Skip to main content

CsrfLayer

tower_http::csrf

Struct CsrfLayer 

Source 
pub struct CsrfLayer<T = DefaultResponseForProtectionError> { /* private fields */ }
Available on crate feature csrf only.
Expand description

Layer that applies the Csrf middleware.

See the module docs for an example.

Implementations§

Source§

impl CsrfLayer

Source

pub fn new() -> Self

Creates a new CsrfLayer with no trusted origins, no bypass, and the default rejection response.

Source§

impl<T> CsrfLayer<T>

Source

pub fn add_trusted_origin<S: AsRef<str>>( self, origin: S, ) -> Result<Self, ConfigError>

Adds a trusted origin that allows all requests whose Origin header matches the given value.

The value is matched byte-for-byte against the request’s Origin header — there is no normalization (this mirrors the Go reference). It must therefore be written exactly as a browser sends it:

  • form scheme://host[:port], where scheme is http or https;
  • the host lowercased (browsers lowercase it; IDN hosts must be given in punycode, e.g. xn--exmple-cua.com);
  • default ports omitted — browsers drop :80/:443, so an explicit default port (e.g. https://example.com:443) will never match;
  • no trailing slash, path, query, or fragment.

Inputs that can’t represent a browser Origin are rejected with a ConfigError; inputs that parse but aren’t in the canonical browser form above are accepted but will silently never match.

// Matches `Origin: https://example.com`:
let layer = CsrfLayer::new().add_trusted_origin("https://example.com")?;

// Accepted, but never matches a browser Origin (explicit default port):
let layer = CsrfLayer::new().add_trusted_origin("https://example.com:443")?;
Source

pub fn with_insecure_bypass<F>(self, predicate: F) -> Self
where F: Fn(&Method, &Uri) -> bool + Send + Sync + 'static,

Adds a bypass predicate that returns true for requests which should skip CSRF protection.

This is an escape hatch for endpoints that legitimately need to accept cross-origin POSTs (e.g. webhook receivers). Bypassed endpoints must have their own protection (signed payloads, authentication tokens, etc.) — otherwise they are CSRF-vulnerable.

Source

pub fn with_rejection_response<R>(self, rejection_response: R) -> CsrfLayer<R>
where R: Clone,

Replaces the response builder used when a request is rejected.

Accepts any type that implements ResponseForProtectionError, including a FnMut(ProtectionError) -> Response<B> + Clone closure. The default builder returns a 403 Forbidden with an empty body. Regardless of the builder, Csrf attaches the ProtectionError to the response’s extensions, so a custom builder need not re-attach it.

Trait Implementations§

Source§

impl<T: Clone> Clone for CsrfLayer<T>

Source§

fn clone(&self) -> CsrfLayer<T>

Returns a duplicate of the value. Read more
1.0.0 (const: unstable) · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl<T> Debug for CsrfLayer<T>

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl Default for CsrfLayer

Source§

fn default() -> Self

Returns the “default value” for a type. Read more
Source§

impl<S, T> Layer<S> for CsrfLayer<T>
where T: Clone,

Source§

type Service = Csrf<S, T>

The wrapped service
Source§

fn layer(&self, inner: S) -> Self::Service

Wrap the given service with the middleware, returning a new service that has been decorated with the middleware.

Auto Trait Implementations§

§

impl<T = DefaultResponseForProtectionError> !RefUnwindSafe for CsrfLayer<T>

§

impl<T = DefaultResponseForProtectionError> !UnwindSafe for CsrfLayer<T>

§

impl<T> Freeze for CsrfLayer<T>
where T: Freeze,

§

impl<T> Send for CsrfLayer<T>
where T: Send,

§

impl<T> Sync for CsrfLayer<T>
where T: Sync,

§

impl<T> Unpin for CsrfLayer<T>
where T: Unpin,

§

impl<T> UnsafeUnpin for CsrfLayer<T>
where T: UnsafeUnpin,

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T> Instrument for T

Source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
Source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> PolicyExt for T
where T: ?Sized,

Source§

fn and<P, B, E>(self, other: P) -> And<T, P>
where T: Sized + Policy<B, E>, P: Policy<B, E>,

Available on crate feature follow-redirect only.
Create a new Policy that returns Action::Follow only if self and other return Action::Follow. Read more
Source§

fn or<P, B, E>(self, other: P) -> Or<T, P>
where T: Sized + Policy<B, E>, P: Policy<B, E>,

Available on crate feature follow-redirect only.
Create a new Policy that returns Action::Follow if either self or other returns Action::Follow. Read more
Source§

impl<T> ServiceExt for T

Source§

fn propagate_header(self, header: HeaderName) -> PropagateHeader<Self>
where Self: Sized,

Available on crate features propagate-header and util only.
Propagate a header from the request to the response. Read more
Source§

fn add_extension<T>(self, value: T) -> AddExtension<Self, T>
where Self: Sized,

Available on crate features add-extension and util only.
Add some shareable value to request extensions. Read more
Source§

fn map_request_body<F>(self, f: F) -> MapRequestBody<Self, F>
where Self: Sized,

Available on crate features map-request-body and util only.
Apply a transformation to the request body. Read more
Source§

fn map_response_body<F>(self, f: F) -> MapResponseBody<Self, F>
where Self: Sized,

