From 0c64225bcf66b62b4a84a84f8229e695e023bcde Mon Sep 17 00:00:00 2001
From: Rohan Sircar <rohansircar@tuta.io>
Date: Tue, 18 May 2021 19:42:03 +0530
Subject: [PATCH] remove unneeded files

---
 src/middlewares/csrf.rs | 276 ----------------------------------------
 src/utils/extra.rs      |  28 ----
 static/test.js          |   1 -
 templates/hello.hbs     |  22 ----
 4 files changed, 327 deletions(-)
 delete mode 100644 src/middlewares/csrf.rs
 delete mode 100644 src/utils/extra.rs
 delete mode 100644 static/test.js
 delete mode 100644 templates/hello.hbs

diff --git a/src/middlewares/csrf.rs b/src/middlewares/csrf.rs
deleted file mode 100644
index 4cd630a..0000000
--- a/src/middlewares/csrf.rs
+++ /dev/null
@@ -1,276 +0,0 @@
-// //! A filter for cross-site request forgery (CSRF).
-// //!
-// //! This middleware is stateless and [based on request
-// //! headers](https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)_Prevention_Cheat_Sheet#Verifying_Same_Origin_with_Standard_Headers).
-// //!
-// //! By default requests are allowed only if one of these is true:
-// //!
-// //! * The request method is safe (`GET`, `HEAD`, `OPTIONS`). It is the
-// //!   applications responsibility to ensure these methods cannot be used to
-// //!   execute unwanted actions. Note that upgrade requests for websockets are
-// //!   also considered safe.
-// //! * The `Origin` header (added automatically by the browser) matches one
-// //!   of the allowed origins.
-// //! * There is no `Origin` header but the `Referer` header matches one of
-// //!   the allowed origins.
-// //!
-// //! Use [`CsrfFilter::allow_xhr()`](struct.CsrfFilter.html#method.allow_xhr)
-// //! if you want to allow requests with unprotected methods via
-// //! [CORS](../cors/struct.Cors.html).
-// //!
-// //! # Example
-// //!
-// //! ```
-// //! # extern crate actix_web;
-// //! use actix_web::middleware::csrf;
-// //! use actix_web::{http, App, HttpRequest, HttpResponse};
-// //!
-// //! fn handle_post(_: &HttpRequest) -> &'static str {
-// //!     "This action should only be triggered with requests from the same site"
-// //! }
-// //!
-// //! fn main() {
-// //!     let app = App::new()
-// //!         .middleware(
-// //!             csrf::CsrfFilter::new().allowed_origin("https://www.example.com"),
-// //!         )
-// //!         .resource("/", |r| {
-// //!             r.method(http::Method::GET).f(|_| HttpResponse::Ok());
-// //!             r.method(http::Method::POST).f(handle_post);
-// //!         })
-// //!         .finish();
-// //! }
-// //! ```
-// //!
-// //! In this example the entire application is protected from CSRF.
-
-// use std::borrow::Cow;
-// use std::collections::HashSet;
-
-// use bytes::Bytes;
-// use error::{ResponseError, Result};
-// use http::{header, HeaderMap, HttpTryFrom, Uri};
-// use httprequest::HttpRequest;
-// use httpresponse::HttpResponse;
-// use middleware::{Middleware, Started};
-// use server::Request;
-
-// /// Potential cross-site request forgery detected.
-// #[derive(Debug, Fail)]
-// pub enum CsrfError {
-//     /// The HTTP request header `Origin` was required but not provided.
-//     #[fail(display = "Origin header required")]
-//     MissingOrigin,
-//     /// The HTTP request header `Origin` could not be parsed correctly.
-//     #[fail(display = "Could not parse Origin header")]
-//     BadOrigin,
-//     /// The cross-site request was denied.
