
+                tracing::error!("Initialization of HTTP expect service error: {err:?}");
+            })?;
 
             let upgrade = match upgrade {
                 Some(upgrade) => {
-                    let upgrade = upgrade
-                        .await
-                        .map_err(|e| log::error!("Init http upgrade service error: {:?}", e))?;
+                    let upgrade = upgrade.await.map_err(|err| {
+                        tracing::error!("Initialization of HTTP upgrade service error: {err:?}");
+                    })?;
                     Some(upgrade)
                 }
                 None => None,
@@ -319,7 +496,7 @@ where
 
             let service = service
                 .await
-                .map_err(|e| log::error!("Init http service error: {:?}", e))?;
+                .map_err(|err| error!("Initialization of HTTP service error: {err:?}"))?;
 
             Ok(H1ServiceHandler::new(
                 cfg,
@@ -357,13 +534,13 @@ where
 
     fn poll_ready(&self, cx: &mut Context<'_>) -> Poll<Result<(), Self::Error>> {
         self._poll_ready(cx).map_err(|err| {
-            log::error!("HTTP/1 service readiness error: {:?}", err);
+            error!("HTTP/1 service readiness error: {:?}", err);
             DispatchError::Service(err)
         })
     }
 
     fn call(&self, (io, addr): (T, Option<net::SocketAddr>)) -> Self::Future {
         let conn_data = OnConnectData::from_io(&io, self.on_connect_ext.as_deref());
-        Dispatcher::new(io, self.flow.clone(), self.cfg.clone(), addr, conn_data)
+        Dispatcher::new(io, Rc::clone(&self.flow), self.cfg.clone(), addr, conn_data)
     }
 }

actix-http/src/h1/timer.rs

@@ -1,6 +1,7 @@
 use std::{fmt, future::Future, pin::Pin, task::Context};
 
 use actix_rt::time::{Instant, Sleep};
+use tracing::trace;
 
 #[derive(Debug)]
 pub(super) enum TimerState {
@@ -24,7 +25,7 @@ impl TimerState {
 
     pub(super) fn set(&mut self, timer: Sleep, line: u32) {
         if matches!(self, Self::Disabled) {
-            log::trace!("setting disabled timer from line {}", line);
+            trace!("setting disabled timer from line {}", line);
         }
 
         *self = Self::Active {
@@ -39,11 +40,11 @@ impl TimerState {
 
     pub(super) fn clear(&mut self, line: u32) {
         if matches!(self, Self::Disabled) {
-            log::trace!("trying to clear a disabled timer from line {}", line);
+            trace!("trying to clear a disabled timer from line {}", line);
         }
 
         if matches!(self, Self::Inactive) {
-            log::trace!("trying to clear an inactive timer from line {}", line);
+            trace!("trying to clear an inactive timer from line {}", line);
         }
 
         *self = Self::Inactive;

actix-http/src/h2/dispatcher.rs

@@ -4,7 +4,7 @@ use std::{
     future::Future,
     marker::PhantomData,
     net,
-    pin::Pin,
+    pin::{pin, Pin},
     rc::Rc,
     task::{Context, Poll},
 };
@@ -19,15 +19,16 @@ use h2::{
     server::{Connection, SendResponse},
     Ping, PingPong,
 };
-use log::{error, trace};
 use pin_project_lite::pin_project;
 
 use crate::{
     body::{BodySize, BoxBody, MessageBody},
     config::ServiceConfig,
-    header::{HeaderValue, CONNECTION, CONTENT_LENGTH, DATE, TRANSFER_ENCODING},
+    header::{
+        HeaderName, HeaderValue, CONNECTION, CONTENT_LENGTH, DATE, TRANSFER_ENCODING, UPGRADE,
+    },
     service::HttpFlow,
-    Extensions, OnConnectData, Payload, Request, Response, ResponseHead,
+    Extensions, Method, OnConnectData, Payload, Request, Response, ResponseHead,
 };
 
 const CHUNK_SIZE: usize = 16_384;
@@ -65,7 +66,7 @@ where
                     timer
                 })
                 .unwrap_or_else(|| Box::pin(sleep(dur))),
-            on_flight: false,
+            in_flight: false,
             ping_pong: conn.ping_pong().unwrap(),
         });
 
@@ -82,9 +83,14 @@ where
 }
 
 struct H2PingPong {
-    timer: Pin<Box<Sleep>>,
-    on_flight: bool,
+    /// Handle to send ping frames from the peer.
     ping_pong: PingPong,
+
+    /// True when a ping has been sent and is waiting for a reply.
+    in_flight: bool,
+
+    /// Timeout for pong response.
+    timer: Pin<Box<Sleep>>,
 }
 
 impl<T, S, B, X, U> Future for Dispatcher<T, S, B, X, U>
@@ -111,6 +117,7 @@ where
                     let payload = crate::h2::Payload::new(body);
                     let pl = Payload::H2 { payload };
                     let mut req = Request::with_payload(pl);
+                    let head_req = parts.method == Method::HEAD;
 
                     let head = req.head_mut();
                     head.uri = parts.uri;
@@ -119,7 +126,7 @@ where
                     head.headers = parts.headers.into();
                     head.peer_addr = this.peer_addr;
 
-                    req.conn_data = this.conn_data.as_ref().map(Rc::clone);
+                    req.conn_data.clone_from(&this.conn_data);
 
                     let fut = this.flow.service.call(req);
                     let config = this.config.clone();
@@ -128,10 +135,10 @@ where
                     actix_rt::spawn(async move {
                         // resolve service call and send response.
                         let res = match fut.await {
-                            Ok(res) => handle_response(res.into(), tx, config).await,
+                            Ok(res) => handle_response(res.into(), tx, config, head_req).await,
                             Err(err) => {
                                 let res: Response<BoxBody> = err.into();
-                                handle_response(res, tx, config).await
+                                handle_response(res, tx, config, head_req).await
                             }
                         };
 
