!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~ None$+0=BHJKMLG" None!"246:=BHKMCSafeActions are actions that need to be protected from csrf attacks/The body of the safe action. Either GET or POSTGive you access to a database connectin from the connection pool. The connection is released back to the pool once the function terminates.RRead the application's state. If you wish to have mutable state, you could use a  from the STM packge.Get the session manager%8Hook into the session manager to trigger custom behavior(%Configuration for the session manager*name of the client side cookie+$how long shoud a client session live,,entropy of the session id sent to the client-Nif this is true, every page reload will renew the session time to live counter.initial session for visitors/"persistence interface for sessions0Fhow often should the session manager check for dangeling dead sessions1hooks into the session manager2jYou can feed Spock with either a connection pool, or instructions on how to build a connection pool. See 66MThe ConnBuilder instructs Spock how to create or close a database connection.;fIf Spock should take care of connection pooling, you need to configure it depending on what you need.@Spock configurationB initial application global stateCSee 2DSee (EMaximum request size in bytes. % means no limit. Defaults to 5 MB in defaultSpockCfg.FThe F is a specialisation of G with a '()' context.GThe G is the monad of all route-actions. You have access to the context of the request and database, session and state of your application.AInside the SpockAllM monad, you may define routes and middleware.H,Spock configuration with reasonable defaultsI.Session configuration with reasonable defaultsJNOP session hooks_       !"#$!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJ%&'()*Y       !"#$!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJ        !"#$!"#$%&'( )*+,-./0125436789:;<=>?@ABCDEFGHIJ%&'()*None24=KKRead the heart of Spock. This is useful if you want to construct your own monads that work with runQuery and getState using "runSpockIO"LWRun an action inside of Spocks core monad. This allows you to use runQuery and getState+,-KL./0+,-KL.+,-KL./0None3=KSCreate a new session vaultTLoad a sessionU0Store a session, overwriting any previous valuesVRemovea sessionWGet all sessions as listX3Remove all sessions that do not match the predicateYPerform action on all sessionsMNOPQRSTUVWXYZ MNOPQRSTUVWXYPQRZMNOSTUVWXY MNOPQRSTUVWXYZNone [\]^_`abc [\]^_`abc [`_^]\abc[`_^]\abc None$HM#d#Get the original Wai Request objecte Read a headerf+Read a header without converting it to textg Read a cookiehLTries to dected the preferred format of the response using the Accept headeri)Returns the current request method, e.g. jGet the raw request bodykParse the request body as jsonlFParse the request body as json and fails with 500 status code on errormGet uploaded filesnGet all request paramsoRead a request param. Spock looks in route captures first (in simple routing), then in POST variables and at last in GET variablespLike o., but outputs an error when a param is missingqSet a response statusrSet a response header. If the response header is allowed to occur multiple times (as in RFC 2616), it will be appended. Otherwise the previous value is overwritten. See 1.1RINTERNAL: Set a response header that can occur multiple times. (eg: Cache-Control)2TINTERNAL: Unsafely set a header (no checking if the header can occur multiple times)sAAbort the current action and jump the next one matching the routetRedirect to a given urluIf the Spock application is used as a middleware, you can use this to pass request handling to the underlying application. If Spock is not uses as a middleware, or there is no underlying application this will result in 404 error.vEModify the vault (useful for sharing data between middleware and app)wQuery the vaultx1Set a cookie living for a given number of secondsz%Set a cookie living until a specific 3{ Use a custom 4 generator as response body.