Skip to content

v3.0.0

Latest
Latest

Choose a tag to compare

View all tags
@orium orium released this 02 Jun 09:14
v3.0.0
02f139c
  • Added MemorySettings::with_graceful_bail_out_on_memory_limit_exceeded(): when set, the
    rewriter flushes every input byte it has received but not yet emitted to the sink (as-is)
    before returning MemoryLimitExceededError, so callers can continue the response by
    writing subsequent bytes directly to their downstream sink instead of breaking it.
  • Added Settings::with_graceful_bail_out_on_content_handler_error(): symmetric to the
    memory setting above, but for RewritingError::ContentHandlerError. When set, the
    rewriter flushes remaining input bytes before propagating a handler error, preserving
    the response. Currently exposed via the Rust API only; the C API still uses the original
    behavior.
  • Added Settings::append_bail_out_handler() and the matching bail_out! macro,
    BailOut rewritable unit, and BailOutHandler / BailOutHandlerSend type aliases.
    Bail-out handlers fire immediately before the raw flush of remaining unparsed input on a
    graceful bail-out (memory or content-handler error). Handlers receive the
    RewritingError and a BailOut through which they can append final bytes to the sink
    via BailOut::append(content, content_type). Intended for handlers that buffer state
    across the document (e.g. text-buffering handlers that defer emission) and need to
    flush that state on bail-out.
  • Marked RewritingError #[non_exhaustive] so future error variants can be added without
    a major version bump. External callers can still match on it, but must include a
    catch-all _ => arm.
  • Reworked Settings, MemorySettings and RewriteStrSettings to use a consuming-builder
    API. Fields are now private; construction is via ::new() plus chained with_* setters
    and append_* methods for the content-handler vectors. This makes future field additions
    non-breaking. Migration: 
    // before
Settings {
    element_content_handlers: vec![element!("div", |el| { /* ... */ Ok(()) })],
    strict: false,
    ..Settings::new()
}
// after
Settings::new()
    .with_strict(false)
    .append_element_content_handler(element!("div", |el| { /* ... */ Ok(()) }))
  • Renamed the internal-use feature integration_test to _integration_test. The leading
    underscore signals to cargo-semver-checks and similar tools that the feature is not
    part of the public API.
  • Comment::set_text now also rejects --!>, a leading >, and a leading ->, which
    WHATWG-conformant browsers treat as comment terminators. Previously only --> was
    rejected, so a caller passing attacker-influenced data could let an attacker break out
    of the comment and inject HTML (security fix).
Assets 2
Loading