@@ -139,37 +146,41 @@ where
                         if let Err(err) = res {
                             match err {
                                 DispatchError::SendResponse(err) => {
-                                    trace!("Error sending HTTP/2 response: {:?}", err)
+                                    tracing::trace!("Error sending response: {err:?}");
+                                }
+                                DispatchError::SendData(err) => {
+                                    tracing::warn!("Send data error: {err:?}");
                                 }
-                                DispatchError::SendData(err) => log::warn!("{:?}", err),
                                 DispatchError::ResponseBody(err) => {
-                                    error!("Response payload stream error: {:?}", err)
+                                    tracing::error!("Response payload stream error: {err:?}");
                                 }
                             }
                         }
                     });
                 }
                 Poll::Ready(None) => return Poll::Ready(Ok(())),
+
                 Poll::Pending => match this.ping_pong.as_mut() {
                     Some(ping_pong) => loop {
-                        if ping_pong.on_flight {
-                            // When have on flight ping pong. poll pong and and keep alive timer.
-                            // on success pong received update keep alive timer to determine the next timing of
-                            // ping pong.
+                        if ping_pong.in_flight {
+                            // When there is an in-flight ping-pong, poll pong and and keep-alive
+                            // timer. On successful pong received, update keep-alive timer to
+                            // determine the next timing of ping pong.
                             match ping_pong.ping_pong.poll_pong(cx)? {
                                 Poll::Ready(_) => {
-                                    ping_pong.on_flight = false;
+                                    ping_pong.in_flight = false;
 
                                     let dead_line = this.config.keep_alive_deadline().unwrap();
                                     ping_pong.timer.as_mut().reset(dead_line.into());
                                 }
                                 Poll::Pending => {
-                                    return ping_pong.timer.as_mut().poll(cx).map(|_| Ok(()))
+                                    return ping_pong.timer.as_mut().poll(cx).map(|_| Ok(()));
                                 }
                             }
                         } else {
-                            // When there is no on flight ping pong. keep alive timer is used to wait for next
-                            // timing of ping pong. Therefore at this point it serves as an interval instead.
+                            // When there is no in-flight ping-pong, keep-alive timer is used to
+                            // wait for next timing of ping-pong. Therefore, at this point it serves
+                            // as an interval instead.
                             ready!(ping_pong.timer.as_mut().poll(cx));
 
                             ping_pong.ping_pong.send_ping(Ping::opaque())?;
@@ -177,7 +188,7 @@ where
                             let dead_line = this.config.keep_alive_deadline().unwrap();
                             ping_pong.timer.as_mut().reset(dead_line.into());
 
-                            ping_pong.on_flight = true;
+                            ping_pong.in_flight = true;
                         }
                     },
                     None => return Poll::Pending,
@@ -197,6 +208,7 @@ async fn handle_response<B>(
     res: Response<B>,
     mut tx: SendResponse<Bytes>,
     config: ServiceConfig,
+    head_req: bool,
 ) -> Result<(), DispatchError>
 where
     B: MessageBody,
@@ -206,20 +218,20 @@ where
     // prepare response.
     let mut size = body.size();
     let res = prepare_response(config, res.head(), &mut size);
-    let eof = size.is_eof();
+    let eof_or_head = size.is_eof() || head_req;
 
     // send response head and return on eof.
     let mut stream = tx
-        .send_response(res, eof)
+        .send_response(res, eof_or_head)
         .map_err(DispatchError::SendResponse)?;
 
-    if eof {
+    if eof_or_head {
         return Ok(());
     }
 
-    // poll response body and send chunks to client
-    actix_rt::pin!(body);
+    let mut body = pin!(body);
 
+    // poll response body and send chunks to client
     while let Some(res) = poll_fn(|cx| body.as_mut().poll_next(cx)).await {
         let mut chunk = res.map_err(|err| DispatchError::ResponseBody(err.into()))?;
 
@@ -285,13 +297,13 @@ fn prepare_response(
         _ => {}
     }
 
-    let _ = match size {
-        BodySize::None | BodySize::Stream => None,
+    match size {
+        BodySize::None | BodySize::Stream => {}
 
         BodySize::Sized(0) => {
             #[allow(clippy::declare_interior_mutable_const)]
             const HV_ZERO: HeaderValue = HeaderValue::from_static("0");
-            res.headers_mut().insert(CONTENT_LENGTH, HV_ZERO)
+            res.headers_mut().insert(CONTENT_LENGTH, HV_ZERO);
         }
 
         BodySize::Sized(len) => {
@@ -300,19 +312,28 @@ fn prepare_response(
             res.headers_mut().insert(
                 CONTENT_LENGTH,
                 HeaderValue::from_str(buf.format(*len)).unwrap(),
-            )
+            );
         }
     };
 
