Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add Web Application Middleware #9

Merged
merged 10 commits into from
Nov 2, 2023
Merged

Add Web Application Middleware #9

merged 10 commits into from
Nov 2, 2023

Conversation

kyleingraham
Copy link
Owner

Add new middleware relevant for web applications intended to be
rendered in a web browser:

  • useIsSecureRequestMiddleware - Record on request whether it
    was delivered via a secure channel.
  • useHstsMiddleware - Inform browsers that your app should only
    be visited via HTTPS.
  • useStaticFilesMiddleware - Serves static files.
  • useRoutingMiddleware - Adds the ability to route a request to
    a handler. Must be used with and called before
    useHandlerMiddleware.
  • useBrowserHardeningMiddleware - Harden the browser environment
    your web app is rendered in.
  • useHandlerMiddleware - Calls a selected handler after routing.
    Must be used with and called after useRoutingMiddleware.

Middleware are specified in WebAppSettings.middleware.

Refactor static file handling into a middleware. Some web
application middleware are irrelevant for static files and with the
previous handler implementation there was no ability to opt out of
them. With a static files middleware we can short-circuit early and
keep static file serving lean as we add more middleware.

Add protection against trusting client-provided security headers
from misconfigured proxies.

Add conversion of exceptions to requests in middleware system. This
enables surfacing messages on error conditions from deep within
middleware.

Add core package for exceptions and other centrally-required code.

@kyleingraham
Add Web Application Middleware
f72096f 
    Add new middleware relevant for web applications intended to be
    rendered in a web browser:
      - `useIsSecureRequestMiddleware` - Record on request whether it
        was delivered via a secure channel.
      - `useHstsMiddleware` - Inform browsers that your app should only
        be visited via HTTPS.
      - `useStaticFilesMiddleware` - Serves static files.
      - `useRoutingMiddleware` - Adds the ability to route a request to
        a handler. Must be used with and called before
        `useHandlerMiddleware`.
      - `useBrowserHardeningMiddleware` - Harden the browser environment
        your web app is rendered in.
      - `useHandlerMiddleware` - Calls a selected handler after routing.
        Must be used with and called after `useRoutingMiddleware`.

    Middleware are specified in `WebAppSettings.middleware`.

    Refactor static file handling into a middleware. Some web
    application middleware are irrelevant for static files and with the
    previous handler implementation there was no ability to opt out of
    them. With a static files middleware we can short-circuit early and
    keep static file serving lean as we add more middleware.
@kyleingraham
Restore private on Router parsePath
13f3f69
@kyleingraham
Remove Unneeded Comment
769a50a
@kyleingraham
Bug Fixes and Performance Improvements
449ee1e 
    Restore public access on Router.parsePath so that it can be
	accessed from WebApp.

	Update Router's handler whenever routes or middleware are
	modified. This removes the need to check for handler updates
	on every request and ensures that all initialization occurs
	before threading in vibe.d setup.

	Increase the time between tests to allow for slower computers.
@kyleingraham
Remove Unused Function and Ambiguous Naming
d897277
@kyleingraham
Update Static File README
686ccd9
@kyleingraham
Add IPv6 Localhost
8784495
@kyleingraham
Improve Middleware System Security
f4727c1 
    Add protection against trusting client-provided security headers
    from misconfigured proxies.

    Add conversion of exceptions to requests in middleware system. This
    enables surfacing messages on error conditions from deep within
    middleware.

    Add `core` package for exceptions and other centrally-required code.
@kyleingraham
Correct Typo and Remove Unneeded Debug Output
5a83db7
@kyleingraham
Cleanup Documentation and Examples
d6d5762
@kyleingraham kyleingraham merged commit db88be6 into trunk Nov 2, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@kyleingraham