Enable `rustls`'s `logging` feature to start emitting logs.
Enable the `tracing` crate's `log` feature to hook up the dependencies
that log via that crate.
`hyper` can use `tracing` but it's currently unstable and locked
behind `RUSTFLAGS='--cfg hyper_unstable_tracing'` so we shouldn't use
it yet.
This partially addresses #389.
```console
$ RUST_LOG=trace/ALPN xh https://example.org
[0.495665s DEBUG rustls::client::hs] ALPN protocol is Some(b"h2")
[0.499526s TRACE hyper_util::client::legacy::client] ALPN negotiated h2, updating pool
HTTP/2.0 200 OK
[...]
$ RUST_LOG=rustls xh https://example.org
[0.288085s DEBUG rustls::client::hs] No cached session for DnsName("example.org")
[0.288657s DEBUG rustls::client::hs] Not resuming any session
[0.288767s TRACE rustls::client::hs] Sending ClientHello Message {
version: TLSv1_0,
payload: Handshake {
[...]
[0.698465s DEBUG rustls::client::hs] Using ciphersuite TLS13_AES_256_GCM_SHA384
[0.698508s DEBUG rustls::client::tls13] Not resuming
[0.698530s TRACE rustls::client::client_conn] EarlyData rejected
[0.699267s DEBUG rustls::client::tls13] TLS1.3 encrypted extensions: [Protocols([ProtocolName(6832)])]
[0.699342s DEBUG rustls::client::hs] ALPN protocol is Some(b"h2")
[0.699578s TRACE rustls::client::tls13] Server cert is
CertificateChain([CertificateDer(0x3082076e3082[...]
```
`native-tls` barely has any logging so we don't get much useful info
from there yet.
If the `Content-Disposition` header includes directory
separators (e.g. `/`) then we now only take the base
filename. Including the directories is a vulnerability.
Originally fixed in 028cbb0165af54123a4829162a6a00f46e8dce74 but then
broken again in 330d3f2ed4e1af82ef89fefce2e6e84a8ac66330. This time I
added a regression test.
External changes:
- We now print the actual reason phrase sent by the server instead
of guessing it from the status code. That is, if servers reply with
"200 Wonderful" instead of "200 OK" then we show that. This is
especially useful for status codes that xh doesn't recognize.
- Header values are now decoded as latin1, with the UTF-8 decoding
also shown if applicable.
- A new FAQ file with an entry that explains header value encoding.
Header output now hyperlinks to this entry when relevant and if
supported by the terminal.
Under the hood we now color headers manually. It's still hooked up to
the `.tmTheme` files but not to the `.sublime-syntax` file. This lets
us highlight the latin1 header values differently. In the future we
could use the same approach to optimize JSON highlighting.
I'm unsure about the position of the hyperlink. Currently it's the
text "UTF-8" in `<latin1 value> (UTF-8: <utf-8 value>)`. But that
means it's only shown if the value can be decoded as UTF-8. An
alternative is to turn the latin1 value itself into a hyperlink, but
that's confusing if the value itself is already a URL (which is a
common case for the `Location` header).
I also don't feel that our text is quite distinct enough from the
header value in the default `ansi` theme. Though the hyperlink does
help to set it apart.