     // copy headers
     for (key, value) in head.headers.iter() {
-        match *key {
-            // TODO: consider skipping other headers according to:
-            //       https://datatracker.ietf.org/doc/html/rfc7540#section-8.1.2.2
-            // omit HTTP/1.x only headers
-            CONNECTION | TRANSFER_ENCODING => continue,
-            CONTENT_LENGTH if skip_len => continue,
-            DATE => has_date = true,
+        match key {
+            // omit HTTP/1.x only headers according to:
+            // https://datatracker.ietf.org/doc/html/rfc7540#section-8.1.2.2
+            &CONNECTION | &TRANSFER_ENCODING | &UPGRADE => continue,
+
+            &CONTENT_LENGTH if skip_len => continue,
+            &DATE => has_date = true,
+
+            // omit HTTP/1.x only headers according to:
+            // https://datatracker.ietf.org/doc/html/rfc7540#section-8.1.2.2
+            hdr if hdr == HeaderName::from_static("keep-alive")
+                || hdr == HeaderName::from_static("proxy-connection") =>
+            {
+                continue
+            }
+
             _ => {}
         }
 

actix-http/src/h2/mod.rs

@@ -23,8 +23,7 @@ use crate::{
 mod dispatcher;
 mod service;
 
-pub use self::dispatcher::Dispatcher;
-pub use self::service::H2Service;
+pub use self::{dispatcher::Dispatcher, service::H2Service};
 
 /// HTTP/2 peer stream.
 pub struct Payload {
@@ -58,10 +57,7 @@ impl Stream for Payload {
     }
 }
 
-pub(crate) fn handshake_with_timeout<T>(
-    io: T,
-    config: &ServiceConfig,
-) -> HandshakeWithTimeout<T>
+pub(crate) fn handshake_with_timeout<T>(io: T, config: &ServiceConfig) -> HandshakeWithTimeout<T>
 where
     T: AsyncRead + AsyncWrite + Unpin,
 {
@@ -103,11 +99,9 @@ where
 
 #[cfg(test)]
 mod tests {
-    use std::panic::{RefUnwindSafe, UnwindSafe};
-
     use static_assertions::assert_impl_all;
 
     use super::*;
 
-    assert_impl_all!(Payload: Unpin, Send, Sync, UnwindSafe, RefUnwindSafe);
+    assert_impl_all!(Payload: Unpin, Send, Sync);
 }

actix-http/src/h2/service.rs

@@ -14,8 +14,9 @@ use actix_service::{
 };
 use actix_utils::future::ready;
 use futures_core::{future::LocalBoxFuture, ready};
-use log::error;
+use tracing::{error, trace};
 
+use super::{dispatcher::Dispatcher, handshake_with_timeout, HandshakeWithTimeout};
 use crate::{
     body::{BoxBody, MessageBody},
     config::ServiceConfig,
@@ -24,8 +25,6 @@ use crate::{
     ConnectCallback, OnConnectData, Request, Response,
 };
 
-use super::{dispatcher::Dispatcher, handshake_with_timeout, HandshakeWithTimeout};
-
 /// `ServiceFactory` implementation for HTTP/2 transport
 pub struct H2Service<T, S, B> {
     srv: S,
@@ -141,8 +140,8 @@ mod openssl {
     }
 }
 
-#[cfg(feature = "rustls")]
-mod rustls {
+#[cfg(feature = "rustls-0_20")]
+mod rustls_0_20 {
     use std::io;
 
     use actix_service::ServiceFactoryExt as _;
@@ -163,7 +162,7 @@ mod rustls {
 
         B: MessageBody + 'static,
     {
-        /// Create Rustls based service.
+        /// Create Rustls v0.20 based service.
         pub fn rustls(
             self,
             mut config: ServerConfig,
@@ -192,6 +191,159 @@ mod rustls {
     }
 }
 
