Update MSRV for better compatibility

.github/workflows/ci.yml

@@ -7,5 +7,5 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v3
-      - uses: dtolnay/rust-toolchain@1.59.0
-      - run: cargo test --all-features
+      - uses: dtolnay/rust-toolchain@1.72.0
+      - run: cargo test --all-features

Cargo.toml

@@ -3,6 +3,7 @@ name = "actix-csrf"
 version = "0.8.0"
 authors = ["Edward Shen <[email protected]>", "Benoit Eudier <[email protected]>"]
 edition = "2021"
+rust-version = "1.72.0"
 description = "CSRF middleware for Actix"
 repository = "https://github.com/edward-shen/actix-csrf"
 license = "MIT OR Apache-2.0"
@@ -11,18 +12,18 @@ categories = ["web-programming::http-server"]
 include = ["src/**/*", "LICENSE-*", "README.md"]
 
 [dependencies]
-actix-web = { version = "4", default_features = false, features = [ "cookies" ] }
-base64 = { version = "0.21.0", default_features = false, features = [ "std" ]}
+actix-web = { version = "4.3.1", default-features = false, features = [ "cookies" ] }
+base64 = { version = "0.21.0", default-features = false, features = [ "std" ]}
 cookie = "0.16"
 rand = { version = "0.8", features = [ "std_rng" ] }
 tracing = "0.1"
-serde = { version = "1", default_features = false }
+serde = { version = "1", default-features = false }
 
 [dev-dependencies]
 # These versions are pinned to ensure compatibility with 4.0.0
 anyhow = "1"
-actix-web = { version = "=4.0.0", features = [ "cookies", "openssl"] }
-actix-http = "=3.0.0"
+actix-web = { version = "=4.3.1", features = [ "cookies", "openssl"] }
+actix-http = "=3.3.1"
 serde = { version = "1", features = [ "derive" ] }
 tokio = { version = "1", features = [ "macros", "rt-multi-thread" ] }
 openssl = { version = "0.10" }

clippy.toml

@@ -1 +1 @@
-msrv = "1.59"
+msrv = "1.72"

src/extractor.rs

@@ -45,10 +45,11 @@ impl FromRequest for CsrfHeader {
             .headers()
             .get(header_name)
             .map_or(Err(CsrfError::MissingCookie), |header| {
-                match header.to_str() {
-                    Ok(header) => Ok(Self(CsrfToken(header.to_owned()))),
-                    Err(_) => Err(CsrfError::MissingToken),
-                }
+                header
+                    .to_str()
+                    .map_or(Err(CsrfError::MissingToken), |header| {
+                        Ok(Self(CsrfToken(header.to_owned())))
+                    })
             });
 
         ready(resp)
@@ -165,7 +166,7 @@ impl CsrfCookieConfig {
             Self { cookie_name }
         } else {
             Self {
-                cookie_name: format!("{}{}", prefix, cookie_name),
+                cookie_name: format!("{prefix}{cookie_name}"),
             }
         }
     }

src/lib.rs

@@ -14,14 +14,14 @@
 //! follows:
 //!
 //! - User submits a request for a resource that will directly send a CSRF token
-//! (such as a login form). The server will respond with a `Set-Cookie` header
-//! containing the CSRF token.
+//!   (such as a login form). The server will respond with a `Set-Cookie` header
+//!   containing the CSRF token.
 //! - The user then submits a request that contains the CSRF token, either
-//! through a custom header or in the request itself. This results in the client
-//! sending the CRSF token twice: once as a cookie and once as a header or as
-//! part of the request itself.
+//!   through a custom header or in the request itself. This results in the client
+//!   sending the CRSF token twice: once as a cookie and once as a header or as
+//!   part of the request itself.
 //! - The server then validates if the CSRF value in the request is the same as
-//! the CSRF value in the cookie. If it is, the request is allowed to proceed.
+//!   the CSRF value in the cookie. If it is, the request is allowed to proceed.
 //!
 //! This is why this process is known as a double-submit: You submit the CSRF
 //! value to a CSRF protected endpoint in two different ways. For more
@@ -202,7 +202,7 @@ impl<Rng: TokenRng + SeedableRng> CsrfMiddleware<Rng> {
     /// Creates a CSRF middleware with secure defaults. Namely:
     ///
     /// - The CSRF cookie will be prefixed with `__Host-`. This also implies the
-    /// following:
+    ///   following:
     ///   - `Secure` is set.
     ///   - `Domain` is _not_ set.
     ///   - `Path` is set to `/`.
@@ -222,7 +222,7 @@ impl<Rng: TokenRng> CsrfMiddleware<Rng> {
     /// Namely:
     ///
     /// - The CSRF cookie will be prefixed with `__Host-`. This also implies the
-    /// following:
+    ///   following:
     ///   - `Secure` is set.
     ///   - `Domain` is _not_ set.
     ///   - `Path` is set to `/`.