|Send a  ByteString$ as response body. Provide your own  Content-Type} Send a lazy  ByteString$ as response body. Provide your own  Content-Type~?Send text as a response body. Content-Type will be "text/plain">Send a text as response body. Content-Type will be "text/html"Send a file as response>Send json as response. Content-Type will be "application/json"Use a 5 to generate a response.tBasic authentification provide a title for the prompt and a function to validate user and password. Usage example: get "/my-secret-page" $ requireBasicAuth "Secret Page" (\user pass -> return (user == "admin" && pass == "1234")) $ do html "This is top secret content. Login using that secret code I provided ;-)"&Get the context of the current request$Run an Action in a different context$defghijklmnopqr12stuvwxyz{|}~.[\]^_`defghijklmnopqrstuvwxyz{|}~$defghijklmnopqr12stuvwxyz{|}~ None$3HM6789:;<=>?@ABCDEFGHI     676789:;<=>?@ABCDEFGHINone !"$(3HM 9Run a Spock application. Basically just a wrapper aroung Warp.run.WConvert a middleware to an application. All failing requests will result in a 404 page}Get the current users sessionId. Note that this ID should only be shown to it's owner as otherwise sessions can be hijacked.Write to the current session. Note that all data is stored on the server. The user only reciedes a sessionId to be identified.Modify the stored session,Modify the stored session and return a valueEModify the stored session and return the new value after modificationRead the stored sessionnGlobally delete all existing sessions. This is useful for example if you want to require all users to reloginnApply a transformation to all sessions. Be careful with this, as this may cause many STM transaction retries.ASimple session persisting configuration. DO NOT USE IN PRODUCTION o !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKL[\]^_`defghijklmnopqrstuvwxyz{|}~oFGdefgih[`_^]\jklmnopqrtsxzy|}~{uvw@ABCDEH25436789:;<=>?I()*+,-./01J%&'!"#$KL None !"$=HKMJRun a spock application using the warp server, a given db storageLayer and an initial state. Spock works with database libraries that already implement connection pooling and with those that don't come with it out of the box. For more see the 2 type.KeRun a raw spock server on a defined port. If you don't need a custom base monad you can just supply L as lift function.JKMNOPJKJKNone !"$3BHMCreate a spock application using a given db storageLayer and an initial state. Spock works with database libraries that already implement connection pooling and with those that don't come with it out of the box. For more see the 2 type. Use runSpock to run the app or  spockAsApp to create a Wai.ApplicationACreate a raw spock application with custom underlying monad Use runSpock to run the app or  spockAsApp to create a Wai.Application.Like spockT@, but the first argument is request size limit in bytes. Set to  to disable.#Combine two route components safely"/foo" <//> "/bar" "/foo/bar""foo" <//> "bar" "/foo/bar""foo <//> "/bar" "/foo/bar"6Specify an action that will be run when the HTTP verb  and the given route match6Specify an action that will be run when the HTTP verb  and the given route match6Specify an action that will be run when the HTTP verb  'GET'/'POST' and the given route match6Specify an action that will be run when the HTTP verb  and the given route match6Specify an action that will be run when the HTTP verb  and the given route match6Specify an action that will be run when the HTTP verb  and the given route match6Specify an action that will be run when the HTTP verb  and the given route matchMSpecify an action that will be run when a HTTP verb and the given route matchSpecify an action that will be run when a HTTP verb matches but no defined route matches. The full path is passed as an argument%Define a subcomponent. Usage example: subcomponent "site" $ do get "home" homeHandler get ("misc" <//> ":param") $ -- ... subcomponent "/admin" $ get "home" adminHomeHandlertThe