+#[cfg(feature = "rustls-0_21")]
+mod rustls_0_21 {
+    use std::io;
+
+    use actix_service::ServiceFactoryExt as _;
+    use actix_tls::accept::{
+        rustls_0_21::{reexports::ServerConfig, Acceptor, TlsStream},
+        TlsError,
+    };
+
+    use super::*;
+
+    impl<S, B> H2Service<TlsStream<TcpStream>, S, B>
+    where
+        S: ServiceFactory<Request, Config = ()>,
+        S::Future: 'static,
+        S::Error: Into<Response<BoxBody>> + 'static,
+        S::Response: Into<Response<B>> + 'static,
+        <S::Service as Service<Request>>::Future: 'static,
+
+        B: MessageBody + 'static,
+    {
+        /// Create Rustls v0.21 based service.
+        pub fn rustls_021(
+            self,
+            mut config: ServerConfig,
+        ) -> impl ServiceFactory<
+            TcpStream,
+            Config = (),
+            Response = (),
+            Error = TlsError<io::Error, DispatchError>,
+            InitError = S::InitError,
+        > {
+            let mut protos = vec![b"h2".to_vec()];
+            protos.extend_from_slice(&config.alpn_protocols);
+            config.alpn_protocols = protos;
+
+            Acceptor::new(config)
+                .map_init_err(|_| {
+                    unreachable!("TLS acceptor service factory does not error on init")
+                })
+                .map_err(TlsError::into_service_error)
+                .map(|io: TlsStream<TcpStream>| {
+                    let peer_addr = io.get_ref().0.peer_addr().ok();
+                    (io, peer_addr)
+                })
+                .and_then(self.map_err(TlsError::Service))
+        }
+    }
+}
+
+#[cfg(feature = "rustls-0_22")]
+mod rustls_0_22 {
+    use std::io;
+
+    use actix_service::ServiceFactoryExt as _;
+    use actix_tls::accept::{
+        rustls_0_22::{reexports::ServerConfig, Acceptor, TlsStream},
+        TlsError,
+    };
+
+    use super::*;
+
+    impl<S, B> H2Service<TlsStream<TcpStream>, S, B>
+    where
+        S: ServiceFactory<Request, Config = ()>,
+        S::Future: 'static,
+        S::Error: Into<Response<BoxBody>> + 'static,
+        S::Response: Into<Response<B>> + 'static,
+        <S::Service as Service<Request>>::Future: 'static,
+
+        B: MessageBody + 'static,
+    {
+        /// Create Rustls v0.22 based service.
+        pub fn rustls_0_22(
+            self,
+            mut config: ServerConfig,
+        ) -> impl ServiceFactory<
+            TcpStream,
+            Config = (),
+            Response = (),
+            Error = TlsError<io::Error, DispatchError>,
+            InitError = S::InitError,
+        > {
+            let mut protos = vec![b"h2".to_vec()];
+            protos.extend_from_slice(&config.alpn_protocols);
+            config.alpn_protocols = protos;
+
+            Acceptor::new(config)
+                .map_init_err(|_| {
+                    unreachable!("TLS acceptor service factory does not error on init")
+                })
+                .map_err(TlsError::into_service_error)
+                .map(|io: TlsStream<TcpStream>| {
+                    let peer_addr = io.get_ref().0.peer_addr().ok();
+                    (io, peer_addr)
+                })
+                .and_then(self.map_err(TlsError::Service))
+        }
+    }
+}
+
+#[cfg(feature = "rustls-0_23")]
+mod rustls_0_23 {
+    use std::io;
+
+    use actix_service::ServiceFactoryExt as _;
+    use actix_tls::accept::{
+        rustls_0_23::{reexports::ServerConfig, Acceptor, TlsStream},
+        TlsError,
+    };
+
+    use super::*;
+
+    impl<S, B> H2Service<TlsStream<TcpStream>, S, B>
+    where
+        S: ServiceFactory<Request, Config = ()>,
+        S::Future: 'static,
+        S::Error: Into<Response<BoxBody>> + 'static,
+        S::Response: Into<Response<B>> + 'static,
+        <S::Service as Service<Request>>::Future: 'static,
+
+        B: MessageBody + 'static,
+    {
+        /// Create Rustls v0.23 based service.
+        pub fn rustls_0_23(
+            self,
+            mut config: ServerConfig,
+        ) -> impl ServiceFactory<
+            TcpStream,
+            Config = (),
+            Response = (),
+            Error = TlsError<io::Error, DispatchError>,
+            InitError = S::InitError,
+        > {
+            let mut protos = vec![b"h2".to_vec()];
+            protos.extend_from_slice(&config.alpn_protocols);
+            config.alpn_protocols = protos;
+
+            Acceptor::new(config)
+                .map_init_err(|_| {
+                    unreachable!("TLS acceptor service factory does not error on init")
+                })
+                .map_err(TlsError::into_service_error)
+                .map(|io: TlsStream<TcpStream>| {
+                    let peer_addr = io.get_ref().0.peer_addr().ok();
+                    (io, peer_addr)
+                })
+                .and_then(self.map_err(TlsError::Service))
+        }
+    }
+}
+
 impl<T, S, B> ServiceFactory<(T, Option<net::SocketAddr>)> for H2Service<T, S, B>
 where
     T: AsyncRead + AsyncWrite + Unpin + 'static,
@@ -282,7 +434,7 @@ where
 
         H2ServiceHandlerResponse {
             state: State::Handshake(
-                Some(self.flow.clone()),
+                Some(Rc::clone(&self.flow)),
                 Some(self.cfg.clone()),
                 addr,
                 on_connect_data,
@@ -355,7 +507,7 @@ where
                 }
 
                 Err(err) => {
-                    log::trace!("H2 handshake error: {}", err);
+                    trace!("H2 handshake error: {}", err);
                     Poll::Ready(Err(err))
                 }
             },

actix-http/src/header/common.rs

@@ -0,0 +1,61 @@
+//! Common header names not defined in [`http`].
+//!
+//! Any headers added to this file will need to be re-exported from the list at `crate::headers`.
+
+use http::header::HeaderName;
+
+/// Response header field that indicates how caches have handled that response and its corresponding
+/// request.
+///
+/// See [RFC 9211](https://www.rfc-editor.org/rfc/rfc9211) for full semantics.
+// TODO(breaking): replace with http's version
+pub const CACHE_STATUS: HeaderName = HeaderName::from_static("cache-status");
+
+/// Response header field that allows origin servers to control the behavior of CDN caches
+/// interposed between them and clients separately from other caches that might handle the response.
+///
+/// See [RFC 9213](https://www.rfc-editor.org/rfc/rfc9213) for full semantics.
+// TODO(breaking): replace with http's version
+pub const CDN_CACHE_CONTROL: HeaderName = HeaderName::from_static("cdn-cache-control");
+
+/// Response header field that sends a signal to the user agent that it ought to remove all data of
+/// a certain set of types.
+///
+/// See the [W3C Clear-Site-Data spec] for full semantics.
+///
+/// [W3C Clear-Site-Data spec]: https://www.w3.org/TR/clear-site-data/#header
+pub const CLEAR_SITE_DATA: HeaderName = HeaderName::from_static("clear-site-data");
+
+/// Response header that prevents a document from loading any cross-origin resources that don't
+/// explicitly grant the document permission (using [CORP] or [CORS]).
+///
+/// [CORP]: https://developer.mozilla.org/en-US/docs/Web/HTTP/Cross-Origin_Resource_Policy_(CORP)
+/// [CORS]: https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS
+pub const CROSS_ORIGIN_EMBEDDER_POLICY: HeaderName =
+    HeaderName::from_static("cross-origin-embedder-policy");
+
+/// Response header that allows you to ensure a top-level document does not share a browsing context
+/// group with cross-origin documents.
+pub const CROSS_ORIGIN_OPENER_POLICY: HeaderName =
+    HeaderName::from_static("cross-origin-opener-policy");
+
+/// Response header that conveys a desire that the browser blocks no-cors cross-origin/cross-site
+/// requests to the given resource.
+pub const CROSS_ORIGIN_RESOURCE_POLICY: HeaderName =
+    HeaderName::from_static("cross-origin-resource-policy");
+
+/// Response header that provides a mechanism to allow and deny the use of browser features in a
+/// document or within any `<iframe>` elements in the document.
+pub const PERMISSIONS_POLICY: HeaderName = HeaderName::from_static("permissions-policy");
+
+/// Request header (de-facto standard) for identifying the originating IP address of a client
+/// connecting to a web server through a proxy server.
+pub const X_FORWARDED_FOR: HeaderName = HeaderName::from_static("x-forwarded-for");
+
+/// Request header (de-facto standard) for identifying the original host requested by the client in
+/// the `Host` HTTP request header.
+pub const X_FORWARDED_HOST: HeaderName = HeaderName::from_static("x-forwarded-host");
+
+/// Request header (de-facto standard) for identifying the protocol that a client used to connect to
+/// your proxy or load balancer.
+pub const X_FORWARDED_PROTO: HeaderName = HeaderName::from_static("x-forwarded-proto");

