Wrong flash message when name is numeric

[ThibaudDauce]

Hi,

I'm using Rocket v0.4.4. My code is available in https://gitlab.com/thibauddauce/youtube-rust-rocket/-/commit/ae858382ac3b85b51fa9c77d04febffe73829f43.

When I set the flash name as an integer, the flash message is split in the following request.

#[get("/create_flash")]
fn create_flash() -> Flash<Redirect> {
    let id = 1;

    let flash = Flash::new(Redirect::to("/show_flash"), id.to_string(), "Some very long text");

    dbg!(&flash);

    flash
}

#[get("/show_flash")]
fn show_flash(flash: Option<FlashMessage>) {
    let flash_content = flash.unwrap();

    dbg!(flash_content.name());
    dbg!(flash_content.msg());
}

The result:

GET /create_flash text/html:
    => Matched: GET /create_flash (create_flash)
[src/main.rs:77] &flash = Flash {
    name: "1",
    message: "Some really long text",
    consumed: false,
    inner: Redirect(
        Status {
            code: 303,
            reason: "See Other",
        },
        Some(
            Origin(
                Origin {
                    source: Some(
                        "/show_flash",
                    ),
                    path: (
                        0,
                        11,
                    ),
                    query: None,
                    segment_count: [uninitialized storage],
                },
            ),
        ),
    ),
}
    => Outcome: Success
    => Response succeeded.
GET /show_flash text/html:
    => Matched: GET /show_flash (show_flash)
[src/main.rs:86] flash_content.name() = "Some really"
[src/main.rs:87] flash_content.msg() = " long text"
    => Outcome: Success
    => Response succeeded.

If the flash message is shorter like "Some text", the flash is not set.

GET /create_flash text/html:
    => Matched: GET /create_flash (create_flash)
[src/main.rs:77] &flash = Flash {
    name: "1",
    message: "Some text",
…
}
    => Outcome: Success
    => Response succeeded.
GET /show_flash text/html:
    => Matched: GET /show_flash (show_flash)
thread '<unnamed>' panicked at 'called `Option::unwrap()` on a `None` value', src/main.rs:84:25
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace

If the name is 9 the split happen later:

GET /create_flash text/html:
    => Matched: GET /create_flash (create_flash)
[src/main.rs:77] &flash = Flash {
    name: "9",
    message: "Some really really really long text Some really really really long text",
…
}
    => Outcome: Success
    => Response succeeded.
GET /show_flash text/html:
    => Matched: GET /show_flash (show_flash)
[src/main.rs:86] flash_content.name() = "Some really really "
[src/main.rs:87] flash_content.msg() = "really long text Some really really really long text"
    => Outcome: Success
    => Response succeeded.

If the name is 10 the flash is not set:

GET /create_flash text/html:
    => Matched: GET /create_flash (create_flash)
[src/main.rs:77] &flash = Flash {
    name: "10",
    message: "Some really really really long text Some really really really long text",
…
    => Outcome: Success
    => Response succeeded.
GET /show_flash text/html:
    => Matched: GET /show_flash (show_flash)
thread '<unnamed>' panicked at 'called `Option::unwrap()` on a `None` value', src/main.rs:84:25
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace

If the name is "1a" (not numeric) the split is even weirder:

GET /create_flash text/html:
    => Matched: GET /create_flash (create_flash)
[src/main.rs:75] &flash = Flash {
    name: "1a",
    message: "Some really really really long text Some really really really long text",
…
}
    => Outcome: Success
    => Response succeeded.
GET /show_flash text/html:
    => Matched: GET /show_flash (show_flash)
[src/main.rs:84] flash_content.name() = "aSome really really r"
[src/main.rs:85] flash_content.msg() = "eally long text Some really really really long text"
    => Outcome: Success
    => Response succeeded.

I really don't understand the problem. Don't hesitate if you need me to do additional checks.

My real problem is that I have multiple forms on my page, and I want to associate an ID to my flash message to show the message near the corresponding form. I don't know how to do that in Rocket. I thought using the name part to store the ID but it's not working :-D

[jebrosen]

This is a deficiency in the encoding scheme for the flash message cookie: <name_length><name><msg>. ("1", "Some really long text") encodes as 11Some really long text but decodes as 11 (length of name), Some really (the next 11 characters) in name, followed by the rest in msg.

The workaround is to start the name with non-digits.

To fix, we should change the flash message encoding. For example, adding a delimiter character to end the length field: 1;1Some really long text

[ThibaudDauce]

Thanks a lot for the explanation. By the way, is there a cleaner way to flash a struct (ID of the form + message) with Rocket? Maybe just use JSON serialization in the message field?

[jebrosen]

Sure! If the message you are storing is structlike, you can serialize it with something like serde_json::to_string and serde_json::from_str to deserialize it.

But if you only need ID + text, you could use a dummy name like "message" and something like "4:Text for form 4" as the msg, splitting the msg field at the : when you read it.

[ThibaudDauce]

Yes it's even easier :-D Thanks for the tip!