request /site/home will be routed to homeHandler and the request /admin/home will be routed to adminHomeHandlerHook wai middleware into SpocknWire up a safe action: Safe actions are actions that are protected from csrf attacks. Here's a usage example: newtype DeleteUser = DeleteUser Int deriving (Hashable, Typeable, Eq) instance SafeAction Connection () () DeleteUser where runSafeAction (DeleteUser i) = do runQuery $ deleteUserFromDb i redirect "/user-list" get ("user-details" <//> ":userId") $ do userId <- param' "userId" deleteUrl <- safeActionPath (DeleteUser userId) html $ "Click <a href='" <> deleteUrl <> "'>here</a> to delete user!"CNote that safeActions currently only support GET and POST requests.QRSTUVW  !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKL[\]^_`defghijklmnopqrstuvwxyz{|}~ QRSTUVWNone !"$(3BHMCreate a spock application using a given db storageLayer and an initial state. Spock works with database libraries that already implement connection pooling and with those that don't come with it out of the box. For more see the 2 type. Use runSpock to run the app or  spockAsApp to create a Wai.ApplicationACreate a raw spock application with custom underlying monad Use runSpock to run the app or  spockAsApp to create a Wai.Application< The first argument is request size limit in bytes. Set to  to disable.Like spockT<, but first argument is request size limit in bytes. Set to  to disable.6Specify an action that will be run when the HTTP verb  and the given route match6Specify an action that will be run when the HTTP verb  and the given route match6Specify an action that will be run when the HTTP verb  'GET'/'POST' and the given route match6Specify an action that will be run when the HTTP verb  and the given route match6Specify an action that will be run when the HTTP verb  and the given route match6Specify an action that will be run when the HTTP verb  and the given route match6Specify an action that will be run when the HTTP verb  and the given route matchcSpecify an action that will be run before all subroutes. It can modify the requests current contextMSpecify an action that will be run when a HTTP verb and the given route matchSpecify an action that will be run when a HTTP verb matches but no defined route matches. The full path is passed as an argument%Define a subcomponent. Usage example: subcomponent "site" $ do get "home" homeHandler get ("misc" <//> var) $ -- ... subcomponent "admin" $ do get "home" adminHomeHandlertThe request /site/home will be routed to homeHandler and the request /admin/home will be routed to adminHomeHandlerHook wai middleware into SpocknWire up a safe action: Safe actions are actions that are protected from csrf attacks. Here's a usage example: newtype DeleteUser = DeleteUser Int deriving (Hashable, Typeable, Eq) instance SafeAction Connection () () DeleteUser where runSafeAction (DeleteUser i) = do runQuery $ deleteUserFromDb i redirect "/user-list" get ("user-details" <//> var) $ \userId -> do deleteUrl <- safeActionPath (DeleteUser userId) html $ "Click <a href='" <> deleteUrl <> "'>here</a> to delete user!"CNote that safeActions currently only support GET and POST requests.Combine two path components#Render a route applying path piecesXYZ[\]^_`  !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKL[\]^_`defghijklmnopqrstuvwxyz{|}~'  XYZ[\]^_` None  !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKL[\]^_`defghijklmnopqrstuvwxyz{|}~a           !""#$%&'()*+,-./0112344566789:;<=>?@ABCCDEFGGHIJKKLMNOPQRSTUVWWXYZ[\]^_`abcdefghijkl m n o p q r s t u v w x y z { | } ~         0   !"#$%&$%' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < =>?