diff options
| author | Maayan Hanin <maayan.asa.hanin@gmail.com> | 2020-06-27 00:37:03 +0300 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-06-26 17:37:03 -0400 |
| commit | 598a7dcc8425c9b377d79dc86e298db862e45b91 (patch) | |
| tree | 048afa3e1abc44d45ae1e950271c9b317479776f /cli | |
| parent | 42464e922d0bc435f32cf9d2707537a9558271fb (diff) | |
fix(cli/permissions): panic on hostless URLs (#6500)
Diffstat (limited to 'cli')
| -rw-r--r-- | cli/js/lib.deno.unstable.d.ts | 6 | ||||
| -rw-r--r-- | cli/permissions.rs | 34 |
2 files changed, 39 insertions, 1 deletions
diff --git a/cli/js/lib.deno.unstable.d.ts b/cli/js/lib.deno.unstable.d.ts index f4a7b2786..da3c65143 100644 --- a/cli/js/lib.deno.unstable.d.ts +++ b/cli/js/lib.deno.unstable.d.ts @@ -992,6 +992,12 @@ declare namespace Deno { export interface NetPermissionDescriptor { name: "net"; + /** Optional url associated with this descriptor. + * + * If specified: must be a valid url. Expected format: <scheme>://<host_or_ip>[:port][/path] + * If the scheme is unknown, callers should specify some scheme, such as x:// na:// unknown:// + * + * See: https://www.iana.org/assignments/uri-schemes/uri-schemes.xhtml */ url?: string; } diff --git a/cli/permissions.rs b/cli/permissions.rs index 9fd2338c1..dd70b067b 100644 --- a/cli/permissions.rs +++ b/cli/permissions.rs @@ -283,6 +283,14 @@ impl Permissions { let url: &str = url.unwrap(); // If url is invalid, then throw a TypeError. let parsed = Url::parse(url).map_err(OpError::from)?; + // The url may be parsed correctly but still lack a host, i.e. "localhost:235" or "mailto:someone@somewhere.com" or "file:/1.txt" + // Note that host:port combos are parsed as scheme:path + if parsed.host().is_none() { + return Err(OpError::uri_error( + "invalid url, expected format: <scheme>://<host>[:port][/subpath]" + .to_owned(), + )); + } Ok( self.get_state_net(&format!("{}", parsed.host().unwrap()), parsed.port()), ) @@ -833,11 +841,35 @@ mod tests { ); let mut perms3 = Permissions::from_flags(&Flags { - net_allowlist: allowlist, + net_allowlist: allowlist.clone(), ..Default::default() }); set_prompt_result(true); assert!(perms3.request_net(&Some(":")).is_err()); + + let mut perms4 = Permissions::from_flags(&Flags { + net_allowlist: allowlist.clone(), + ..Default::default() + }); + set_prompt_result(false); + assert_eq!( + perms4 + .request_net(&Some("localhost:8080")) + .unwrap_err() + .kind, + crate::op_error::ErrorKind::URIError + ); + + let mut perms5 = Permissions::from_flags(&Flags { + net_allowlist: allowlist, + ..Default::default() + }); + set_prompt_result(false); + assert_eq!( + perms5.request_net(&Some("file:/1.txt")).unwrap_err().kind, + crate::op_error::ErrorKind::URIError + ); + drop(guard); } |