Skip to main content

Module server

resuma

Module server 

Source
Expand description

Resuma HTTP server.

Built on top of axum. Apps interact with this crate by:

  1. Building a ResumaApp with ResumaApp::new.
  2. Mounting page routes via ResumaApp::page / [ResumaApp::route].
  3. Spawning the HTTP listener with ResumaApp::serve.

The server provides the following built-in routes:

  • GET /_resuma/loader.js — tiny event bootstrap (~1–2 KB).
  • GET /_resuma/core.js — lazy-loaded resumability core.
  • GET /_resuma/runtime.js — legacy monolithic runtime.
  • POST /_resuma/action/:name — invokes a #[server] action.
  • GET /_resuma/handler/:chunk.js — handler chunk lazy-loaded by the runtime.
  • GET /_resuma/island/:chunk.js — island chunk loader.
  • GET /_resuma/island/:instance — re-rendered island HTML (HMR).

Re-exports§

pub use actions::register_server_action;
pub use actions::set_action_middleware;
pub use actions::ActionFn;
pub use app::apply_security_headers;
pub use app::security_headers_middleware;
pub use app::ResumaApp;
pub use app::ServeOptions;
pub use deferred_stream::set_deferred_stream_hook;
pub use deferred_stream::try_deferred_stream;
pub use page_cache::page_csrf;
pub use page_cache::stage_page_csrf;
pub use page_cache::stage_response_cache_control;
pub use page_cache::take_response_cache_control;
pub use request_path::stage_response_path;
pub use request_path::take_response_path;
pub use security::client_ip;
pub use security::client_ip_from_parts;
pub use security::configure as configure_security;
pub use security::csrf_token;
pub use security::guard_mutation;
pub use security::http_status;
pub use security::random_token;
pub use security::request_is_https;
pub use security::CspNonce;
pub use security::SecurityConfig;
pub use security::SecurityHeaderOptions;
pub use security::CSRF_FIELD;
pub use security::CSRF_HEADER;

Modules§

actions
Global registry for #[server] actions.
app
ResumaApp — high-level builder used by example apps & the CLI dev server.
compressed_asset
Negotiated gzip / brotli responses for embedded static JS assets.
deferred_stream
Optional deferred streaming hook installed by resuma-flow.
handlers
Serialization helpers shared by the various server endpoints.
page_cache
Staged per-request metadata for the next SSR page response.
request_path
Staged request path for SEO tags on the next SSR response.
runtime_asset
Embedded JS runtime bundles (loader + core + legacy monolith).
security
Security primitives for Resuma HTTP servers — CSRF, rate limiting, headers, origin checks.