aboutsummaryrefslogtreecommitdiff
path: root/src/security.rs
AgeCommit message (Collapse)Author
2021-01-25simplify CSRF APIMartin Fischer
This commit gets rid of the CsrfToken type, simplifying submission handling: // before let csrf_token = req.csrf_token(&mut response); let msg: FormData = body.into_form_csrf(&csrf_token).await?; // after let msg: FormData = body.into_form_csrf(req).await?; As well as HTML input retrieval: // before req.csrf_token(&mut response).html_input(); // after req.csrf_html_input(&mut response); This commit also merges the CsrfError type into CsrfProtectedFormError. bump version to 0.3.1
2021-01-24define & impl traits instead of wrapping typesMartin Fischer
bump version to 0.3.0
2021-01-19request: improve error handling with thiserrorv0.2.1Martin Fischer
bump version to 0.2.1
2021-01-18split Request wrapper into Parts & Bodyv0.2.0Martin Fischer
Originally the into_ functions actually consumed the request but I changed that to make request information like URI and method still accessible after the request has been read. Not consuming the Request however allows e.g. into_form() to be called twice, which results in a panic since the body can only be read once. This commit splits the Request wrapper into two wrappers Parts & Body, allowing the borrow checker to guarantee that the body is only consumed once, while keeping the other request information accessible after the body has been consumed. Version bumped to 0.2.0.
2021-01-17publishv0.1.0Martin Fischer