Rocket

Unnamed repository; edit this file 'description' to name the repository.
Log | Files | Refs | README

commit 0666e425fe7e726995dcf5894958a69987e6054e
parent 0a3960b0317b030cf3d3345f2d1abb83c1aebb91
Author: Jeb Rosen <jeb@jebrosen.com>
Date:   Sat,  4 May 2019 08:38:11 -0700

Add a few missing pieces of 'compression' documentation.

Diffstat:
Mcontrib/lib/src/compression/fairing.rs | 9++++++++-
Mcontrib/lib/src/compression/mod.rs | 7+++++++
Msite/guide/5-responses.md | 2++
3 files changed, 17 insertions(+), 1 deletion(-)

diff --git a/contrib/lib/src/compression/fairing.rs b/contrib/lib/src/compression/fairing.rs @@ -39,7 +39,14 @@ impl Default for Context { /// - `application/octet-stream` /// /// The excluded types can be changed changing the `compress.exclude` Rocket -/// configuration property. +/// configuration property in Rocket.toml. The default `Content-Type` exclusions +/// will be ignored if this is set, and must be added back in one by one if +/// desired. +/// +/// ```toml +/// [global.compress] +/// exclude = ["video/*", "application/x-xz"] +/// ``` /// /// # Usage /// diff --git a/contrib/lib/src/compression/mod.rs b/contrib/lib/src/compression/mod.rs @@ -15,6 +15,13 @@ //! default-features = false //! features = ["compression"] //! ``` +//! +//! # Security Implications +//! +//! In some cases, HTTP compression on a site served over HTTPS can make a web +//! application vulnerable to attacks including BREACH. These risks should be +//! evaluated in the context of your application before enabling compression. +//! #[cfg(feature="brotli_compression")] extern crate brotli; #[cfg(feature="gzip_compression")] extern crate flate2; diff --git a/site/guide/5-responses.md b/site/guide/5-responses.md @@ -241,6 +241,7 @@ library. Among these are: * [`Json`] - Automatically serializes values into JSON. * [`MsgPack`] - Automatically serializes values into MessagePack. * [`Template`] - Renders a dynamic template using handlebars or Tera. + * [`Compress`] - Compresses a response at the HTTP layer. [`status`]: @api/rocket/response/status/ [`response`]: @api/rocket/response/ @@ -250,6 +251,7 @@ library. Among these are: [`Stream`]: @api/rocket/response/struct.Stream.html [`Flash`]: @api/rocket/response/struct.Flash.html [`MsgPack`]: @api/rocket_contrib/msgpack/struct.MsgPack.html +[`Compress`]: @api/rocket_contrib/compression/struct.Compress.html ### Streaming