Struct rocket::shield::Permission
source · pub struct Permission(/* private fields */);
Expand description
The Permissions-Policy header: allow or block the use of browser features.
Tells the browser to allow or block the use of a browser feature in the
top-level page as well as allow or block requesting access to (via the
allow
iframe
attribute) features in embedded iframes.
By default, the top-level page may access ~all features and any embedded iframes may request access to ~any feature. This header allows the server to control exactly which (if any) origins may access or request access to browser features.
Features are enabled via the Permission::allowed()
constructor and
chainable allow()
build method. Features can be blocked
via the Permission::blocked()
and chainable block()
builder method.
use rocket::shield::{Shield, Permission, Feature, Allow};
// In addition to defaults, block access to geolocation and USB features.
// Enable camera and microphone features only for the serving origin. Enable
// payment request access for the current origin and `https://rocket.rs`.
let permission = Permission::default()
.block(Feature::Geolocation)
.block(Feature::Usb)
.allow(Feature::Camera, Allow::This)
.allow(Feature::Microphone, Allow::This)
.allow(Feature::Payment, [Allow::This, Allow::Origin(uri!("https://rocket.rs"))]);
rocket::build().attach(Shield::default().enable(permission));
Default
The default returned via Permission::default()
blocks access to the
interest-cohort
feature, otherwise known as FLoC, which disables using the
current site in ad targeting tracking computations.
Implementations§
source§impl Permission
impl Permission
sourcepub fn allowed<L>(feature: Feature, allow: L) -> Selfwhere
L: IntoCollection<Allow>,
pub fn allowed<L>(feature: Feature, allow: L) -> Selfwhere L: IntoCollection<Allow>,
Constructs a new Permission
policy with only feature
allowed for the
set of origins in allow
which may be a single Allow
, a slice
([Allow]
or &[Allow]
), or a vector (Vec<Allow>
).
If allow
is empty, the use of the feature is blocked unless another
call to allow()
allows it. If allow
contains Allow::Any
, the
feature is allowable for all origins. Otherwise, the feature is
allowable only for the origin specified in allow
.
Panics
Panics if an Absolute
URI in an Allow::Origin
does not contain a
host part.
Example
use rocket::shield::{Permission, Feature, Allow};
let rocket = Allow::Origin(uri!("https://rocket.rs"));
let perm = Permission::allowed(Feature::Usb, Allow::This);
let perm = Permission::allowed(Feature::Usb, Allow::Any);
let perm = Permission::allowed(Feature::Usb, [Allow::This, rocket]);
sourcepub fn blocked(feature: Feature) -> Self
pub fn blocked(feature: Feature) -> Self
Constructs a new Permission
policy with only feature
blocked.
Example
use rocket::shield::{Permission, Feature};
let perm = Permission::blocked(Feature::Usb);
let perm = Permission::blocked(Feature::Payment);
sourcepub fn allow<L>(self, feature: Feature, allow: L) -> Selfwhere
L: IntoCollection<Allow>,
pub fn allow<L>(self, feature: Feature, allow: L) -> Selfwhere L: IntoCollection<Allow>,
Adds feature
as allowable for the set of origins in allow
which may
be a single Allow
, a slice ([Allow]
or &[Allow]
), or a vector
(Vec<Allow>
).
This policy supersedes any previous policy set for feature
.
If allow
is empty, the use of the feature is blocked unless another
call to allow()
allows it. If allow
contains Allow::Any
, the
feature is allowable for all origins. Otherwise, the feature is
allowable only for the origin specified in allow
.
Panics
Panics if an Absolute
URI in an Allow::Origin
does not contain a
host part.
Example
use rocket::shield::{Permission, Feature, Allow};
let rocket = Allow::Origin(uri!("https://rocket.rs"));
let perm = Permission::allowed(Feature::Usb, Allow::This)
.allow(Feature::Payment, [rocket, Allow::This]);
sourcepub fn block(self, feature: Feature) -> Self
pub fn block(self, feature: Feature) -> Self
Blocks feature
. This policy supersedes any previous policy set for
feature
.
Example
use rocket::shield::{Permission, Feature};
let perm = Permission::default()
.block(Feature::Usb)
.block(Feature::Payment);
sourcepub fn get(&self, feature: Feature) -> Option<&[Allow]>
pub fn get(&self, feature: Feature) -> Option<&[Allow]>
Returns the allow list (so far) for feature
if feature is allowed.
