Specs

assign(t(), atom(), term()) :: t()

Assigns a value to a key in the connection.

The "assigns" storage is meant to be used to store values in the connection so that other plugs in your plug pipeline can access them. The assigns storage is a map.

Examples

iex> conn.assigns[:hello]
nil
iex> conn = assign(conn, :hello, :world)
iex> conn.assigns[:hello]
:world

Specs

chunk(t(), body()) :: {:ok, t()} | {:error, term()} | no_return()

Sends a chunk as part of a chunked response.

It expects a connection with state :chunked as set by send_chunked/2. It returns {:ok, conn} in case of success, otherwise {:error, reason}.

To stream data use Enum.reduce_while/3 instead of Enum.into/2. Enum.reduce_while/3 allows aborting the execution if chunk/2 fails to deliver the chunk of data.

Example

Enum.reduce_while(~w(each chunk as a word), conn, fn (chunk, conn) ->
  case Plug.Conn.chunk(conn, chunk) do
    {:ok, conn} ->
      {:cont, conn}
    {:error, :closed} ->
      {:halt, conn}
  end
end)

Specs

clear_session(t()) :: t()

Clears the entire session.

This function removes every key from the session, clearing the session.

Note that, even if clear_session/1 is used, the session is still sent to the client. If the session should be effectively dropped, configure_session/2 should be used with the :drop option set to true.

Specs

configure_session(t(), Keyword.t()) :: t()

Configures the session.

Options

• :renew - generates a new session id for the cookie
• :drop - drops the session, a session cookie will not be included in the response
• :ignore - ignores all changes made to the session in this request cycle

Specs

delete_req_header(t(), binary()) :: t()

Deletes a request header if present.

Raises a Plug.Conn.AlreadySentError if the connection has already been :sent or :chunked.

Examples

Plug.Conn.delete_req_header(conn, "content-type")

Specs

delete_resp_cookie(t(), binary(), Keyword.t()) :: t()

Deletes a response cookie.

Deleting a cookie requires the same options as to when the cookie was put. Check put_resp_cookie/4 for more information.

Specs

delete_resp_header(t(), binary()) :: t()

Deletes a response header if present.

Raises a Plug.Conn.AlreadySentError if the connection has already been :sent or :chunked.

Examples

Plug.Conn.delete_resp_header(conn, "content-type")

Specs

delete_session(t(), String.t() | atom()) :: t()

Deletes key from session.

The key can be a string or an atom, where atoms are automatically converted to strings.

Specs

fetch_cookies(t(), Keyword.t()) :: t()

Fetches cookies from the request headers.

Options

• :signed - a list of one or more cookies that are signed and must be verified accordingly

• :encrypted - a list of one or more cookies that are encrypted and must be decrypted accordingly

See put_resp_cookie/4 for more information.

Specs

fetch_query_params(t(), Keyword.t()) :: t()

Fetches query parameters from the query string.

Params are decoded as "x-www-form-urlencoded" in which key/value pairs are separated by & and keys are separated from values by =.

This function does not fetch parameters from the body. To fetch parameters from the body, use the Plug.Parsers plug.

Options

• :length - the maximum query string length. Defaults to 1_000_000 bytes.

Specs

fetch_session(t(), Keyword.t()) :: t()

Fetches the session from the session store. Will also fetch cookies.

Specs

get_http_protocol(t()) :: Plug.Conn.Adapter.http_protocol()

Returns the HTTP protocol and version.

Examples

iex> get_http_protocol(conn)
:"HTTP/1.1"

Specs

get_peer_data(t()) :: Plug.Conn.Adapter.peer_data()

Returns the request peer data if one is present.

Specs

get_req_header(t(), binary()) :: [binary()]

Returns the values of the request header specified by key.

Examples

iex> get_req_header(conn, "accept")
["application/json"]

Specs

get_resp_header(t(), binary()) :: [binary()]

Returns the values of the response header specified by key.

