The `Cookie` header now has 'set' and `get` methods, to treat the list of
cookies as a map.
Closes#1145
BREAKING CHANGE: The `Cookie` header is no longer a wrapper over a
`Vec<String>`. It must be accessed via its `get` and `append` methods.
The `header::Formatter` ensures that a formatted header is written to a
line, and allows for headers that require multiple lines. The only
header to specifically require this is `Set-Cookie`.
BREAKING CHANGE: The `fmt_header` method has changed to take a different
formatter. In most cases, if your header also implements
`fmt::Display`, you can just call `f.fmt_line(self)`.
Newlines in header values will now be replaced with spaces when being
written to strings or to sockets. This prevents headers that are built
from user data to smuggle unintended headers or requests/responses.
Thanks to @skylerberg for the responsible reporting of this issue, and
helping to keep us all safe!
BREAKING CHANGE: This technically will cause code that a calls
`SetCookie.fmt_header` to panic, as it is no longer to properly write
that method. Most people should not be doing this at all, and all
other ways of printing headers should work just fine.
The breaking change must occur in a patch version because of the
security nature of the fix.
Closes#891
BREAKING CHANGE: `Headers.remove()` used to return a `bool`,
it now returns `Option<H>`. To determine if a a header exists,
switch to `Headers.has()`.
The Raw type repesents the raw bytes of a header-value.
Having a special type allows a couple of benefits:
- The exact representation has become private, allowing "uglier"
internals. Specifically, since the common case is for a header to only
have 1 line of bytes, an enum is used to skip allocating a Vec for only
1 line. Additionally, a Cow<'static, [u8]> is used, so static bytes
don't require a copy. Finally, since we can use static bytes, when
parsing, we can compare the incoming bytes against a couple of the most
common header-values, and possibly remove another copy.
- As its own type, the `Headers.set_raw` method can be generic over
`Into<Raw>`, which allows for more ergnomic method calls.
BREAKING CHANGE: `Header::parse_header` now receives `&Raw`, instead of
a `&[Vec<u8>]`. `Raw` provides several methods to ease using it, but
may require some changes to existing code.
If you get a mutable reference to a typed header it is possible to make
the two representations be out of sync. To avoid this, after parsing the
raw part it should be removed.
Fixes#821.
Header::parse_header() returns now a hyper Result instead of an option
this will enable more precise Error messages in the future, currently
most failures are reported as ::Error::Header.
BREAKING CHANGE: parse_header returns Result instead of Option, related
code did also change
BREAKING CHANGE: added requirement that all HeaderFormat implementations
must also be fmt::Debug. This likely as easy as slapping
#[derive(Debug)] on to any custom headers.
