mirror of
https://github.com/fafhrd91/actix-web
synced 2025-01-31 02:52:53 +01:00
4fc99d4a6f
* Fix audit issue logging by default peer address
By default log format include remote address that is taken from headers.
This is very easy to replace making log untrusted.
Changing default log format value `%a` to peer address we are getting
this trusted data always. Also, remote address option is maintianed and
relegated to `%{r}a` value.
Related kanidm/kanidm#191.
* Rename peer/remote to remote_addr/realip_remote_addr
Change names to avoid naming confusions. I choose this accord to Nginx
variables and
[ngx_http_realip_module](https://nginx.org/en/docs/http/ngx_http_realip_module.html).
Add more specific documentation about security concerns of using Real IP
in logger.
* Rename security advertise header in doc
* Add fix audit issue logging by default peer adress to changelog
Co-authored-by: Rob Ede <robjtede@icloud.com>
Actix web
Actix web is a small, pragmatic, and extremely fast rust web framework
Website | Chat | Examples
Actix web is a simple, pragmatic and extremely fast web framework for Rust.
- Supported HTTP/1.x and HTTP/2.0 protocols
- Streaming and pipelining
- Keep-alive and slow requests handling
- Client/server WebSockets support
- Transparent content compression/decompression (br, gzip, deflate)
- Configurable request routing
- Multipart streams
- Static assets
- SSL support with OpenSSL or Rustls
- Middlewares (Logger, Session, CORS, etc)
- Includes an asynchronous HTTP client
- Supports Actix actor framework
- Supports Rust 1.40+
Docs
Example
Dependencies:
[dependencies]
actix-web = "2"
actix-rt = "1"
Code:
use actix_web::{get, web, App, HttpServer, Responder};
#[get("/{id}/{name}/index.html")]
async fn index(info: web::Path<(u32, String)>) -> impl Responder {
format!("Hello {}! id:{}", info.1, info.0)
}
#[actix_rt::main]
async fn main() -> std::io::Result<()> {
HttpServer::new(|| App::new().service(index))
.bind("127.0.0.1:8080")?
.run()
.await
}
More examples
- Basics
- Stateful
- Multipart streams
- Simple websocket
- Tera
- Askama templates
- Diesel integration
- r2d2
- OpenSSL
- Rustls
- Tcp/Websocket chat
- Json
You may consider checking out this directory for more examples.
Benchmarks
License
This project is licensed under either of
- Apache License, Version 2.0, (LICENSE-APACHE or http://www.apache.org/licenses/LICENSE-2.0)
- MIT license (LICENSE-MIT or http://opensource.org/licenses/MIT)
at your option.
Code of Conduct
Contribution to the actix-web crate is organized under the terms of the Contributor Covenant, the maintainer of actix-web, @fafhrd91, promises to intervene to uphold that code of conduct.