Examples

iex> conn = %{conn | resp_headers: [{"content-type", "text/plain"}]}
iex> get_resp_header(conn, "content-type")
["text/plain"]

Specs

get_session(t()) :: %{optional(String.t()) => any()}

Returns the whole session.

Although get_session/2 and put_session/3 allow atom keys, they are always normalized to strings. So this function always returns a map with string keys.

Raises if the session was not yet fetched.

Specs

get_session(t(), String.t() | atom()) :: any()

Returns session value for the given key. If key is not set, nil is returned.

The key can be a string or an atom, where atoms are automatically converted to strings.

Specs

halt(t()) :: t()

Halts the Plug pipeline by preventing further plugs downstream from being invoked. See the docs for Plug.Builder for more information on halting a Plug pipeline.

Specs

inform(t(), status(), Keyword.t()) :: t()

Sends and informational response to the client.

An informational response, such as an early hint, must happen prior to a response being sent. If an informational request is attempted after a response is sent then a Plug.Conn.AlreadySentError will be raised. Only status codes from 100-199 are valid.

To use inform for early hints send one or more informs with a status of 103.

If the adapter does not support informational responses then this is a noop.

Most HTTP/1.1 clients do not properly support informational responses but some proxies require it to support server push for HTTP/2. You can call get_http_protocol/1 to retrieve the protocol and version.

Specs

inform!(t(), status(), Keyword.t()) :: t()

Sends an information response to a client but raises if the adapter does not support inform.

See inform/1 for more information.

Specs

merge_assigns(t(), Keyword.t()) :: t()

Assigns multiple values to keys in the connection.

Equivalent to multiple calls to assign/3.

Examples

iex> conn.assigns[:hello]
nil
iex> conn = merge_assigns(conn, hello: :world)
iex> conn.assigns[:hello]
:world

Specs

merge_private(t(), Keyword.t()) :: t()

Assigns multiple private keys and values in the connection.

Equivalent to multiple put_private/3 calls.

Examples

iex> conn.private[:my_plug_hello]
nil
iex> conn = merge_private(conn, my_plug_hello: :world)
iex> conn.private[:my_plug_hello]
:world

Specs

merge_resp_headers(t(), Enum.t()) :: t()

Merges a series of response headers into the connection.

It is recommended for header keys to be in lowercase, to avoid sending duplicate keys in a request. Additionally, responses with mixed-case headers served over HTTP/2 are not considered valid by common clients, resulting in dropped responses. As a convenience, when using the Plug.Adapters.Conn.Test adapter, any headers that aren't lowercase will raise a Plug.Conn.InvalidHeaderError.

Example

Plug.Conn.merge_resp_headers(conn, [{"content-type", "text/plain"}, {"X-1337", "5P34K"}])

Specs

prepend_resp_headers(t(), headers()) :: t()

Prepends the list of headers to the connection response headers.

Similar to put_resp_header this functions adds a new response header (key) but rather then replacing the existing one it prepends another header with the same key.

It is recommended for header keys to be in lowercase, to avoid sending duplicate keys in a request. Additionally, responses with mixed-case headers served over HTTP/2 are not considered valid by common clients, resulting in dropped responses. As a convenience, when using the Plug.Adapters.Conn.Test adapter, any headers that aren't lowercase will raise a Plug.Conn.InvalidHeaderError.

Raises a Plug.Conn.AlreadySentError if the connection has already been :sent or :chunked.

Raises a Plug.Conn.InvalidHeaderError if the header value contains control feed (\r) or newline (\n) characters.

Examples

Plug.Conn.prepend_resp_headers(conn, [{"content-type", "application/json"}])

Specs

push(t(), String.t(), Keyword.t()) :: t()

Pushes a resource to the client.

Server pushes must happen prior to a response being sent. If a server push is attempted after a response is sent then a Plug.Conn.AlreadySentError will be raised.

If the adapter does not support server push then this is a noop.

