More detailed error messages and moved away from deprecated error::Error::description (#54)

* Replaced deprecated error::Error description with Display

* Make OriginNotAllowed and MethodNotAllowed error messages more useful
This commit is contained in:
Johan Bjäreholt 2018-12-12 22:53:44 +01:00 committed by Yong Wen Chua
parent d880c2a111
commit c4e4b7d585
1 changed files with 31 additions and 38 deletions

View File

@ -598,9 +598,9 @@ pub enum Error {
/// The request header `Access-Control-Request-Headers` is required but is missing. /// The request header `Access-Control-Request-Headers` is required but is missing.
MissingRequestHeaders, MissingRequestHeaders,
/// Origin is not allowed to make this request /// Origin is not allowed to make this request
OriginNotAllowed, OriginNotAllowed(String),
/// Requested method is not allowed /// Requested method is not allowed
MethodNotAllowed, MethodNotAllowed(String),
/// One or more headers requested are not allowed /// One or more headers requested are not allowed
HeadersNotAllowed, HeadersNotAllowed,
/// Credentials are allowed, but the Origin is set to "*". This is not allowed by W3C /// Credentials are allowed, but the Origin is set to "*". This is not allowed by W3C
@ -620,8 +620,8 @@ impl Error {
fn status(&self) -> Status { fn status(&self) -> Status {
match *self { match *self {
Error::MissingOrigin Error::MissingOrigin
| Error::OriginNotAllowed | Error::OriginNotAllowed(_)
| Error::MethodNotAllowed | Error::MethodNotAllowed(_)
| Error::HeadersNotAllowed => Status::Forbidden, | Error::HeadersNotAllowed => Status::Forbidden,
Error::CredentialsWithWildcardOrigin Error::CredentialsWithWildcardOrigin
| Error::MissingCorsInRocketState | Error::MissingCorsInRocketState
@ -631,52 +631,45 @@ impl Error {
} }
} }
impl error::Error for Error { impl fmt::Display for Error {
fn description(&self) -> &str { fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
match *self { match self {
Error::MissingOrigin => "The request header `Origin` is required but is missing", Error::MissingOrigin => write!(f, "The request header `Origin` is required but is missing"),
Error::BadOrigin(_) => "The request header `Origin` contains an invalid URL", Error::BadOrigin(_) => write!(f, "The request header `Origin` contains an invalid URL"),
Error::MissingRequestMethod => { Error::MissingRequestMethod => { write!(f,
"The request header `Access-Control-Request-Method` \ "The request header `Access-Control-Request-Method` \
is required but is missing" is required but is missing")
} }
Error::BadRequestMethod => { Error::BadRequestMethod => { write!(f,
"The request header `Access-Control-Request-Method` has an invalid value" "The request header `Access-Control-Request-Method` has an invalid value")
} }
Error::MissingRequestHeaders => { Error::MissingRequestHeaders => { write!(f,
"The request header `Access-Control-Request-Headers` \ "The request header `Access-Control-Request-Headers` \
is required but is missing" is required but is missing")
} }
Error::OriginNotAllowed => "Origin is not allowed to request", Error::OriginNotAllowed(origin) => write!(f, "Origin '{}' is not allowed to request", &origin),
Error::MethodNotAllowed => "Method is not allowed", Error::MethodNotAllowed(method) => write!(f, "Method '{}' is not allowed", &method),
Error::HeadersNotAllowed => "Headers are not allowed", Error::HeadersNotAllowed => write!(f, "Headers are not allowed"),
Error::CredentialsWithWildcardOrigin => { Error::CredentialsWithWildcardOrigin => { write!(f,
"Credentials are allowed, but the Origin is set to \"*\". \ "Credentials are allowed, but the Origin is set to \"*\". \
This is not allowed by W3C" This is not allowed by W3C")
} }
Error::MissingCorsInRocketState => { Error::MissingCorsInRocketState => { write!(f,
"A CORS Request Guard was used, but no CORS Options was available in Rocket's state" "A CORS Request Guard was used, but no CORS Options was available in Rocket's state")
} }
Error::MissingInjectedHeader => { Error::MissingInjectedHeader => write!(f,
"The `on_response` handler of Fairing could not find the injected header from the \ "The `on_response` handler of Fairing could not find the injected header from the \
Request. Either some other fairing has removed it, or this is a bug." Request. Either some other fairing has removed it, or this is a bug.")
}
}
}
fn cause(&self) -> Option<&dyn error::Error> {
match *self {
Error::BadOrigin(ref e) => Some(e),
_ => Some(self),
} }
} }
} }
impl fmt::Display for Error {
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result { impl error::Error for Error {
fn cause(&self) -> Option<&dyn error::Error> {
match *self { match *self {
Error::BadOrigin(ref e) => fmt::Display::fmt(e, f), Error::BadOrigin(ref e) => Some(e),
_ => write!(f, "{}", error::Error::description(self)), _ => Some(self),
} }
} }
} }
@ -1584,7 +1577,7 @@ fn validate_origin(
AllOrSome::Some(ref allowed_origins) => allowed_origins AllOrSome::Some(ref allowed_origins) => allowed_origins
.get(origin) .get(origin)
.and_then(|_| Some(())) .and_then(|_| Some(()))
.ok_or_else(|| Error::OriginNotAllowed), .ok_or_else(|| Error::OriginNotAllowed(origin.to_string())),
} }
} }
@ -1595,7 +1588,7 @@ fn validate_allowed_method(
) -> Result<(), Error> { ) -> Result<(), Error> {
let &AccessControlRequestMethod(ref request_method) = method; let &AccessControlRequestMethod(ref request_method) = method;
if !allowed_methods.iter().any(|m| m == request_method) { if !allowed_methods.iter().any(|m| m == request_method) {
Err(Error::MethodNotAllowed)? Err(Error::MethodNotAllowed(method.0.to_string()))?
} }
// TODO: Subset to route? Or just the method requested for? // TODO: Subset to route? Or just the method requested for?