# Sputnik This library extends the types from the [http](https://crates.io/crates/http) crate: * extends `http::request::Parts` with query parameter deserialization & cookie parsing * extends `http::response::Builder` with methods to set cookies and content-types If you use [Hyper](https://hyper.rs/) and want to deserialize request bodies with [Serde](https://serde.rs/) you can enable the following feature flags: - `hyper_body` provides a trait to extend `hyper::Body` with an `into_form` method for parsing data submitted from HTML forms. - `hyper_body_json` additionaly provides an `into_json` method With the `security` feature Sputnik furthermore provides what's necessary to implement [signed & expiring cookies](#signed--expiring-cookies) with the expiry date encoded into the signed cookie value, providing a more lightweight alternative to JWT if you don't need interoperability. Sputnik does **not** handle routing because even complex routing can be quite easily implemented with nested `match` blocks. If you want a more high-level router, you can check out the [router crates](https://crates.io/keywords/router). Sputnik encourages you to create your own error enum and implement `From` conversions for every error type, which you want to short-circuit with the `?` operator. This can be easily done with [thiserror](https://crates.io/crates/thiserror) because Sputnik restricts its error types to the `'static` lifetime. ## Security Considerations Protect your application against [CSRF](https://en.wikipedia.org/wiki/Cross-site_request_forgery) by setting `SameSite` to `Lax` or `Strict` for your cookies and checking that the `Origin` header matches your domain name (especially if you have unauthenticated POST endpoints). ## Hyper Example ```rust use std::convert::Infallible; use hyper::service::{service_fn, make_service_fn}; use hyper::{Method, Server, StatusCode, Body}; use hyper::http::request::Parts; use hyper::http::response::Builder; use serde::Deserialize; use sputnik::{html_escape, mime, request::SputnikParts, response::SputnikBuilder}; use sputnik::hyper_body::{SputnikBody, FormError}; type Response = hyper::Response
; #[derive(thiserror::Error, Debug)] enum Error { #[error("page not found")] NotFound(String), #[error("{0}")] FormError(#[from] FormError) } fn render_error(err: Error) -> (StatusCode, String) { match err { Error::NotFound(msg) => (StatusCode::NOT_FOUND, msg), Error::FormError(err) => (StatusCode::BAD_REQUEST, err.to_string()), } } async fn route(req: &mut Parts, body: Body) -> Result