Note that certain browsers (such as Google Chrome) will not accept a pushed resource if your certificate is not trusted. In the case of Chrome this means a valid cert with a SAN. See https://www.chromestatus.com/feature/4981025180483584

Specs

push!(t(), String.t(), Keyword.t()) :: t()

Pushes a resource to the client but raises if the adapter does not support server push.

Specs

put_private(t(), atom(), term()) :: t()

Assigns a new private key and value in the connection.

This storage is meant to be used by libraries and frameworks to avoid writing to the user storage (the :assigns field). It is recommended for libraries/frameworks to prefix the keys with the library name.

For example, if a plug called my_plug needs to store a :hello key, it would store it as :my_plug_hello:

iex> conn.private[:my_plug_hello]
nil
iex> conn = put_private(conn, :my_plug_hello, :world)
iex> conn.private[:my_plug_hello]
:world

Specs

put_req_header(t(), binary(), binary()) :: t()

Adds a new request header (key) if not present, otherwise replaces the previous value of that header with value.

Because header keys are case-insensitive in both HTTP/1.1 and HTTP/2, it is recommended for header keys to be in lowercase, to avoid sending duplicate keys in a request. Additionally, requests with mixed-case headers served over HTTP/2 are not considered valid by common clients, resulting in dropped requests. As a convenience, when using the Plug.Adapters.Conn.Test adapter, any headers that aren't lowercase will raise a Plug.Conn.InvalidHeaderError.

Raises a Plug.Conn.AlreadySentError if the connection has already been :sent or :chunked.

Examples

Plug.Conn.put_req_header(conn, "accept", "application/json")

Specs

put_resp_content_type(t(), binary(), binary() | nil) :: t()

Sets the value of the "content-type" response header taking into account the charset.

If charset is nil, the value of the "content-type" response header won't specify a charset.

Examples

iex> conn = put_resp_content_type(conn, "application/json")
iex> get_resp_header(conn, "content-type")
["application/json; charset=utf-8"]

Specs

put_resp_cookie(t(), binary(), any(), Keyword.t()) :: t()

Puts a response cookie in the connection.

If the :signed or :encrypted flag are given, then the cookie value can be any term.

If the cookie not signed nor encrypted, then the value must be a binary. Note the is not automatically escaped. Therefore if you want to store values with non-alphanumeric characters, you must either sign or encrypt the cookie or consider explicitly escaping the cookie value by using a function such as Base.encode64(value, padding: false) when writing and Base.decode64(encoded, padding: false) when reading the cookie. It is important for padding to be disabled since = is not a valid character in cookie values.

Signing and encrypting cookies

This function allows you to automatically sign and encrypt cookies. When signing or encryption is enabled, then any Elixir value can be stored in the cookie (except anonymous functions for security reasons). Once a value is signed or encrypted, you must also call fetch_cookies/2 with the name of the cookies that are either signed or encrypted.

To sign, you would do:

put_resp_cookie(conn, "my-cookie", %{user_id: user.id}, sign: true)

and then:

fetch_cookies(conn, signed: ~w(my-cookie))

To encrypt, you would do:

put_resp_cookie(conn, "my-cookie", %{user_id: user.id}, encrypt: true)

and then:

fetch_cookies(conn, encrypted: ~w(my-cookie))

By default a signed or encrypted cookie is only valid for a day, unless a :max_age is specified.

The signing and encryption keys are derived from the connection's secret_key_base using a salt that is built by appending "_cookie" to the cookie name. Care should be taken not to derive other keys using this value as the salt. Similarly do not use the same cookie name to store different values with distinct purposes.

Options

• :domain - the domain the cookie applies to
• :max_age - the cookie max-age, in seconds. Providing a value for this option will set both the max-age and expires cookie attributes.
• :path - the path the cookie applies to
• :http_only - when false, the cookie is accessible beyond HTTP
• :secure - if the cookie must be sent only over https. Defaults to true when the connection is HTTPS
• :extra - string to append to cookie. Use this to take advantage of non-standard cookie attributes.
• :signed - when true, signs the cookie
• :encrypted - when true, encrypts the cookie
• :same_site - set the cookie SameSite attribute to a string value. If no string value is set, the attribute is omitted.

