From 928470610e2569edab08e5ff7b201be077c3df2d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Igor=20Gali=C4=87?= Date: Tue, 21 Jan 2020 17:36:47 +0100 Subject: [PATCH] remove csrf for now, so we can update the rest --- Cargo.lock | 26 ++++++-------------------- Cargo.toml | 4 ---- src/main.rs | 21 +-------------------- 3 files changed, 7 insertions(+), 44 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 57b685e6..d65453e7 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -2160,9 +2160,8 @@ dependencies = [ "plume-api 0.4.0", "plume-common 0.4.0", "plume-models 0.4.0", - "rocket 0.4.4 (registry+https://github.com/rust-lang/crates.io-index)", - "rocket_contrib 0.4.4 (registry+https://github.com/rust-lang/crates.io-index)", - "rocket_csrf 0.1.0 (git+https://github.com/fdb-hiroshima/rocket_csrf?rev=29910f2829e7e590a540da3804336577b48c7b31)", + "rocket 0.4.2 (registry+https://github.com/rust-lang/crates.io-index)", + "rocket_contrib 0.4.2 (registry+https://github.com/rust-lang/crates.io-index)", "rocket_i18n 0.4.0 (git+https://github.com/Plume-org/rocket_i18n?rev=e922afa7c366038b3433278c03b1456b346074f2)", "rpassword 4.0.5 (registry+https://github.com/rust-lang/crates.io-index)", "rsass 0.9.8 (registry+https://github.com/rust-lang/crates.io-index)", @@ -2724,18 +2723,6 @@ dependencies = [ "serde_json 1.0.51 (registry+https://github.com/rust-lang/crates.io-index)", ] -[[package]] -name = "rocket_csrf" -version = "0.1.0" -source = "git+https://github.com/fdb-hiroshima/rocket_csrf?rev=29910f2829e7e590a540da3804336577b48c7b31#29910f2829e7e590a540da3804336577b48c7b31" -dependencies = [ - "data-encoding 2.1.2 (registry+https://github.com/rust-lang/crates.io-index)", - "ring 0.13.5 (registry+https://github.com/rust-lang/crates.io-index)", - "rocket 0.4.4 (registry+https://github.com/rust-lang/crates.io-index)", - "serde 1.0.106 (registry+https://github.com/rust-lang/crates.io-index)", - "time 0.1.42 (registry+https://github.com/rust-lang/crates.io-index)", -] - [[package]] name = "rocket_http" version = "0.4.4" @@ -4214,11 +4201,10 @@ source = "registry+https://github.com/rust-lang/crates.io-index" "checksum remove_dir_all 0.5.2 (registry+https://github.com/rust-lang/crates.io-index)" = "4a83fa3702a688b9359eccba92d153ac33fd2e8462f9e0e3fdf155239ea7792e" "checksum reqwest 0.9.24 (registry+https://github.com/rust-lang/crates.io-index)" = "f88643aea3c1343c804950d7bf983bd2067f5ab59db6d613a08e05572f2714ab" "checksum ring 0.13.5 (registry+https://github.com/rust-lang/crates.io-index)" = "2c4db68a2e35f3497146b7e4563df7d4773a2433230c5e4b448328e31740458a" -"checksum rocket 0.4.4 (registry+https://github.com/rust-lang/crates.io-index)" = "e20afbad214b001cabbe31dd270b48b3be980a7153ee2ed8392e241f856d651b" -"checksum rocket_codegen 0.4.4 (registry+https://github.com/rust-lang/crates.io-index)" = "2108b35e2c3a35759d3f16cc3002ece05523191d884d3ad6523693fd43324dde" -"checksum rocket_contrib 0.4.4 (registry+https://github.com/rust-lang/crates.io-index)" = "a10e7471279bc2d4a21b6fddd9589016bb119e6fbb547b216dd54ef237f28341" -"checksum rocket_csrf 0.1.0 (git+https://github.com/fdb-hiroshima/rocket_csrf?rev=29910f2829e7e590a540da3804336577b48c7b31)" = "" -"checksum rocket_http 0.4.4 (registry+https://github.com/rust-lang/crates.io-index)" = "6ce8ca76247376ea21cf271af0f95e3f2014596e3e4c7cc04e44ee6242a40ff2" +"checksum rocket 0.4.2 (registry+https://github.com/rust-lang/crates.io-index)" = "42c1e9deb3ef4fa430d307bfccd4231434b707ca1328fae339c43ad1201cc6f7" +"checksum rocket_codegen 0.4.2 (registry+https://github.com/rust-lang/crates.io-index)" = "79aa1366f9b2eccddc05971e17c5de7bb75a5431eb12c2b5c66545fd348647f4" +"checksum rocket_contrib 0.4.2 (registry+https://github.com/rust-lang/crates.io-index)" = "e0fa5c1392135adc0f96a02ba150ac4c765e27c58dbfd32aa40678e948f6e56f" +"checksum rocket_http 0.4.2 (registry+https://github.com/rust-lang/crates.io-index)" = "b1391457ee4e80b40d4b57fa5765c0f2836b20d73bcbee4e3f35d93cf3b80817" "checksum rocket_i18n 0.4.0 (git+https://github.com/Plume-org/rocket_i18n?rev=e922afa7c366038b3433278c03b1456b346074f2)" = "" "checksum rpassword 4.0.5 (registry+https://github.com/rust-lang/crates.io-index)" = "99371657d3c8e4d816fb6221db98fa408242b0b53bac08f8676a41f8554fe99f" "checksum rsass 0.9.8 (registry+https://github.com/rust-lang/crates.io-index)" = "7f4534cc03040beacd2668621815f26fe57e5b7cfe085790f98e5e87c1612316" diff --git a/Cargo.toml b/Cargo.toml index 27994771..72d1e6fc 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -65,10 +65,6 @@ path = "plume-common" [dependencies.plume-models] path = "plume-models" -[dependencies.rocket_csrf] -git = "https://github.com/fdb-hiroshima/rocket_csrf" -rev = "29910f2829e7e590a540da3804336577b48c7b31" - [build-dependencies] ructe = "0.9.0" rsass = "0.9" diff --git a/src/main.rs b/src/main.rs index ed203049..4d2f3d52 100644 --- a/src/main.rs +++ b/src/main.rs @@ -21,7 +21,6 @@ use plume_models::{ search::{Searcher as UnmanagedSearcher, SearcherError}, Connection, Error, CONFIG, }; -use rocket_csrf::CsrfFairingBuilder; use scheduled_thread_pool::ScheduledThreadPool; use std::process::exit; use std::sync::{Arc, Mutex}; @@ -275,25 +274,7 @@ Then try to restart Plume .manage(dbpool) .manage(Arc::new(workpool)) .manage(searcher) - .manage(include_i18n!()) - .attach( - CsrfFairingBuilder::new() - .set_default_target( - "/csrf-violation?target=".to_owned(), - rocket::http::Method::Post, - ) - .add_exceptions(vec![ - ("/inbox".to_owned(), "/inbox".to_owned(), None), - ( - "/@//inbox".to_owned(), - "/@//inbox".to_owned(), - None, - ), - ("/api/".to_owned(), "/api/".to_owned(), None), - ]) - .finalize() - .expect("main: csrf fairing creation error"), - ); + .manage(include_i18n!()); #[cfg(feature = "test")] let rocket = rocket.mount("/test", routes![test_routes::health,]);