diff options
| author | Nayeem Rahman <nayeemrmn99@gmail.com> | 2020-12-30 22:35:28 +0000 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-12-30 23:35:28 +0100 |
| commit | 22e0ee92a6618db0168b9dfce6c598b6df207a4c (patch) | |
| tree | d2d2a4ad13c168948cadaebf8c70f2f2ef0c0888 /runtime/ops/net.rs | |
| parent | bcdc2da4c75869480b960d437747feb0feff04c2 (diff) | |
BREAKING(unstable): Use hosts for net allowlists (#8845)
Allowlist checking already uses hosts but for some reason
requests, revokes and the runtime permissions API use URLs.
- BREAKING(lib.deno.unstable.d.ts): Change
NetPermissionDescriptor::url to NetPermissionDescriptor::host
- fix(runtime/permissions): Don't add whole URLs to the
allowlist on request
- fix(runtime/permissions): Harden strength semantics:
({ name: "net", host: "127.0.0.1" } is stronger than
{ name: "net", host: "127.0.0.1:8000" }) for blocklisting
- refactor(runtime/permissions): Use tuples for hosts, make
the host optional in Permissions::{query_net, request_net, revoke_net}()
Diffstat (limited to 'runtime/ops/net.rs')
| -rw-r--r-- | runtime/ops/net.rs | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/runtime/ops/net.rs b/runtime/ops/net.rs index 1ff1e3511..a2df881e6 100644 --- a/runtime/ops/net.rs +++ b/runtime/ops/net.rs @@ -200,7 +200,7 @@ async fn op_datagram_send( { let s = state.borrow(); s.borrow::<Permissions>() - .check_net(&args.hostname, args.port)?; + .check_net(&(&args.hostname, Some(args.port)))?; } let addr = resolve_addr(&args.hostname, args.port) .await? @@ -268,7 +268,7 @@ async fn op_connect( let state_ = state.borrow(); state_ .borrow::<Permissions>() - .check_net(&args.hostname, args.port)?; + .check_net(&(&args.hostname, Some(args.port)))?; } let addr = resolve_addr(&args.hostname, args.port) .await? @@ -473,7 +473,7 @@ fn op_listen( if transport == "udp" { super::check_unstable(state, "Deno.listenDatagram"); } - permissions.check_net(&args.hostname, args.port)?; + permissions.check_net(&(&args.hostname, Some(args.port)))?; } let addr = resolve_addr_sync(&args.hostname, args.port)? .next() |