actix-http/src/header/into_pair.rs

@@ -1,7 +1,5 @@
 //! [`TryIntoHeaderPair`] trait and implementations.
 
-use std::convert::TryFrom as _;
-
 use super::{
     Header, HeaderName, HeaderValue, InvalidHeaderName, InvalidHeaderValue, TryIntoHeaderValue,
 };

actix-http/src/header/into_value.rs

@@ -1,7 +1,5 @@
 //! [`TryIntoHeaderValue`] trait and implementations.
 
-use std::convert::TryFrom as _;
-
 use bytes::Bytes;
 use http::{header::InvalidHeaderValue, Error as HttpError, HeaderValue};
 use mime::Mime;

actix-http/src/header/map.rs

@@ -2,7 +2,7 @@
 
 use std::{borrow::Cow, collections::hash_map, iter, ops};
 
-use ahash::AHashMap;
+use foldhash::{HashMap as FoldHashMap, HashMapExt as _};
 use http::header::{HeaderName, HeaderValue};
 use smallvec::{smallvec, SmallVec};
 
@@ -13,8 +13,9 @@ use super::AsHeaderName;
 /// `HeaderMap` is a "multi-map" of [`HeaderName`] to one or more [`HeaderValue`]s.
 ///
 /// # Examples
+///
 /// ```
-/// use actix_http::header::{self, HeaderMap, HeaderValue};
+/// # use actix_http::header::{self, HeaderMap, HeaderValue};
 ///
 /// let mut map = HeaderMap::new();
 ///
@@ -29,9 +30,24 @@ use super::AsHeaderName;
 ///
 /// assert!(!map.contains_key(header::ORIGIN));
 /// ```
+///
+/// Construct a header map using the [`FromIterator`] implementation. Note that it uses the append
+/// strategy, so duplicate header names are preserved.
+///
+/// ```
+/// use actix_http::header::{self, HeaderMap, HeaderValue};
+///
+/// let headers = HeaderMap::from_iter([
+///     (header::CONTENT_TYPE, HeaderValue::from_static("text/plain")),
+///     (header::COOKIE, HeaderValue::from_static("foo=1")),
+///     (header::COOKIE, HeaderValue::from_static("bar=1")),
+/// ]);
+///
+/// assert_eq!(headers.len(), 3);
+/// ```
 #[derive(Debug, Clone, Default)]
 pub struct HeaderMap {
-    pub(crate) inner: AHashMap<HeaderName, Value>,
+    pub(crate) inner: FoldHashMap<HeaderName, Value>,
 }
 
 /// A bespoke non-empty list for HeaderMap values.
@@ -100,7 +116,7 @@ impl HeaderMap {
     /// ```
     pub fn with_capacity(capacity: usize) -> Self {
         HeaderMap {
-            inner: AHashMap::with_capacity(capacity),
+            inner: FoldHashMap::with_capacity(capacity),
         }
     }
 
@@ -150,9 +166,7 @@ impl HeaderMap {
     /// assert_eq!(map.len(), 3);
     /// ```
     pub fn len(&self) -> usize {
-        self.inner
-            .iter()
-            .fold(0, |acc, (_, values)| acc + values.len())
+        self.inner.values().map(|vals| vals.len()).sum()
     }
 
     /// Returns the number of _keys_ stored in the map.
@@ -309,7 +323,7 @@ impl HeaderMap {
     pub fn get_all(&self, key: impl AsHeaderName) -> std::slice::Iter<'_, HeaderValue> {
         match self.get_value(key) {
             Some(value) => value.iter(),
-            None => (&[]).iter(),
+            None => [].iter(),
         }
     }
 
@@ -370,8 +384,8 @@ impl HeaderMap {
     /// let removed = map.insert(header::ACCEPT, HeaderValue::from_static("text/html"));
     /// assert!(!removed.is_empty());
     /// ```
-    pub fn insert(&mut self, key: HeaderName, val: HeaderValue) -> Removed {
-        let value = self.inner.insert(key, Value::one(val));
+    pub fn insert(&mut self, name: HeaderName, val: HeaderValue) -> Removed {
+        let value = self.inner.insert(name, Value::one(val));
         Removed::new(value)
     }
 
