diff options
| author | Nayeem Rahman <nayeemrmn99@gmail.com> | 2020-12-30 22:35:28 +0000 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-12-30 23:35:28 +0100 |
| commit | 22e0ee92a6618db0168b9dfce6c598b6df207a4c (patch) | |
| tree | d2d2a4ad13c168948cadaebf8c70f2f2ef0c0888 /runtime/ops/permissions.rs | |
| parent | bcdc2da4c75869480b960d437747feb0feff04c2 (diff) | |
BREAKING(unstable): Use hosts for net allowlists (#8845)
Allowlist checking already uses hosts but for some reason
requests, revokes and the runtime permissions API use URLs.
- BREAKING(lib.deno.unstable.d.ts): Change
NetPermissionDescriptor::url to NetPermissionDescriptor::host
- fix(runtime/permissions): Don't add whole URLs to the
allowlist on request
- fix(runtime/permissions): Harden strength semantics:
({ name: "net", host: "127.0.0.1" } is stronger than
{ name: "net", host: "127.0.0.1:8000" }) for blocklisting
- refactor(runtime/permissions): Use tuples for hosts, make
the host optional in Permissions::{query_net, request_net, revoke_net}()
Diffstat (limited to 'runtime/ops/permissions.rs')
| -rw-r--r-- | runtime/ops/permissions.rs | 38 |
1 files changed, 34 insertions, 4 deletions
diff --git a/runtime/ops/permissions.rs b/runtime/ops/permissions.rs index 7474c0e37..98940dfc1 100644 --- a/runtime/ops/permissions.rs +++ b/runtime/ops/permissions.rs @@ -2,10 +2,12 @@ use crate::permissions::Permissions; use deno_core::error::custom_error; +use deno_core::error::uri_error; use deno_core::error::AnyError; use deno_core::serde_json; use deno_core::serde_json::json; use deno_core::serde_json::Value; +use deno_core::url; use deno_core::OpState; use deno_core::ZeroCopyBuf; use serde::Deserialize; @@ -20,8 +22,8 @@ pub fn init(rt: &mut deno_core::JsRuntime) { #[derive(Deserialize)] struct PermissionArgs { name: String, - url: Option<String>, path: Option<String>, + host: Option<String>, } pub fn op_query_permission( @@ -35,7 +37,13 @@ pub fn op_query_permission( let perm = match args.name.as_ref() { "read" => permissions.query_read(&path.as_deref().map(Path::new)), "write" => permissions.query_write(&path.as_deref().map(Path::new)), - "net" => permissions.query_net_url(&args.url.as_deref())?, + "net" => permissions.query_net( + &match args.host.as_deref() { + None => None, + Some(h) => Some(parse_host(h)?), + } + .as_ref(), + ), "env" => permissions.query_env(), "run" => permissions.query_run(), "plugin" => permissions.query_plugin(), @@ -61,7 +69,13 @@ pub fn op_revoke_permission( let perm = match args.name.as_ref() { "read" => permissions.revoke_read(&path.as_deref().map(Path::new)), "write" => permissions.revoke_write(&path.as_deref().map(Path::new)), - "net" => permissions.revoke_net(&args.url.as_deref())?, + "net" => permissions.revoke_net( + &match args.host.as_deref() { + None => None, + Some(h) => Some(parse_host(h)?), + } + .as_ref(), + ), "env" => permissions.revoke_env(), "run" => permissions.revoke_run(), "plugin" => permissions.revoke_plugin(), @@ -87,7 +101,13 @@ pub fn op_request_permission( let perm = match args.name.as_ref() { "read" => permissions.request_read(&path.as_deref().map(Path::new)), "write" => permissions.request_write(&path.as_deref().map(Path::new)), - "net" => permissions.request_net(&args.url.as_deref())?, + "net" => permissions.request_net( + &match args.host.as_deref() { + None => None, + Some(h) => Some(parse_host(h)?), + } + .as_ref(), + ), "env" => permissions.request_env(), "run" => permissions.request_run(), "plugin" => permissions.request_plugin(), @@ -101,3 +121,13 @@ pub fn op_request_permission( }; Ok(json!({ "state": perm.to_string() })) } + +fn parse_host(host_str: &str) -> Result<(String, Option<u16>), AnyError> { + let url = url::Url::parse(&format!("http://{}/", host_str)) + .map_err(|_| uri_error("Invalid host"))?; + if url.path() != "/" { + return Err(uri_error("Invalid host")); + } + let hostname = url.host_str().unwrap(); + Ok((hostname.to_string(), url.port())) +} |