1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132
use std::{array, fmt};
use http::{
header::{self, HeaderName, HeaderValue},
request::Parts as RequestParts,
Method,
};
use super::{separated_by_commas, Any, WILDCARD};
/// Holds configuration for how to set the [`Access-Control-Allow-Methods`][mdn] header.
///
/// See [`CorsLayer::allow_methods`] for more details.
///
/// [mdn]: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Methods
/// [`CorsLayer::allow_methods`]: super::CorsLayer::allow_methods
#[derive(Clone, Default)]
#[must_use]
pub struct AllowMethods(AllowMethodsInner);
impl AllowMethods {
/// Allow any method by sending a wildcard (`*`)
///
/// See [`CorsLayer::allow_methods`] for more details.
///
/// [`CorsLayer::allow_methods`]: super::CorsLayer::allow_methods
pub fn any() -> Self {
Self(AllowMethodsInner::Const(Some(WILDCARD)))
}
/// Set a single allowed method
///
/// See [`CorsLayer::allow_methods`] for more details.
///
/// [`CorsLayer::allow_methods`]: super::CorsLayer::allow_methods
pub fn exact(method: Method) -> Self {
Self(AllowMethodsInner::Const(Some(
HeaderValue::from_str(method.as_str()).unwrap(),
)))
}
/// Set multiple allowed methods
///
/// See [`CorsLayer::allow_methods`] for more details.
///
/// [`CorsLayer::allow_methods`]: super::CorsLayer::allow_methods
pub fn list<I>(methods: I) -> Self
where
I: IntoIterator<Item = Method>,
{
Self(AllowMethodsInner::Const(separated_by_commas(
methods
.into_iter()
.map(|m| HeaderValue::from_str(m.as_str()).unwrap()),
)))
}
/// Allow any method, by mirroring the preflight [`Access-Control-Request-Method`][mdn]
/// header.
///
/// See [`CorsLayer::allow_methods`] for more details.
///
/// [`CorsLayer::allow_methods`]: super::CorsLayer::allow_methods
///
/// [mdn]: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method
pub fn mirror_request() -> Self {
Self(AllowMethodsInner::MirrorRequest)
}
#[allow(clippy::borrow_interior_mutable_const)]
pub(super) fn is_wildcard(&self) -> bool {
matches!(&self.0, AllowMethodsInner::Const(Some(v)) if v == WILDCARD)
}
pub(super) fn to_header(&self, parts: &RequestParts) -> Option<(HeaderName, HeaderValue)> {
let allow_methods = match &self.0 {
AllowMethodsInner::Const(v) => v.clone()?,
AllowMethodsInner::MirrorRequest => parts
.headers
.get(header::ACCESS_CONTROL_REQUEST_METHOD)?
.clone(),
};
Some((header::ACCESS_CONTROL_ALLOW_METHODS, allow_methods))
}
}
impl fmt::Debug for AllowMethods {
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
match &self.0 {
AllowMethodsInner::Const(inner) => f.debug_tuple("Const").field(inner).finish(),
AllowMethodsInner::MirrorRequest => f.debug_tuple("MirrorRequest").finish(),
}
}
}
impl From<Any> for AllowMethods {
fn from(_: Any) -> Self {
Self::any()
}
}
impl From<Method> for AllowMethods {
fn from(method: Method) -> Self {
Self::exact(method)
}
}
impl<const N: usize> From<[Method; N]> for AllowMethods {
fn from(arr: [Method; N]) -> Self {
#[allow(deprecated)] // Can be changed when MSRV >= 1.53
Self::list(array::IntoIter::new(arr))
}
}
impl From<Vec<Method>> for AllowMethods {
fn from(vec: Vec<Method>) -> Self {
Self::list(vec)
}
}
#[derive(Clone)]
enum AllowMethodsInner {
Const(Option<HeaderValue>),
MirrorRequest,
}
impl Default for AllowMethodsInner {
fn default() -> Self {
Self::Const(None)
}
}