@@ -552,6 +566,39 @@ impl HeaderMap {
         Keys(self.inner.keys())
     }
 
+    /// Retains only the headers specified by the predicate.
+    ///
+    /// In other words, removes all headers `(name, val)` for which `retain_fn(&name, &mut val)`
+    /// returns false.
+    ///
+    /// The order in which headers are visited should be considered arbitrary.
+    ///
+    /// # Examples
+    /// ```
+    /// # use actix_http::header::{self, HeaderMap, HeaderValue};
+    /// let mut map = HeaderMap::new();
+    ///
+    /// map.append(header::HOST, HeaderValue::from_static("duck.com"));
+    /// map.append(header::SET_COOKIE, HeaderValue::from_static("one=1"));
+    /// map.append(header::SET_COOKIE, HeaderValue::from_static("two=2"));
+    ///
+    /// map.retain(|name, val| val.as_bytes().starts_with(b"one"));
+    ///
+    /// assert_eq!(map.len(), 1);
+    /// assert!(map.contains_key(&header::SET_COOKIE));
+    /// ```
+    pub fn retain<F>(&mut self, mut retain_fn: F)
+    where
+        F: FnMut(&HeaderName, &mut HeaderValue) -> bool,
+    {
+        self.inner.retain(|name, vals| {
+            vals.inner.retain(|val| retain_fn(name, val));
+
+            // invariant: make sure newly empty value lists are removed
+            !vals.is_empty()
+        })
+    }
+
     /// Clears the map, returning all name-value sets as an iterator.
     ///
     /// Header names will only be yielded for the first value in each set. All items that are
@@ -605,10 +652,34 @@ impl<'a> IntoIterator for &'a HeaderMap {
     }
 }
 
-/// Convert `http::HeaderMap` to our `HeaderMap`.
+impl FromIterator<(HeaderName, HeaderValue)> for HeaderMap {
+    fn from_iter<T: IntoIterator<Item = (HeaderName, HeaderValue)>>(iter: T) -> Self {
+        iter.into_iter()
+            .fold(Self::new(), |mut map, (name, value)| {
+                map.append(name, value);
+                map
+            })
+    }
+}
+
+/// Convert a `http::HeaderMap` to our `HeaderMap`.
 impl From<http::HeaderMap> for HeaderMap {
-    fn from(mut map: http::HeaderMap) -> HeaderMap {
-        HeaderMap::from_drain(map.drain())
+    fn from(mut map: http::HeaderMap) -> Self {
+        Self::from_drain(map.drain())
+    }
+}
+
+/// Convert our `HeaderMap` to a `http::HeaderMap`.
+impl From<HeaderMap> for http::HeaderMap {
+    fn from(map: HeaderMap) -> Self {
+        Self::from_iter(map)
+    }
+}
+
+/// Convert our `&HeaderMap` to a `http::HeaderMap`.
+impl From<&HeaderMap> for http::HeaderMap {
+    fn from(map: &HeaderMap) -> Self {
+        map.to_owned().into()
     }
 }
 
@@ -759,7 +830,7 @@ impl<'a> Drain<'a> {
     }
 }
 
-impl<'a> Iterator for Drain<'a> {
+impl Iterator for Drain<'_> {
     type Item = (Option<HeaderName>, HeaderValue);
 
     fn next(&mut self) -> Option<Self::Item> {
@@ -943,6 +1014,55 @@ mod tests {
         assert!(map.is_empty());
     }
 
+    #[test]
+    fn retain() {
+        let mut map = HeaderMap::new();
+
+        map.append(header::LOCATION, HeaderValue::from_static("/test"));
+        map.append(header::HOST, HeaderValue::from_static("duck.com"));
+        map.append(header::COOKIE, HeaderValue::from_static("one=1"));
+        map.append(header::COOKIE, HeaderValue::from_static("two=2"));
+
+        assert_eq!(map.len(), 4);
+
+        // by value
+        map.retain(|_, val| !val.as_bytes().contains(&b'/'));
+        assert_eq!(map.len(), 3);
+
+        // by name
+        map.retain(|name, _| name.as_str() != "cookie");
+        assert_eq!(map.len(), 1);
+
+        // keep but mutate value
+        map.retain(|_, val| {
+            *val = HeaderValue::from_static("replaced");
+            true
+        });
+        assert_eq!(map.len(), 1);
+        assert_eq!(map.get("host").unwrap(), "replaced");
+    }
+
+    #[test]
+    fn retain_removes_empty_value_lists() {
+        let mut map = HeaderMap::with_capacity(3);
+
+        map.append(header::HOST, HeaderValue::from_static("duck.com"));
+        map.append(header::HOST, HeaderValue::from_static("duck.com"));
+
+        assert_eq!(map.len(), 2);
+        assert_eq!(map.len_keys(), 1);
+        assert_eq!(map.inner.len(), 1);
+        assert_eq!(map.capacity(), 3);
+
+        // remove everything
+        map.retain(|_n, _v| false);
+
+        assert_eq!(map.len(), 0);
+        assert_eq!(map.len_keys(), 0);
+        assert_eq!(map.inner.len(), 0);
+        assert_eq!(map.capacity(), 3);
+    }
+
     #[test]
     fn entries_into_iter() {
         let mut map = HeaderMap::new();
@@ -1040,9 +1160,7 @@ mod tests {
         assert!(vals.next().is_none());
     }
 
-    fn owned_pair<'a>(
-        (name, val): (&'a HeaderName, &'a HeaderValue),
-    ) -> (HeaderName, HeaderValue) {
+    fn owned_pair<'a>((name, val): (&'a HeaderName, &'a HeaderValue)) -> (HeaderName, HeaderValue) {
         (name.clone(), val.clone())
     }
 }

actix-http/src/header/mod.rs

@@ -1,51 +1,59 @@
 //! Pre-defined `HeaderName`s, traits for parsing and conversion, and other header utility methods.
 