@@@@ABCDEBFFGHICJK Spock-0.9.0.1Web.Spock.SimpleWeb.Spock.SafeWeb.Spock.SharedWeb.Spock.Internal.SessionVaultWeb.Spock.Internal.UtilWeb.Spock.Internal.WireWeb.Spock.Internal.TypesWeb.Spock.Internal.MonadWeb.Spock.Internal.CoreAction!Web.Spock.Internal.SessionManagerWeb.Spock.Internal.Core Web.Spockhttp-types-0.8.6Network.HTTP.Types.MethodGETPOSTHEADPUTDELETETRACECONNECTOPTIONSPATCH StdMethodreroute-0.3.1.0Web.Routing.SafeRoutingrootstaticvarPathVar ActionCtxTActionT UploadedFileuf_nameuf_contentTypeuf_tempLocation SessionId WebStateM SafeAction runSafeActionHasSpock SpockConn SpockState SpockSessionrunQuerygetStateWebStateSessionPersistCfgspc_load spc_store SessionHooks sh_removed SessionCfg sc_cookieName sc_sessionTTLsc_sessionIdEntropysc_sessionExpandTTLsc_emptySession sc_persistCfgsc_housekeepingIntervalsc_hooks PoolOrConn PCNoDatabasePCConnPCPool ConnBuilder cb_createConncb_destroyConncb_poolConfigurationPoolCfg pc_stripespc_resPerStripepc_keepOpenTimeSpockCfgspc_initialState spc_databasespc_sessionCfgspc_maxRequestSize SpockActionSpockActionCtxdefaultSpockCfgdefaultSessionCfgdefaultSessionHooks getSpockHeart runSpockIO SessionVaultunSessionVault IsSession SessionKey getSessionKeynewSessionVault loadSession storeSession deleteSessiontoListfilterSessions mapSessions$fIsSessionSessionClientPreferredFormat PrefUnknownPrefTextPrefHTMLPrefXMLPrefJSON mimeMappingdetectPreferredFormat mapReqHeadersrequestheader rawHeadercookiepreferredFormat reqMethodbodyjsonBody jsonBody'filesparamsparamparam' setStatus setHeaderjumpNextredirectmiddlewarePass modifyVault queryVault setCookie deleteCookie setCookie'responsebytes lazyBytestexthtmlfilejsonstreamrequireBasicAuth getContext runInContextrunSpock spockAsApp getSessionId writeSession modifySessionmodifySession'modifyReadSession readSessionclearAllSessionsmapAllSessionsreadShowSessionPersist SpockRouteSpockTSpockMspockspockT spockLimTgetpostgetpostheadputdeletepatch hookRoutehookAny subcomponent middlewaresafeActionPath SpockCtxT SpockCtxMprehook renderRoute SizeException SpockAllT runActionCtxTErrorTActionInteruptActionMiddlewarePass ActionDone ActionError ActionTryNextActionRedirect ResponseStaters_responseHeadersrs_multiResponseHeaders rs_statusrs_responseBody MultiHeaderMultiHeaderSetCookieMultiHeaderWWWAuthMultiHeaderWarningMultiHeaderViaMultiHeaderUpgradeMultiHeaderTransferEncodingMultiHeaderTrailerMultiHeaderProxyAuthenticateMultiHeaderPragmaMultiHeaderContentLanguageMultiHeaderContentEncodingMultiHeaderConnectionMultiHeaderCacheControl ResponseBody RequestInfo ri_method ri_request ri_paramsri_queryParamsri_files ri_vaultIf ri_contextVaultIfvi_modifyVault vi_lookupKey multiHeaderCImultiHeaderMap runErrorTrespStateToResponse errorResponsenotFound invalidReq serverError sizeErrormiddlewareToAppmakeActionEnvironmentremoveUploadedFiles applyAction handleRequesthandleRequest'requestSizeCheckbuildMiddleware$fExceptionSizeException$fMonadTransActionCtxT$fMonoidActionInterupt$fHashableMultiHeader$fHashableStdMethodbase GHC.Conc.SyncTVar getSessMgr Data.MaybeNothing SpockAllMSessionManagersm_getSessionIdsm_readSessionsm_writeSessionsm_modifySessionsm_mapSessionssm_clearAllSessions sm_middlewaresm_addSafeActionsm_lookupSafeActionsm_removeSafeActionsm_closeSessionManagerSessionsess_idsess_validUntil sess_datasess_safeActions WebStateT runWebStateTSafeActionHashSafeActionStore sas_forward sas_reversePackedSafeActionunpackSafeAction web_dbConnweb_sessionMgr web_state $fShowSession$fMonadBaseControlbWebStateT$fMonadTransControlWebStateT$fMonadBasebWebStateT$fEqPackedSafeAction$fHashablePackedSafeActionwebM runQueryImpl getStateImplgetSessMgrImpl$fHasSpockWebStateT $fHasSpocktsetMultiHeadersetHeaderUnsafe time-1.4.2Data.Time.Clock.UTCUTCTime wai-3.0.3.0Network.Wai.InternalResponse StreamingBodywithSessionManagercreateSessionManagergetSessionIdImplmodifySessionBasereadSessionBaseaddSafeActionImpllookupSafeActionImplremoveSafeActionImplreadSessionImplwriteSessionImplmodifySessionImplsessionMiddlewarenewSessionImplloadSessionImpldeleteSessionImplclearAllSessionsImplmapAllSessionsImplhousekeepSessions createSession randomHashspockAll spockAllTGHC.BaseidWeb.Routing.AbstractRouter _unSpockRoute runSpockThookSafeActions$fIsStringSpockRoute$fMonadTransSpockT LiftHooked unLiftHooked injectHook baseAppHook$fMonadTransSpockCtxT