[go: up one dir, main page]

rocket 0.5.1

Web framework with a focus on usability, security, extensibility, and speed.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113

#![cfg(feature = "secrets")]
#![deny(warnings)]

use rocket::http::{Cookie, CookieJar, SameSite};
use rocket::{get, post, routes};

#[post("/")]
fn cookie_add_private(jar: &CookieJar<'_>) {
    let mut cookie_a = Cookie::new("a", "v1");
    jar.add(cookie_a.clone());
    let mut cookie_b = Cookie::new("b", "v2");
    jar.add_private(cookie_b.clone());
    jar.add(("c", "v3"));

    // private: CookieJar::set_defaults(&mut cookie_a);
    cookie_a.set_path("/");
    cookie_a.set_same_site(SameSite::Strict);
    assert_eq!(jar.get_pending(cookie_a.name()), Some(cookie_a));

    // private: CookieJar::set_private_defaults(&mut cookie_b);
    cookie_b.set_path("/");
    cookie_b.set_same_site(SameSite::Strict);
    cookie_b.set_http_only(true);
    let expires = time::OffsetDateTime::now_utc() + time::Duration::weeks(1);
    cookie_b.set_expires(expires);
    let mut cookie_b_pending = jar
        .get_pending(cookie_b.name())
        .expect("cookie_b_pending None");
    cookie_b_pending.set_expires(expires);
    assert_eq!(cookie_b_pending, cookie_b);
}

#[get("/")]
fn cookie_get_private(jar: &CookieJar<'_>) -> String {
    let (a, b, c) = (jar.get("a"), jar.get_private("b"), jar.get("c"));
    assert_ne!(a, b.as_ref());
    assert_ne!(a, c);
    assert_ne!(b.as_ref(), c);
    assert_eq!(b, jar.get_pending("b"));

    format!(
        "{}{}{}",
        a.unwrap().value(),
        b.unwrap().value(),
        c.unwrap().value()
    )
}

/// For test if we got really a private cookie
#[get("/oh-no")]
fn cookie_get(jar: &CookieJar<'_>) -> String {
    let (a, b, c) = (jar.get("a"), jar.get("b"), jar.get("c"));
    assert_eq!(b.cloned(), jar.get_pending("b"));

    format!(
        "{}{}{}",
        a.unwrap().value(),
        b.unwrap().value(),
        c.unwrap().value()
    )
}

#[cfg(test)]
mod cookies_private_tests {
    use super::*;
    use rocket::local::blocking::Client;
    use rocket::{Build, Rocket};

    fn rocket() -> Rocket<Build> {
        rocket::build()
            .mount("/", routes![cookie_add_private, cookie_get, cookie_get_private])
    }

    #[test]
    fn test_cookie_add_private() {
        let client = Client::debug(rocket()).unwrap();
        let response = client.post("/").dispatch();
        let cookies = response.cookies();
        assert_eq!(cookies.iter().count(), 3);
        assert_eq!(cookies.get("a").unwrap().value(), "v1");
        assert_eq!(cookies.get_private("b").unwrap().value(), "v2");
        assert_eq!(cookies.get_pending("b").unwrap().value(), "v2");
        assert_ne!(cookies.get("b").unwrap().value(), "v2");
        assert_eq!(cookies.get("c").unwrap().value(), "v3");
    }

    #[test]
    fn test_cookie_get_private() {
        let client = Client::debug(rocket()).unwrap();
        let response = client
            .get("/")
            .cookie(("a", "Cookie"))
            .private_cookie(("b", " tastes "))
            .cookie(("c", "good!"))
            .dispatch();

        assert_eq!(response.into_string().unwrap(), "Cookie tastes good!");
    }

    /// Test if we got really a private cookie
    #[test]
    fn test_cookie_get_ohno() {
        let client = Client::debug(rocket()).unwrap();
        let response = client
            .get("/oh-no")
            .cookie(("a", "Cookie"))
            .private_cookie(("b", " tastes "))
            .cookie(("c", "good!"))
            .dispatch();

        assert_ne!(response.into_string().unwrap(), "Cookie tastes good!");
    }
}