-use percent_encoding::{AsciiSet, CONTROLS};
+// declaring new header consts will yield this error
+#![allow(clippy::declare_interior_mutable_const)]
 
 // re-export from http except header map related items
-pub use http::header::{
+pub use ::http::header::{
     HeaderName, HeaderValue, InvalidHeaderName, InvalidHeaderValue, ToStrError,
 };
-
-// re-export const header names
-pub use http::header::{
+// re-export const header names, list is explicit so that any updates to `common` module do not
+// conflict with this set
+pub use ::http::header::{
     ACCEPT, ACCEPT_CHARSET, ACCEPT_ENCODING, ACCEPT_LANGUAGE, ACCEPT_RANGES,
-    ACCESS_CONTROL_ALLOW_CREDENTIALS, ACCESS_CONTROL_ALLOW_HEADERS,
-    ACCESS_CONTROL_ALLOW_METHODS, ACCESS_CONTROL_ALLOW_ORIGIN, ACCESS_CONTROL_EXPOSE_HEADERS,
-    ACCESS_CONTROL_MAX_AGE, ACCESS_CONTROL_REQUEST_HEADERS, ACCESS_CONTROL_REQUEST_METHOD, AGE,
-    ALLOW, ALT_SVC, AUTHORIZATION, CACHE_CONTROL, CONNECTION, CONTENT_DISPOSITION,
-    CONTENT_ENCODING, CONTENT_LANGUAGE, CONTENT_LENGTH, CONTENT_LOCATION, CONTENT_RANGE,
-    CONTENT_SECURITY_POLICY, CONTENT_SECURITY_POLICY_REPORT_ONLY, CONTENT_TYPE, COOKIE, DATE,
-    DNT, ETAG, EXPECT, EXPIRES, FORWARDED, FROM, HOST, IF_MATCH, IF_MODIFIED_SINCE,
-    IF_NONE_MATCH, IF_RANGE, IF_UNMODIFIED_SINCE, LAST_MODIFIED, LINK, LOCATION, MAX_FORWARDS,
-    ORIGIN, PRAGMA, PROXY_AUTHENTICATE, PROXY_AUTHORIZATION, PUBLIC_KEY_PINS,
-    PUBLIC_KEY_PINS_REPORT_ONLY, RANGE, REFERER, REFERRER_POLICY, REFRESH, RETRY_AFTER,
-    SEC_WEBSOCKET_ACCEPT, SEC_WEBSOCKET_EXTENSIONS, SEC_WEBSOCKET_KEY, SEC_WEBSOCKET_PROTOCOL,
-    SEC_WEBSOCKET_VERSION, SERVER, SET_COOKIE, STRICT_TRANSPORT_SECURITY, TE, TRAILER,
-    TRANSFER_ENCODING, UPGRADE, UPGRADE_INSECURE_REQUESTS, USER_AGENT, VARY, VIA, WARNING,
-    WWW_AUTHENTICATE, X_CONTENT_TYPE_OPTIONS, X_DNS_PREFETCH_CONTROL, X_FRAME_OPTIONS,
-    X_XSS_PROTECTION,
+    ACCESS_CONTROL_ALLOW_CREDENTIALS, ACCESS_CONTROL_ALLOW_HEADERS, ACCESS_CONTROL_ALLOW_METHODS,
+    ACCESS_CONTROL_ALLOW_ORIGIN, ACCESS_CONTROL_EXPOSE_HEADERS, ACCESS_CONTROL_MAX_AGE,
+    ACCESS_CONTROL_REQUEST_HEADERS, ACCESS_CONTROL_REQUEST_METHOD, AGE, ALLOW, ALT_SVC,
+    AUTHORIZATION, CACHE_CONTROL, CONNECTION, CONTENT_DISPOSITION, CONTENT_ENCODING,
+    CONTENT_LANGUAGE, CONTENT_LENGTH, CONTENT_LOCATION, CONTENT_RANGE, CONTENT_SECURITY_POLICY,
+    CONTENT_SECURITY_POLICY_REPORT_ONLY, CONTENT_TYPE, COOKIE, DATE, DNT, ETAG, EXPECT, EXPIRES,
+    FORWARDED, FROM, HOST, IF_MATCH, IF_MODIFIED_SINCE, IF_NONE_MATCH, IF_RANGE,
+    IF_UNMODIFIED_SINCE, LAST_MODIFIED, LINK, LOCATION, MAX_FORWARDS, ORIGIN, PRAGMA,
+    PROXY_AUTHENTICATE, PROXY_AUTHORIZATION, PUBLIC_KEY_PINS, PUBLIC_KEY_PINS_REPORT_ONLY, RANGE,
+    REFERER, REFERRER_POLICY, REFRESH, RETRY_AFTER, SEC_WEBSOCKET_ACCEPT, SEC_WEBSOCKET_EXTENSIONS,
+    SEC_WEBSOCKET_KEY, SEC_WEBSOCKET_PROTOCOL, SEC_WEBSOCKET_VERSION, SERVER, SET_COOKIE,
+    STRICT_TRANSPORT_SECURITY, TE, TRAILER, TRANSFER_ENCODING, UPGRADE, UPGRADE_INSECURE_REQUESTS,
+    USER_AGENT, VARY, VIA, WARNING, WWW_AUTHENTICATE, X_CONTENT_TYPE_OPTIONS,
+    X_DNS_PREFETCH_CONTROL, X_FRAME_OPTIONS, X_XSS_PROTECTION,
 };
+use percent_encoding::{AsciiSet, CONTROLS};
 
 use crate::{error::ParseError, HttpMessage};
 
 mod as_name;
+mod common;
 mod into_pair;
 mod into_value;
 pub mod map;
 mod shared;
 mod utils;
 