-//     #[fail(display = "Cross-site request denied")]
-//     CsrDenied,
-// }
-
-// impl ResponseError for CsrfError {
-//     fn error_response(&self) -> HttpResponse {
-//         HttpResponse::Forbidden().body(self.to_string())
-//     }
-// }
-
-// fn uri_origin(uri: &Uri) -> Option<String> {
-//     match (
-//         uri.scheme_part(),
-//         uri.host(),
-//         uri.port_part().map(|port| port.as_u16()),
-//     ) {
-//         (Some(scheme), Some(host), Some(port)) => Some(format!("{}://{}:{}", scheme, host, port)),
-//         (Some(scheme), Some(host), None) => Some(format!("{}://{}", scheme, host)),
-//         _ => None,
-//     }
-// }
-
-// fn origin(headers: &HeaderMap) -> Option<Result<Cow<str>, CsrfError>> {
-//     headers
-//         .get(header::ORIGIN)
-//         .map(|origin| {
-//             origin
-//                 .to_str()
-//                 .map_err(|_| CsrfError::BadOrigin)
-//                 .map(|o| o.into())
-//         })
-//         .or_else(|| {
-//             headers.get(header::REFERER).map(|referer| {
-//                 Uri::try_from(Bytes::from(referer.as_bytes()))
-//                     .ok()
-//                     .as_ref()
-//                     .and_then(uri_origin)
-//                     .ok_or(CsrfError::BadOrigin)
-//                     .map(|o| o.into())
-//             })
-//         })
-// }
-
-// /// A middleware that filters cross-site requests.
-// ///
-// /// To construct a CSRF filter:
-// ///
-// /// 1. Call [`CsrfFilter::build`](struct.CsrfFilter.html#method.build) to
-// ///    start building.
-// /// 2. [Add](struct.CsrfFilterBuilder.html#method.allowed_origin) allowed
-// ///    origins.
-// /// 3. Call [finish](struct.CsrfFilterBuilder.html#method.finish) to retrieve
-// ///    the constructed filter.
-// ///
-// /// # Example
-// ///
-// /// ```
-// /// use actix_web::middleware::csrf;
-// /// use actix_web::App;
-// ///
-// /// # fn main() {
-// /// let app = App::new()
-// ///     .middleware(csrf::CsrfFilter::new().allowed_origin("https://www.example.com"));
-// /// # }
-// /// ```
-// #[derive(Default)]
-// pub struct CsrfFilter {
-//     origins: HashSet<String>,
-//     allow_xhr: bool,
-//     allow_missing_origin: bool,
-//     allow_upgrade: bool,
-// }
-
-// impl CsrfFilter {
-//     /// Start building a `CsrfFilter`.
-//     pub fn new() -> CsrfFilter {
-//         CsrfFilter {
-//             origins: HashSet::new(),
-//             allow_xhr: false,
-//             allow_missing_origin: false,
-//             allow_upgrade: false,
-//         }
-//     }
-
-//     /// Add an origin that is allowed to make requests. Will be verified
-//     /// against the `Origin` request header.
-//     pub fn allowed_origin<T: Into<String>>(mut self, origin: T) -> CsrfFilter {
-//         self.origins.insert(origin.into());
-//         self
-//     }
-
-//     /// Allow all requests with an `X-Requested-With` header.
-//     ///
-//     /// A cross-site attacker should not be able to send requests with custom
-//     /// headers unless a CORS policy whitelists them. Therefore it should be
-//     /// safe to allow requests with an `X-Requested-With` header (added
-//     /// automatically by many JavaScript libraries).
-//     ///
-//     /// This is disabled by default, because in Safari it is possible to
-//     /// circumvent this using redirects and Flash.
-//     ///
-//     /// Use this method to enable more lax filtering.
-//     pub fn allow_xhr(mut self) -> CsrfFilter {
-//         self.allow_xhr = true;
-//         self
-//     }
-
-//     /// Allow requests if the expected `Origin` header is missing (and
-//     /// there is no `Referer` to fall back on).
-//     ///
-//     /// The filter is conservative by default, but it should be safe to allow
-//     /// missing `Origin` headers because a cross-site attacker cannot prevent
-//     /// the browser from sending `Origin` on unprotected requests.
-//     pub fn allow_missing_origin(mut self) -> CsrfFilter {
-//         self.allow_missing_origin = true;
-//         self
-//     }
-
-//     /// Allow cross-site upgrade requests (for example to open a WebSocket).