Example
use rocket::shield::{Permission, Feature, Allow};
let perm = Permission::default();
assert!(perm.get(Feature::Usb).is_none());
let perm = perm.allow(Feature::Usb, Allow::Any);
assert_eq!(perm.get(Feature::Usb).unwrap(), &[Allow::Any]);
sourcepub fn iter(&self) -> impl Iterator<Item = (Feature, Option<&[Allow]>)>
pub fn iter(&self) -> impl Iterator<Item = (Feature, Option<&[Allow]>)>
Returns an iterator over the pairs of features and their allow lists,
None
if the feature is blocked.
Features are returned in the order in which they were first added.
Example
use rocket::shield::{Permission, Feature, Allow};
let foo = uri!("https://foo.com:1234");
let perm = Permission::blocked(Feature::Camera)
.allow(Feature::Gyroscope, [Allow::This, Allow::Origin(foo.clone())])
.block(Feature::Payment)
.allow(Feature::Camera, Allow::Any);
let perms: Vec<_> = perm.iter().collect();
assert_eq!(perms.len(), 3);
assert_eq!(perms, vec![
(Feature::Camera, Some(&[Allow::Any][..])),
(Feature::Gyroscope, Some(&[Allow::This, Allow::Origin(foo)][..])),
(Feature::Payment, None),
]);
Trait Implementations§
source§impl Clone for Permission
impl Clone for Permission
source§fn clone(&self) -> Permission
fn clone(&self) -> Permission
1.0.0 · source§fn clone_from(&mut self, source: &Self)
fn clone_from(&mut self, source: &Self)
source
. Read moresource§impl Default for Permission
impl Default for Permission
source§impl From<&Permission> for Header<'static>
impl From<&Permission> for Header<'static>
source§fn from(perm: &Permission) -> Self
fn from(perm: &Permission) -> Self
source§impl PartialEq<Permission> for Permission
impl PartialEq<Permission> for Permission
source§fn eq(&self, other: &Permission) -> bool
fn eq(&self, other: &Permission) -> bool
self
and other
values to be equal, and is used
by ==
.source§impl Policy for Permission
impl Policy for Permission
impl StructuralPartialEq for Permission
Auto Trait Implementations§
impl !RefUnwindSafe for Permission
impl Send for Permission
impl Sync for Permission
impl Unpin for Permission
impl !UnwindSafe for Permission
Blanket Implementations§
source§impl<T> BorrowMut<T> for Twhere
T: ?Sized,
impl<T> BorrowMut<T> for Twhere T: ?Sized,
source§fn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
source§impl<T> Instrument for T
impl<T> Instrument for T
source§fn instrument(self, span: Span) -> Instrumented<Self>
fn instrument(self, span: Span) -> Instrumented<Self>
source§fn in_current_span(self) -> Instrumented<Self>
fn in_current_span(self) -> Instrumented<Self>
source§impl<T> IntoCollection<T> for T
impl<T> IntoCollection<T> for T
source§impl<T> Paint for Twhere
T: ?Sized,
impl<T> Paint for Twhere T: ?Sized,
source§fn fg(&self, value: Color) -> Painted<&T>
fn fg(&self, value: Color) -> Painted<&T>
Returns a styled value derived from self
with the foreground set to
value
.
This method should be used rarely. Instead, prefer to use color-specific
builder methods like red()
and
green()
, which have the same functionality but are
pithier.
Example
Set foreground color to white using fg()
:
use yansi::{Paint, Color};
painted.fg(Color::White);
Set foreground color to white using white()
.
use yansi::Paint;
painted.white();
source§fn bright_black(&self) -> Painted<&T>
fn bright_black(&self) -> Painted<&T>
source§fn bright_red(&self) -> Painted<&T>
fn bright_red(&self) -> Painted<&T>
source§fn bright_green(&self) -> Painted<&T>
fn bright_green(&self) -> Painted<&T>
source§fn bright_yellow(&self) -> Painted<&T>
fn bright_yellow(&self) -> Painted<&T>
Returns self
with the
fg()
set to
Color::BrightYellow
.
Example
println!("{}", value.bright_yellow());
source§fn bright_blue(&self) -> Painted<&T>
fn bright_blue(&self) -> Painted<&T>
source§fn bright_magenta(&self) -> Painted<&T>
fn bright_magenta(&self) -> Painted<&T>
Returns self
with the
fg()
set to
Color::BrightMagenta
.
