Merge branch 'main' into better_run_sql_management

Author: lovasoa

CHANGELOG.md

@@ -7,6 +7,7 @@
  - New `search_value` property in the shell component.
  - Fixed a display issue in the hero component when the button text is long and the viewport is narrow.
  - reuse the existing opened database connection for the current query in `sqlpage.run_sql` instead of opening a new one. This makes it possible to create a temporary table in a file, and reuse it in an included script, create a SQL transaction that spans over multiple run_sql calls, and should generally make run_sql more performant.
+ - Fixed a bug in the cookie component where removing a cookie from a subdirectory would not work.
 
 ## 0.22.0 (2024-05-29)
  -  **Important Security Fix:** The behavior of `SET $x` has been modified to match `SELECT $x`.

examples/image gallery with user uploads/login.sql

@@ -5,6 +5,8 @@ select 'text' as type, 'Username' as name, true as required;
 select 'password' as type, 'Password' as name, true as required;
 
 
-select 'alert' as component, 'You are not logged in' as title,
-       'Sorry, we could not log you in. Please try again.' as description
+select 'alert' as component,
+    'danger' as color,
+    'You are not logged in' as title,
+    'Sorry, we could not log you in. Please try again.' as description
 where $error is not null;

examples/read-and-set-http-cookies/index.sql

@@ -11,4 +11,7 @@ SELECT 'username' as name,
     'try leaving this page and coming back, the value should be saved in a cookie' as description;
 
 select 'text' as component;
-select 'log out' as contents, 'logout.sql' as link;
+select 'log out' as contents, 'logout.sql' as link;
+
+select 'text' as component;
+select 'View the cookie from a subdirectory' as contents, 'subdirectory/read_cookies.sql' as link;

examples/read-and-set-http-cookies/subdirectory/read_cookies.sql

@@ -0,0 +1,9 @@
+-- Cookies can be specific to a certain path in the website
+-- This page demonstrates that a gobal cookie can be removed from a subdirectory
+select 'cookie' as component, 'username' as name, true as remove, '/' as path;
+
+SELECT 'text' as component;
+SELECT 'The value of your username cookie was: ' ||
+    COALESCE(sqlpage.cookie('username'), 'NULL') ||
+    '. It has now been removed. You can reload this page.' as contents;
+

src/render.rs

@@ -114,6 +114,17 @@ impl<'a, W: std::io::Write> HeaderContext<'a, W> {
             .with_context(|| "cookie name must be a string")?;
         let mut cookie = actix_web::cookie::Cookie::named(name);
 
+        let path = obj.get("path").and_then(JsonValue::as_str);
+        if let Some(path) = path {
+            cookie.set_path(path);
+        } else {
+            cookie.set_path("/");
+        }
+        let domain = obj.get("domain").and_then(JsonValue::as_str);
+        if let Some(domain) = domain {
+            cookie.set_domain(domain);
+        }
+
         let remove = obj.get("remove");
         if remove == Some(&json!(true)) || remove == Some(&json!(1)) {
             cookie.make_removal();
@@ -138,16 +149,6 @@ impl<'a, W: std::io::Write> HeaderContext<'a, W> {
         });
         let secure = obj.get("secure");
         cookie.set_secure(secure != Some(&json!(false)) && secure != Some(&json!(0)));
-        let path = obj.get("path").and_then(JsonValue::as_str);
-        if let Some(path) = path {
-            cookie.set_path(path);
-        } else {
-            cookie.set_path("/");
-        }
-        let domain = obj.get("domain").and_then(JsonValue::as_str);
-        if let Some(domain) = domain {
-            cookie.set_domain(domain);
-        }
         let expires = obj.get("expires");
         if let Some(expires) = expires {
             cookie.set_expires(actix_web::cookie::Expiration::DateTime(match expires {