diff options
| author | Bartek IwaĆczuk <biwanczuk@gmail.com> | 2024-09-26 02:50:54 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-09-26 01:50:54 +0000 |
| commit | 5504acea6751480f1425c88353ad5d36257bdce7 (patch) | |
| tree | fa02e6c546eae469aac894bfc71600ab4eccad28 /cli/standalone | |
| parent | 05415bb9de475aa8646985a545f30fe93136207e (diff) | |
feat: add `--allow-import` flag (#25469)
This replaces `--allow-net` for import permissions and makes the
security sandbox stricter by also checking permissions for statically
analyzable imports.
By default, this has a value of
`--allow-import=deno.land:443,jsr.io:443,esm.sh:443,raw.githubusercontent.com:443,gist.githubusercontent.com:443`,
but that can be overridden by providing a different set of hosts.
Additionally, when no value is provided, import permissions are inferred
from the CLI arguments so the following works because
`fresh.deno.dev:443` will be added to the list of allowed imports:
```ts
deno run -A -r https://fresh.deno.dev
```
---------
Co-authored-by: David Sherret <dsherret@gmail.com>
Diffstat (limited to 'cli/standalone')
| -rw-r--r-- | cli/standalone/mod.rs | 19 |
1 files changed, 7 insertions, 12 deletions
diff --git a/cli/standalone/mod.rs b/cli/standalone/mod.rs index bab266734..c501d2d6b 100644 --- a/cli/standalone/mod.rs +++ b/cli/standalone/mod.rs @@ -130,8 +130,6 @@ struct SharedModuleLoaderState { #[derive(Clone)] struct EmbeddedModuleLoader { shared: Arc<SharedModuleLoaderState>, - root_permissions: PermissionsContainer, - dynamic_permissions: PermissionsContainer, } pub const MODULE_NOT_FOUND: &str = "Module not found"; @@ -402,28 +400,23 @@ struct StandaloneModuleLoaderFactory { impl ModuleLoaderFactory for StandaloneModuleLoaderFactory { fn create_for_main( &self, - root_permissions: PermissionsContainer, - dynamic_permissions: PermissionsContainer, + _root_permissions: PermissionsContainer, ) -> ModuleLoaderAndSourceMapGetter { ModuleLoaderAndSourceMapGetter { module_loader: Rc::new(EmbeddedModuleLoader { shared: self.shared.clone(), - root_permissions, - dynamic_permissions, }), } } fn create_for_worker( &self, - root_permissions: PermissionsContainer, - dynamic_permissions: PermissionsContainer, + _parent_permissions: PermissionsContainer, + _permissions: PermissionsContainer, ) -> ModuleLoaderAndSourceMapGetter { ModuleLoaderAndSourceMapGetter { module_loader: Rc::new(EmbeddedModuleLoader { shared: self.shared.clone(), - root_permissions, - dynamic_permissions, }), } } @@ -664,7 +657,8 @@ pub async fn run( }; let permissions = { - let mut permissions = metadata.permissions.to_options(); + let mut permissions = + metadata.permissions.to_options(/* cli_arg_urls */ &[]); // if running with an npm vfs, grant read access to it if let Some(vfs_root) = maybe_vfs_root { match &mut permissions.allow_read { @@ -713,6 +707,7 @@ pub async fn run( npm_resolver, permission_desc_parser, root_cert_store_provider, + permissions, StorageKeyResolver::empty(), crate::args::DenoSubcommand::Run(Default::default()), CliMainWorkerOptions { @@ -752,7 +747,7 @@ pub async fn run( deno_core::JsRuntime::init_platform(None, true); let mut worker = worker_factory - .create_main_worker(WorkerExecutionMode::Run, main_module, permissions) + .create_main_worker(WorkerExecutionMode::Run, main_module) .await?; let exit_code = worker.run().await?; |