Example
println!("{}", value.bright_magenta());
source§fn bright_cyan(&self) -> Painted<&T>
fn bright_cyan(&self) -> Painted<&T>
source§fn bright_white(&self) -> Painted<&T>
fn bright_white(&self) -> Painted<&T>
source§fn bg(&self, value: Color) -> Painted<&T>
fn bg(&self, value: Color) -> Painted<&T>
Returns a styled value derived from self
with the background set to
value
.
This method should be used rarely. Instead, prefer to use color-specific
builder methods like on_red()
and
on_green()
, which have the same functionality but
are pithier.
Example
Set background color to red using fg()
:
use yansi::{Paint, Color};
painted.bg(Color::Red);
Set background color to red using on_red()
.
use yansi::Paint;
painted.on_red();
source§fn on_primary(&self) -> Painted<&T>
fn on_primary(&self) -> Painted<&T>
source§fn on_magenta(&self) -> Painted<&T>
fn on_magenta(&self) -> Painted<&T>
source§fn on_bright_black(&self) -> Painted<&T>
fn on_bright_black(&self) -> Painted<&T>
Returns self
with the
bg()
set to
Color::BrightBlack
.
Example
println!("{}", value.on_bright_black());
source§fn on_bright_red(&self) -> Painted<&T>
fn on_bright_red(&self) -> Painted<&T>
source§fn on_bright_green(&self) -> Painted<&T>
fn on_bright_green(&self) -> Painted<&T>
Returns self
with the
bg()
set to
Color::BrightGreen
.
Example
println!("{}", value.on_bright_green());
source§fn on_bright_yellow(&self) -> Painted<&T>
fn on_bright_yellow(&self) -> Painted<&T>
Returns self
with the
bg()
set to
Color::BrightYellow
.
Example
println!("{}", value.on_bright_yellow());
source§fn on_bright_blue(&self) -> Painted<&T>
fn on_bright_blue(&self) -> Painted<&T>
Returns self
with the
bg()
set to
Color::BrightBlue
.
Example
println!("{}", value.on_bright_blue());
source§fn on_bright_magenta(&self) -> Painted<&T>
fn on_bright_magenta(&self) -> Painted<&T>
Returns self
with the
bg()
set to
Color::BrightMagenta
.
Example
println!("{}", value.on_bright_magenta());
source§fn on_bright_cyan(&self) -> Painted<&T>
fn on_bright_cyan(&self) -> Painted<&T>
Returns self
with the
bg()
set to
Color::BrightCyan
.
Example
println!("{}", value.on_bright_cyan());
source§fn on_bright_white(&self) -> Painted<&T>
fn on_bright_white(&self) -> Painted<&T>
Returns self
with the
bg()
set to
Color::BrightWhite
.
Example
println!("{}", value.on_bright_white());
source§fn attr(&self, value: Attribute) -> Painted<&T>
fn attr(&self, value: Attribute) -> Painted<&T>
Enables the styling Attribute
value
.
This method should be used rarely. Instead, prefer to use
attribute-specific builder methods like bold()
and
underline()
, which have the same functionality
but are pithier.
Example
Make text bold using attr()
:
use yansi::{Paint, Attribute};
painted.attr(Attribute::Bold);
Make text bold using using bold()
.
use yansi::Paint;
painted.bold();
source§fn underline(&self) -> Painted<&T>
fn underline(&self) -> Painted<&T>
Returns self
with the
attr()
set to
Attribute::Underline
.
Example
println!("{}", value.underline());
source§fn rapid_blink(&self) -> Painted<&T>
fn rapid_blink(&self) -> Painted<&T>
Returns self
with the
attr()
set to
Attribute::RapidBlink
.
Example
println!("{}", value.rapid_blink());
source§fn quirk(&self, value: Quirk) -> Painted<&T>
fn quirk(&self, value: Quirk) -> Painted<&T>
Enables the yansi
Quirk
value
.
This method should be used rarely. Instead, prefer to use quirk-specific
builder methods like mask()
and
wrap()
, which have the same functionality but are
pithier.
Example
Enable wrapping using .quirk()
:
use yansi::{Paint, Quirk};
painted.quirk(Quirk::Wrap);
Enable wrapping using wrap()
.
use yansi::Paint;
painted.wrap();
source§fn whenever(&self, value: Condition) -> Painted<&T>
fn whenever(&self, value: Condition) -> Painted<&T>
Conditionally enable styling based on whether the Condition
value
applies. Replaces any previous condition.
See the crate level docs for more details.
Example
Enable styling painted
only when both stdout
and stderr
are TTYs:
use yansi::{Paint, Condition};
painted.red().on_yellow().whenever(Condition::STDOUTERR_ARE_TTY);