gritshield 0.1.0

A security-first, high-performance micro-framework.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75

use std::fmt;

/// A wrapper around a String that has NOT been sanitized.
/// It cannot be printed or converted to a byte array directly.
#[derive(Debug, Clone, PartialEq, Eq, Hash)]
pub struct UntrustedString(String);

impl UntrustedString {
    /// Creates a new UntrustedString. Only the Kernel should do this
    /// during the Request Parsing phase.
    pub fn new(s: String) -> Self {
        UntrustedString(s)
    }

    pub fn as_str(&self) -> &str {
        &self.0
    }
}

impl fmt::Display for UntrustedString {
    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
        write!(f, "{}", self.0)
    }
}

/// The inner safe string for HTML rendering.
/// It can only be created by passing an UntrustedString through the sanitizer.
#[derive(Debug)]
pub struct SafeHtml(String);

impl SafeHtml {
    /// Allows the inner string to be converted to bytes for the raw TCP response.
    /// This is used internally by the Response Writer.
    pub fn as_bytes(&self) -> &[u8] {
        self.0.as_bytes()
    }
}

// Implement Display for SafeHtml so it can be easily used in templates/format!
impl fmt::Display for SafeHtml {
    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
        write!(f, "{}", self.0)
    }
}

pub struct Sanitizer;

impl Sanitizer {
    /// The "Gatekeeper" function.
    pub fn encode(untrusted: UntrustedString) -> SafeHtml {
        // Rust's functional approach makes this clear
        let encoded: String = untrusted
            .0
            .chars()
            .map(|c| match c {
                '&' => "&amp;".to_string(),
                '<' => "&lt;".to_string(),
                '>' => "&gt;".to_string(),
                '"' => "&quot;".to_string(),
                '\'' => "&#x27;".to_string(),
                '/' => "&#x2F;".to_string(),
                c => c.to_string(),
            })
            .collect();

        // We now "wrap" the encoded string in the SafeHtml "promise"
        SafeHtml(encoded)
    }

    /// Allow developers to trust hardcoded strings
    /// e.g., Sanitizer::trust("\<h1>Welcome\</h1>")
    pub fn trust(safe_str: &str) -> SafeHtml {
        SafeHtml(safe_str.to_string())
    }
}