tower-http 0.7.0

Tower middleware and utilities for HTTP clients and servers
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45

use http::{Response, StatusCode};

use super::ProtectionError;

/// Builds the response returned by [`Csrf`] when a request fails CSRF protection.
///
/// Implemented for any `FnMut(ProtectionError) -> Response<B> + Clone`, so a
/// closure can be passed directly to
/// [`CsrfLayer::with_rejection_response`](super::CsrfLayer::with_rejection_response).
///
/// [`Csrf`]: super::Csrf
pub trait ResponseForProtectionError<B>: Clone {
    /// Builds the response from the rejection error.
    fn response_for_protection_error(&mut self, error: ProtectionError) -> Response<B>;
}

impl<F, B> ResponseForProtectionError<B> for F
where
    F: FnMut(ProtectionError) -> Response<B> + Clone,
{
    fn response_for_protection_error(&mut self, error: ProtectionError) -> Response<B> {
        self(error)
    }
}

/// Default [`ResponseForProtectionError`] used by
/// [`CsrfLayer::new`](super::CsrfLayer::new).
///
/// Produces a `403 Forbidden` response with an empty body. The originating
/// [`ProtectionError`] is attached to the response's extensions by [`Csrf`]
/// itself, so it is present regardless of which builder produced the response.
///
/// [`Csrf`]: super::Csrf
#[derive(Clone, Copy, Debug, Default)]
#[non_exhaustive]
pub struct DefaultResponseForProtectionError;

impl<B: Default> ResponseForProtectionError<B> for DefaultResponseForProtectionError {
    fn response_for_protection_error(&mut self, _error: ProtectionError) -> Response<B> {
        let mut response = Response::new(B::default());
        *response.status_mut() = StatusCode::FORBIDDEN;

        response
    }
}