OpenSource/axum
OpenSource/axum
1
0
Fork 0
mirror of https://github.com/tokio-rs/axum.git synced 2025-04-03 21:15:55 +02:00
Code Issues Projects Releases Packages Wiki Activity

Avoid exposure of type names by QueryRejection ()

Browse source
This commit is contained in:
SzudemJ 2022-07-18 15:43:18 +02:00 committed by GitHub
parent 329bd5f9b4
commit 73041c8988
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
6 changed files with 10 additions and 14 deletions
axum-extra/src/extract
form.rsquery.rs
axum
CHANGELOG.md
src
extract
query.rsrejection.rs
form.rs

4
axum-extra/src/extract/form.rs
View file

@ -67,7 +67,7 @@ where
if req.method() == Method::GET {
let query = req.uri().query().unwrap_or_default();
let value = serde_html_form::from_str(query)
.map_err(FailedToDeserializeQueryString::__private_new::<T, _>)?;
.map_err(FailedToDeserializeQueryString::__private_new)?;
Ok(Form(value))
} else {
if !has_content_type(req, &mime::APPLICATION_WWW_FORM_URLENCODED) {
@ -76,7 +76,7 @@ where
let bytes = Bytes::from_request(req).await?;
let value = serde_html_form::from_bytes(&bytes)
.map_err(FailedToDeserializeQueryString::__private_new::<T, _>)?;
.map_err(FailedToDeserializeQueryString::__private_new)?;
Ok(Form(value))
}

2
axum-extra/src/extract/query.rs
View file

@ -68,7 +68,7 @@ where
async fn from_request(req: &mut RequestParts<B>) -> Result<Self, Self::Rejection> {
let query = req.uri().query().unwrap_or_default();
let value = serde_html_form::from_str(query)
.map_err(FailedToDeserializeQueryString::__private_new::<T, _>)?;
.map_err(FailedToDeserializeQueryString::__private_new)?;
Ok(Query(value))
}
}

2
axum/CHANGELOG.md
View file

@ -7,6 +7,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
# Unreleased
- **fixed:** Don't expose internal type names in `QueryRejection` response. ([#1171])
- **breaking:** Remove `extractor_middleware` which was previously deprecated.
Use `axum::middleware::from_extractor` instead ([#1077])
- **breaking:** Allow `Error: Into<Infallible>` for `Route::{layer, route_layer}` ([#924])
@ -29,6 +30,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
- **breaking:** Require middleware added with `Handler::layer` to have
`Infallible` as the error type ([#1152])
[#1171]: https://github.com/tokio-rs/axum/pull/1171
[#1077]: https://github.com/tokio-rs/axum/pull/1077
[#1088]: https://github.com/tokio-rs/axum/pull/1088
[#1102]: https://github.com/tokio-rs/axum/pull/1102

2
axum/src/extract/query.rs
View file

@ -59,7 +59,7 @@ where
async fn from_request(req: &mut RequestParts<B>) -> Result<Self, Self::Rejection> {
let query = req.uri().query().unwrap_or_default();
let value = serde_urlencoded::from_str(query)
.map_err(FailedToDeserializeQueryString::__private_new::<T, _>)?;
.map_err(FailedToDeserializeQueryString::__private_new)?;
Ok(Query(value))
}
}

10
axum/src/extract/rejection.rs
View file

@ -100,18 +100,16 @@ define_rejection! {
#[derive(Debug)]
pub struct FailedToDeserializeQueryString {
error: Error,
type_name: &'static str,
}
impl FailedToDeserializeQueryString {
#[doc(hidden)]
pub fn __private_new<T, E>(error: E) -> Self
pub fn __private_new<E>(error: E) -> Self
where
E: Into<BoxError>,
{
FailedToDeserializeQueryString {
error: Error::new(error),
type_name: std::any::type_name::<T>(),
}
}
}
@ -124,11 +122,7 @@ impl IntoResponse for FailedToDeserializeQueryString {
impl std::fmt::Display for FailedToDeserializeQueryString {
fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
write!(
f,
"Failed to deserialize query string. Expected something of type `{}`. Error: {}",
self.type_name, self.error,
)
write!(f, "Failed to deserialize query string: {}", self.error,)
}
}

4
axum/src/form.rs
View file

@ -69,7 +69,7 @@ where
if req.method() == Method::GET {
let query = req.uri().query().unwrap_or_default();
let value = serde_urlencoded::from_str(query)
.map_err(FailedToDeserializeQueryString::__private_new::<T, _>)?;
.map_err(FailedToDeserializeQueryString::__private_new)?;
Ok(Form(value))
} else {
if !has_content_type(req, &mime::APPLICATION_WWW_FORM_URLENCODED) {
@ -78,7 +78,7 @@ where
let bytes = Bytes::from_request(req).await?;
let value = serde_urlencoded::from_bytes(&bytes)
.map_err(FailedToDeserializeQueryString::__private_new::<T, _>)?;
.map_err(FailedToDeserializeQueryString::__private_new)?;
Ok(Form(value))
}