-pub use self::as_name::AsHeaderName;
-pub use self::into_pair::TryIntoHeaderPair;
-pub use self::into_value::TryIntoHeaderValue;
-pub use self::map::HeaderMap;
-pub use self::shared::{
-    parse_extended_value, q, Charset, ContentEncoding, ExtendedValue, HttpDate, LanguageTag,
-    Quality, QualityItem,
-};
-pub use self::utils::{
-    fmt_comma_delimited, from_comma_delimited, from_one_raw_str, http_percent_encode,
+pub use self::{
+    as_name::AsHeaderName,
+    // re-export list is explicit so that any updates to `http` do not conflict with this set
+    common::{
+        CACHE_STATUS, CDN_CACHE_CONTROL, CLEAR_SITE_DATA, CROSS_ORIGIN_EMBEDDER_POLICY,
+        CROSS_ORIGIN_OPENER_POLICY, CROSS_ORIGIN_RESOURCE_POLICY, PERMISSIONS_POLICY,
+        X_FORWARDED_FOR, X_FORWARDED_HOST, X_FORWARDED_PROTO,
+    },
+    into_pair::TryIntoHeaderPair,
+    into_value::TryIntoHeaderValue,
+    map::HeaderMap,
+    shared::{
+        parse_extended_value, q, Charset, ContentEncoding, ExtendedValue, HttpDate, LanguageTag,
+        Quality, QualityItem,
+    },
+    utils::{fmt_comma_delimited, from_comma_delimited, from_one_raw_str, http_percent_encode},
 };
 
 /// An interface for types that already represent a valid header.

actix-http/src/header/shared/content_encoding.rs

@@ -1,4 +1,4 @@
-use std::{convert::TryFrom, str::FromStr};
+use std::str::FromStr;
 
 use derive_more::{Display, Error};
 use http::header::InvalidHeaderValue;
@@ -11,7 +11,7 @@ use crate::{
 
 /// Error returned when a content encoding is unknown.
 #[derive(Debug, Display, Error)]
-#[display(fmt = "unsupported content encoding")]
+#[display("unsupported content encoding")]
 pub struct ContentEncodingParseError;
 
 /// Represents a supported content encoding.

actix-http/src/header/shared/extended.rs

@@ -12,7 +12,7 @@ use crate::header::{Charset, HTTP_VALUE};
 /// - A character sequence representing the actual value (`value`), separated by single quotes.
 ///
 /// It is defined in [RFC 5987 §3.2](https://datatracker.ietf.org/doc/html/rfc5987#section-3.2).
-#[derive(Clone, Debug, PartialEq)]
+#[derive(Clone, Debug, PartialEq, Eq)]
 pub struct ExtendedValue {
     /// The character set that is used to encode the `value` to a string.
     pub charset: Charset,

actix-http/src/header/shared/http_date.rs

@@ -24,8 +24,7 @@ impl FromStr for HttpDate {
 
 impl fmt::Display for HttpDate {
     fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
-        let date_str = httpdate::fmt_http_date(self.0);
-        f.write_str(&date_str)
+        httpdate::HttpDate::from(self.0).fmt(f)
     }
 }
 
@@ -37,7 +36,7 @@ impl TryIntoHeaderValue for HttpDate {
         let mut wrt = MutWriter(&mut buf);
 
         // unwrap: date output is known to be well formed and of known length
-        write!(wrt, "{}", httpdate::fmt_http_date(self.0)).unwrap();
+        write!(wrt, "{}", self).unwrap();
 
         HeaderValue::from_maybe_shared(buf.split().freeze())
     }

actix-http/src/header/shared/mod.rs

@@ -1,5 +1,7 @@
 //! Originally taken from `hyper::header::shared`.
 
+pub use language_tags::LanguageTag;
+
 mod charset;
 mod content_encoding;
 mod extended;
@@ -7,10 +9,11 @@ mod http_date;
 mod quality;
 mod quality_item;
 
-pub use self::charset::Charset;
-pub use self::content_encoding::ContentEncoding;
-pub use self::extended::{parse_extended_value, ExtendedValue};
-pub use self::http_date::HttpDate;
-pub use self::quality::{q, Quality};
-pub use self::quality_item::QualityItem;
-pub use language_tags::LanguageTag;
+pub use self::{
+    charset::Charset,
+    content_encoding::ContentEncoding,
+    extended::{parse_extended_value, ExtendedValue},
+    http_date::HttpDate,
+    quality::{q, Quality},
+    quality_item::QualityItem,
+};

actix-http/src/header/shared/quality.rs

@@ -1,7 +1,4 @@
-use std::{
-    convert::{TryFrom, TryInto},
-    fmt,
-};
+use std::fmt;
 
 use derive_more::{Display, Error};
 
@@ -128,7 +125,7 @@ pub fn itoa_fmt<W: fmt::Write, V: itoa::Integer>(mut wr: W, value: V) -> fmt::Re
 }
 
 #[derive(Debug, Clone, Display, Error)]
-#[display(fmt = "quality out of bounds")]
+#[display("quality out of bounds")]
 #[non_exhaustive]
 pub struct QualityOutOfBounds;