modo-rs 0.8.0

Rust web framework for small monolithic apps
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85

# modo::sanitize

Input sanitization utilities for normalizing string fields before validation
or storage.

## Key types

| Item | Kind | Purpose |
|------|------|---------|
| `Sanitize` | trait | Implemented on input structs to normalize fields in place |
| `trim` | fn | Trim leading and trailing whitespace |
| `trim_lowercase` | fn | Trim whitespace and convert to lowercase |
| `collapse_whitespace` | fn | Collapse consecutive whitespace into a single space |
| `strip_html` | fn | Remove HTML tags and decode entities |
| `truncate` | fn | Limit string to a maximum character count |
| `normalize_email` | fn | Trim, lowercase, and strip `+tag` suffixes |

## Usage

### Implementing `Sanitize` on a request struct

```rust,ignore
use modo::sanitize::{Sanitize, trim, trim_lowercase, normalize_email, truncate};

#[derive(serde::Deserialize)]
struct CreateUserInput {
    username: String,
    email: String,
    bio: String,
}

impl Sanitize for CreateUserInput {
    fn sanitize(&mut self) {
        trim_lowercase(&mut self.username);
        normalize_email(&mut self.email);
        trim(&mut self.bio);
        truncate(&mut self.bio, 500);
    }
}
```

### Using the extractors

The `JsonRequest`, `FormRequest`, `Query`, and `MultipartRequest` extractors
call `sanitize()` automatically after deserialization:

```rust,ignore
use modo::extractor::{JsonRequest, Query};

async fn create_user(JsonRequest(input): JsonRequest<CreateUserInput>) {
    // `input` has already been sanitized
}

async fn search(Query(params): Query<SearchParams>) {
    // `params` has already been sanitized
}
```

### Stripping HTML

```rust,ignore
use modo::sanitize::strip_html;

let mut field = String::from("<p>Hello <b>world</b></p><script>alert(1)</script>");
strip_html(&mut field);
assert_eq!(field, "Hello world");
```

### Normalizing email addresses

```rust,ignore
use modo::sanitize::normalize_email;

let mut email = String::from("  User+Tag@Example.COM  ");
normalize_email(&mut email);
assert_eq!(email, "user@example.com");
```

## Integration with modo

`Sanitize` and the helper functions all live under `modo::sanitize`:

```rust,ignore
use modo::sanitize::{Sanitize, trim, normalize_email, strip_html};
```