-//     pub fn allow_upgrade(mut self) -> CsrfFilter {
-//         self.allow_upgrade = true;
-//         self
-//     }
-
-//     fn validate(&self, req: &Request) -> Result<(), CsrfError> {
-//         let is_upgrade = req.headers().contains_key(header::UPGRADE);
-//         let is_safe = req.method().is_safe() && (self.allow_upgrade || !is_upgrade);
-
-//         if is_safe || (self.allow_xhr && req.headers().contains_key("x-requested-with")) {
-//             Ok(())
-//         } else if let Some(header) = origin(req.headers()) {
-//             match header {
-//                 Ok(ref origin) if self.origins.contains(origin.as_ref()) => Ok(()),
-//                 Ok(_) => Err(CsrfError::CsrDenied),
-//                 Err(err) => Err(err),
-//             }
-//         } else if self.allow_missing_origin {
-//             Ok(())
-//         } else {
-//             Err(CsrfError::MissingOrigin)
-//         }
-//     }
-// }
-
-// impl<S> Middleware<S> for CsrfFilter {
-//     fn start(&self, req: &HttpRequest<S>) -> Result<Started> {
-//         self.validate(req)?;
-//         Ok(Started::Done)
-//     }
-// }
-
-// #[cfg(test)]
-// mod tests {
-//     use super::*;
-//     use http::Method;
-//     use test::TestRequest;
-
-//     #[test]
-//     fn test_safe() {
-//         let csrf = CsrfFilter::new().allowed_origin("https://www.example.com");
-
-//         let req = TestRequest::with_header("Origin", "https://www.w3.org")
-//             .method(Method::HEAD)
-//             .finish();
-
-//         assert!(csrf.start(&req).is_ok());
-//     }
-
-//     #[test]
-//     fn test_csrf() {
-//         let csrf = CsrfFilter::new().allowed_origin("https://www.example.com");
-
-//         let req = TestRequest::with_header("Origin", "https://www.w3.org")
-//             .method(Method::POST)
-//             .finish();
-
-//         assert!(csrf.start(&req).is_err());
-//     }
-
-//     #[test]
-//     fn test_referer() {
-//         let csrf = CsrfFilter::new().allowed_origin("https://www.example.com");
-
-//         let req =
-//             TestRequest::with_header("Referer", "https://www.example.com/some/path?query=param")
-//                 .method(Method::POST)
-//                 .finish();
-
-//         assert!(csrf.start(&req).is_ok());
-//     }
-
-//     #[test]
-//     fn test_upgrade() {
-//         let strict_csrf = CsrfFilter::new().allowed_origin("https://www.example.com");
-
-//         let lax_csrf = CsrfFilter::new()
-//             .allowed_origin("https://www.example.com")
-//             .allow_upgrade();
-
-//         let req = TestRequest::with_header("Origin", "https://cswsh.com")
-//             .header("Connection", "Upgrade")
-//             .header("Upgrade", "websocket")
-//             .method(Method::GET)
-//             .finish();
-
-//         assert!(strict_csrf.start(&req).is_err());
-//         assert!(lax_csrf.start(&req).is_ok());
-//     }
-// }
diff --git a/src/utils/extra.rs b/src/utils/extra.rs
deleted file mode 100644
index e4de43e..0000000
--- a/src/utils/extra.rs
+++ /dev/null
@@ -1,28 +0,0 @@
-#[derive(Debug, Serialize, Deserialize)]
-struct MyObj {
-    name: String,
-    // number: i32,
-}
-
-#[get("/{id}/{name}")]
-async fn index(info: web::Path<(u32, String)>) -> Result<HttpResponse, Error> {
-    let (id, name) = (info.0, info.1.clone());
-    let template = models::CardTemplate {
-        title: "My Title",
-        body: name,
-        num: id,
-    };
-    template
-        .call()
-        .map(|body| HttpResponse::Ok().content_type("text/html").body(body))
-        .map_err(|_| {
-            error::ErrorInternalServerError("Error while parsing template")
-        })
-}
-
-/// This handler uses json extractor
-#[post("/extractor")]
-async fn extract_my_obj(item: web::Json<MyObj>) -> HttpResponse {
-    debug!("model: {:?}", item);
-    HttpResponse::Ok().json(item.0) // <- send response
-}
\ No newline at end of file
diff --git a/static/test.js b/static/test.js
deleted file mode 100644
index 88be1a7..0000000
--- a/static/test.js
+++ /dev/null
@@ -1 +0,0 @@
-var x = 1
\ No newline at end of file
diff --git a/templates/hello.hbs b/templates/hello.hbs
deleted file mode 100644
index 84ec1f6..0000000
--- a/templates/hello.hbs
+++ /dev/null
@@ -1,22 +0,0 @@
-<!DOCTYPE html>
-<html lang="en">
-
-<head>
-    <meta charset="UTF-8">
-    <meta name="viewport" content="width=device-width, initial-scale=1.0">
-
-</head>
-
-<body>
-    <div class="entry">
-        <h1>{{title}}</h1>
-        <div class="body">
-            Hello {{body}}! Number input was: {{num}}
-        </div>
-        <h1>BTW... ZA WARUDO</h1>
-    </div>
-    <div class="app"></div>
-    <script src="/test.js" defer></script>
-</body>
-
-</html>
\ No newline at end of file