Available on crate features map-response-body and util only.
Apply a transformation to the response body. Read more
Source§

fn compression(self) -> Compression<Self>
where Self: Sized,

Available on crate feature util and (crate features compression-br or compression-deflate or compression-gzip or compression-zstd) only.
Compresses response bodies. Read more
Source§

fn decompression(self) -> Decompression<Self>
where Self: Sized,

Available on crate feature util and (crate features decompression-br or decompression-deflate or decompression-gzip or decompression-zstd) only.
Decompress response bodies. Read more
Source§

fn trace_for_http(self) -> Trace<Self, HttpMakeClassifier>
where Self: Sized,

Available on crate features trace and util only.
High level tracing that classifies responses using HTTP status codes. Read more
Source§

fn trace_for_grpc(self) -> Trace<Self, GrpcMakeClassifier>
where Self: Sized,

Available on crate features trace and util only.
High level tracing that classifies responses using gRPC headers. Read more
Source§

fn follow_redirects(self) -> FollowRedirect<Self, Standard>
where Self: Sized,

Available on crate features follow-redirect and util only.
Follow redirect resposes using the Standard policy. Read more
Source§

fn sensitive_headers( self, headers: impl IntoIterator<Item = HeaderName>, ) -> SetSensitiveHeaders<Self>
where Self: Sized,

Available on crate features sensitive-headers and util only.
Mark headers as sensitive on both requests and responses. Read more
Source§

fn sensitive_request_headers( self, headers: impl IntoIterator<Item = HeaderName>, ) -> SetSensitiveRequestHeaders<Self>
where Self: Sized,

Available on crate features sensitive-headers and util only.
Mark headers as sensitive on requests. Read more
Source§

fn sensitive_response_headers( self, headers: impl IntoIterator<Item = HeaderName>, ) -> SetSensitiveResponseHeaders<Self>
where Self: Sized,

Available on crate features sensitive-headers and util only.
Mark headers as sensitive on responses. Read more
Source§

fn override_request_header<M>( self, header_name: HeaderName, make: M, ) -> SetRequestHeader<Self, M>
where Self: Sized,

Available on crate features set-header and util only.
Insert a header into the request. Read more
Source§

fn append_request_header<M>( self, header_name: HeaderName, make: M, ) -> SetRequestHeader<Self, M>
where Self: Sized,

Available on crate features set-header and util only.
Append a header into the request. Read more
Source§

fn insert_request_header_if_not_present<M>( self, header_name: HeaderName, make: M, ) -> SetRequestHeader<Self, M>
where Self: Sized,

Available on crate features set-header and util only.
Insert a header into the request, if the header is not already present. Read more
Source§

fn override_response_header<M>( self, header_name: HeaderName, make: M, ) -> SetResponseHeader<Self, M>
where Self: Sized,

Available on crate features set-header and util only.
Insert a header into the response. Read more
Source§

fn append_response_header<M>( self, header_name: HeaderName, make: M, ) -> SetResponseHeader<Self, M>
where Self: Sized,

Available on crate features set-header and util only.
Append a header into the response. Read more
Source§

fn insert_response_header_if_not_present<M>( self, header_name: HeaderName, make: M, ) -> SetResponseHeader<Self, M>
where Self: Sized,

Available on crate features set-header and util only.
Insert a header into the response, if the header is not already present. Read more
Source§

fn set_request_id<M>( self, header_name: HeaderName, make_request_id: M, ) -> SetRequestId<Self, M>
where Self: Sized, M: MakeRequestId,

Available on crate features request-id and util only.
Add request id header and extension. Read more
Source§

fn set_x_request_id<M>(self, make_request_id: M) -> SetRequestId<Self, M>
where Self: Sized, M: MakeRequestId,

Available on crate features request-id and util only.
Add request id header and extension, using x-request-id as the header name. Read more
Source§

fn propagate_request_id( self, header_name: HeaderName, ) -> PropagateRequestId<Self>
where Self: Sized,

Available on crate features request-id and util only.
Propgate request ids from requests to responses. Read more
Source§

fn propagate_x_request_id(self) -> PropagateRequestId<Self>
where Self: Sized,

Available on crate features request-id and util only.
Propgate request ids from requests to responses, using x-request-id as the header name. Read more
Source§

fn catch_panic(self) -> CatchPanic<Self, DefaultResponseForPanic>
where Self: Sized,

Available on crate features catch-panic and util only.
Catch panics and convert them into 500 Internal Server responses. Read more
Source§

fn request_body_limit(self, limit: usize) -> RequestBodyLimit<Self>
where Self: Sized,

Available on crate features limit and util only.
Intercept requests with over-sized payloads and convert them into 413 Payload Too Large responses. Read more
Source§

fn trim_trailing_slash(self) -> NormalizePath<Self>
where Self: Sized,

Available on crate features normalize-path and util only.
Remove trailing slashes from paths. Read more
Source§

fn append_trailing_slash(self) -> NormalizePath<Self>
where Self: Sized,

Available on crate features normalize-path and util only.
Append trailing slash to paths. Read more
Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<T> WithSubscriber for T

Source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more