headers/common/
access_control_allow_credentials.rs

1use {Header, HeaderName, HeaderValue};
2
3/// `Access-Control-Allow-Credentials` header, part of
4/// [CORS](http://www.w3.org/TR/cors/#access-control-allow-headers-response-header)
5///
6/// > The Access-Control-Allow-Credentials HTTP response header indicates whether the
7/// > response to request can be exposed when the credentials flag is true. When part
8/// > of the response to an preflight request it indicates that the actual request can
9/// > be made with credentials. The Access-Control-Allow-Credentials HTTP header must
10/// > match the following ABNF:
11///
12/// # ABNF
13///
14/// ```text
15/// Access-Control-Allow-Credentials: "Access-Control-Allow-Credentials" ":" "true"
16/// ```
17///
18/// Since there is only one acceptable field value, the header struct does not accept
19/// any values at all. Setting an empty `AccessControlAllowCredentials` header is
20/// sufficient. See the examples below.
21///
22/// # Example values
23/// * "true"
24///
25/// # Examples
26///
27/// ```
28/// # extern crate headers;
29/// use headers::AccessControlAllowCredentials;
30///
31/// let allow_creds = AccessControlAllowCredentials;
32/// ```
33#[derive(Clone, PartialEq, Eq, Debug)]
34pub struct AccessControlAllowCredentials;
35
36impl Header for AccessControlAllowCredentials {
37    fn name() -> &'static HeaderName {
38        &::http::header::ACCESS_CONTROL_ALLOW_CREDENTIALS
39    }
40
41    fn decode<'i, I: Iterator<Item = &'i HeaderValue>>(values: &mut I) -> Result<Self, ::Error> {
42        values
43            .next()
44            .and_then(|value| {
45                if value == "true" {
46                    Some(AccessControlAllowCredentials)
47                } else {
48                    None
49                }
50            })
51            .ok_or_else(::Error::invalid)
52    }
53
54    fn encode<E: Extend<::HeaderValue>>(&self, values: &mut E) {
55        values.extend(::std::iter::once(HeaderValue::from_static("true")));
56    }
57}
58
59#[cfg(test)]
60mod tests {
61    use super::super::test_decode;
62    use super::*;
63
64    #[test]
65    fn allow_credentials_is_case_sensitive() {
66        let allow_header = test_decode::<AccessControlAllowCredentials>(&["true"]);
67        assert!(allow_header.is_some());
68
69        let allow_header = test_decode::<AccessControlAllowCredentials>(&["True"]);
70        assert!(allow_header.is_none());
71    }
72}