Specs

put_resp_header(t(), binary(), binary()) :: t()

Adds a new response header (key) if not present, otherwise replaces the previous value of that header with value.

Because header keys are case-insensitive in both HTTP/1.1 and HTTP/2, it is recommended for header keys to be in lowercase, to avoid sending duplicate keys in a request. Additionally, responses with mixed-case headers served over HTTP/2 are not considered valid by common clients, resulting in dropped responses. As a convenience, when using the Plug.Adapters.Conn.Test adapter, any headers that aren't lowercase will raise a Plug.Conn.InvalidHeaderError.

Raises a Plug.Conn.AlreadySentError if the connection has already been :sent or :chunked.

Raises a Plug.Conn.InvalidHeaderError if the header value contains control feed (\r) or newline (\n) characters.

Examples

Plug.Conn.put_resp_header(conn, "content-type", "application/json")

Specs

put_session(t(), String.t() | atom(), any()) :: t()

Puts the specified value in the session for the given key.

The key can be a string or an atom, where atoms are automatically converted to strings. Can only be invoked on unsent conns. Will raise otherwise.

Specs

put_status(t(), status()) :: t()

Stores the given status code in the connection.

The status code can be nil, an integer, or an atom. The list of allowed atoms is available in Plug.Conn.Status.

Raises a Plug.Conn.AlreadySentError if the connection has already been :sent or :chunked.

Examples

Plug.Conn.put_status(conn, :not_found)
Plug.Conn.put_status(conn, 200)

Specs

read_body(t(), Keyword.t()) ::
  {:ok, binary(), t()} | {:more, binary(), t()} | {:error, term()}

Reads the request body.

This function reads a chunk of the request body up to a given length (specified by the :length option). If there is more data to be read, then {:more, partial_body, conn} is returned. Otherwise {:ok, body, conn} is returned. In case of an error reading the socket, {:error, reason} is returned as per :gen_tcp.recv/2.

Like all functions in this module, the conn returned by read_body must be passed to the next stage of your pipeline and should not be ignored.

In order to, for instance, support slower clients you can tune the :read_length and :read_timeout options. These specify how much time should be allowed to pass for each read from the underlying socket.

Because the request body can be of any size, reading the body will only work once, as Plug will not cache the result of these operations. If you need to access the body multiple times, it is your responsibility to store it. Finally keep in mind some plugs like Plug.Parsers may read the body, so the body may be unavailable after being accessed by such plugs.

This function is able to handle both chunked and identity transfer-encoding by default.

Options

• :length - sets the maximum number of bytes to read from the body on every call, defaults to 8_000_000 bytes
• :read_length - sets the amount of bytes to read at one time from the underlying socket to fill the chunk, defaults to 1_000_000 bytes
• :read_timeout - sets the timeout for each socket read, defaults to 15_000 milliseconds

The values above are not meant to be exact. For example, setting the length to 8_000_000 may end up reading some hundred bytes more from the socket until we halt.

Examples

{:ok, body, conn} = Plug.Conn.read_body(conn, length: 1_000_000)

Specs

read_part_body(t(), Keyword.t()) ::
  {:ok, binary(), t()} | {:more, binary(), t()} | {:done, t()}

Reads the body of a multipart request.

Returns {:ok, body, conn} if all body has been read, {:more, binary, conn} otherwise, and {:done, conn} if there is no more body.

It accepts the same options as read_body/2.

Specs

read_part_headers(t(), Keyword.t()) :: {:ok, headers(), t()} | {:done, t()}

Reads the headers of a multipart request.

It returns {:ok, headers, conn} with the headers or {:done, conn} if there are no more parts.

Once read_part_headers/2 is invoked, you may call read_part_body/2 to read the body associated to the headers. If read_part_headers/2 is called instead, the body is automatically skipped until the next part headers.

Options

• :length - sets the maximum number of bytes to read from the body for each chunk, defaults to 64_000 bytes
• :read_length - sets the amount of bytes to read at one time from the underlying socket to fill the chunk, defaults to 64_000 bytes
• :read_timeout - sets the timeout for each socket read, defaults to 5_000 milliseconds

Specs

register_before_send(t(), (t() -> t())) :: t()

Registers a callback to be invoked before the response is sent.

Callbacks are invoked in the reverse order they are defined (callbacks defined first are invoked last).

Examples

To log the status of response being sent:

require Logger

Plug.Conn.register_before_send(conn, fn conn ->
  Logger.info("Sent a #{conn.status} response")
  conn
end)

Returns the full request URL.

Specs

resp(t(), status(), body()) :: t()

Sets the response to the given status and body.

It sets the connection state to :set (if not already :set) and raises Plug.Conn.AlreadySentError if it was already :sent.

If you also want to send the response, use send_resp/1 after this or use send_resp/3.

The status can be an integer, an atom, or nil. See Plug.Conn.Status for more information.

Examples

Plug.Conn.resp(conn, 404, "Not found")

Specs

send_chunked(t(), status()) :: t() | no_return()

Sends the response headers as a chunked response.

It expects a connection that has not been :sent yet and sets its state to :chunked afterwards. Otherwise, raises Plug.Conn.AlreadySentError. After send_chunked/2 is called, chunks can be sent to the client via the chunk/2 function.

HTTP/2 does not support chunking and will instead stream the response without a transfer encoding. When using HTTP/1.1, the Cowboy adapter will stream the response instead of emitting chunks if the content-length header has been set before calling send_chunked/2.

Specs

send_file(
  t(),
  status(),
  filename :: binary(),
  offset :: integer(),
  length :: integer() | :all
) :: t() | no_return()

Sends a file as the response body with the given status and optionally starting at the given offset until the given length.

If available, the file is sent directly over the socket using the operating system sendfile operation.

It expects a connection that has not been :sent yet and sets its state to :file afterwards. Otherwise raises Plug.Conn.AlreadySentError.

Examples

Plug.Conn.send_file(conn, 200, "README.md")

Specs

send_resp(t()) :: t() | no_return()

Sends a response to the client.

It expects the connection state to be :set, otherwise raises an ArgumentError for :unset connections or a Plug.Conn.AlreadySentError for already :sent connections.

At the end sets the connection state to :sent.

Note that this function does not halt the connection, so if subsequent plugs try to send another response, it will error out. Use halt/1 after this function if you want to halt the plug pipeline.

Examples

conn
|> Plug.Conn.resp(404, "Not found")
|> Plug.Conn.send_resp()

Specs

send_resp(t(), status(), body()) :: t() | no_return()

Sends a response with the given status and body.

This is equivalent to setting the status and the body and then calling send_resp/1.

Note that this function does not halt the connection, so if subsequent plugs try to send another response, it will error out. Use halt/1 after this function if you want to halt the plug pipeline.

Examples

Plug.Conn.send_resp(conn, 404, "Not found")

Specs

update_req_header(t(), binary(), binary(), (binary() -> binary())) :: t()

Updates a request header if present, otherwise it sets it to an initial value.

Raises a Plug.Conn.AlreadySentError if the connection has already been :sent or :chunked.

Only the first value of the header key is updated if present.

Examples

Plug.Conn.update_req_header(
  conn,
  "accept",
  "application/json; charset=utf-8",
  &(&1 <> "; charset=utf-8")
)

Specs

update_resp_header(t(), binary(), binary(), (binary() -> binary())) :: t()

Updates a response header if present, otherwise it sets it to an initial value.

Raises a Plug.Conn.AlreadySentError if the connection has already been :sent or :chunked.

Only the first value of the header key is updated if present.

Examples

Plug.Conn.update_resp_header(
  conn,
  "content-type",
  "application/json; charset=utf-8",
  &(&1 <> "; charset=utf-8")
)