diff options
| -rw-r--r-- | cli/file_fetcher.rs | 4 | ||||
| -rw-r--r-- | cli/flags.rs | 41 | ||||
| -rw-r--r-- | cli/main.rs | 8 | ||||
| -rw-r--r-- | cli/program_state.rs | 8 | ||||
| -rw-r--r-- | cli/standalone.rs | 6 | ||||
| -rw-r--r-- | cli/tests/cafile_ts_fetch_unsafe_ssl.ts.out | 2 | ||||
| -rw-r--r-- | cli/tests/cafile_url_imports_unsafe_ssl.ts.out | 2 | ||||
| -rw-r--r-- | cli/tests/integration/mod.rs | 4 | ||||
| -rw-r--r-- | cli/tools/standalone.rs | 8 | ||||
| -rw-r--r-- | extensions/fetch/lib.rs | 12 | ||||
| -rw-r--r-- | extensions/net/lib.rs | 10 | ||||
| -rw-r--r-- | extensions/net/ops_tls.rs | 8 | ||||
| -rw-r--r-- | extensions/tls/lib.rs | 8 | ||||
| -rw-r--r-- | extensions/websocket/lib.rs | 16 | ||||
| -rw-r--r-- | runtime/examples/hello_runtime.rs | 2 | ||||
| -rw-r--r-- | runtime/web_worker.rs | 8 | ||||
| -rw-r--r-- | runtime/worker.rs | 10 |
17 files changed, 78 insertions, 79 deletions
diff --git a/cli/file_fetcher.rs b/cli/file_fetcher.rs index e61c3beb9..7029b9620 100644 --- a/cli/file_fetcher.rs +++ b/cli/file_fetcher.rs @@ -223,7 +223,7 @@ impl FileFetcher { allow_remote: bool, root_cert_store: Option<RootCertStore>, blob_store: BlobStore, - unsafely_treat_insecure_origin_as_secure: Option<Vec<String>>, + unsafely_ignore_certificate_errors: Option<Vec<String>>, ) -> Result<Self, AnyError> { Ok(Self { auth_tokens: AuthTokens::new(env::var(DENO_AUTH_TOKENS).ok()), @@ -236,7 +236,7 @@ impl FileFetcher { root_cert_store, None, None, - unsafely_treat_insecure_origin_as_secure, + unsafely_ignore_certificate_errors, )?, blob_store, }) diff --git a/cli/flags.rs b/cli/flags.rs index 36b326c0b..0b060ce37 100644 --- a/cli/flags.rs +++ b/cli/flags.rs @@ -164,7 +164,7 @@ pub struct Flags { pub repl: bool, pub seed: Option<u64>, pub unstable: bool, - pub unsafely_treat_insecure_origin_as_secure: Option<Vec<String>>, + pub unsafely_ignore_certificate_errors: Option<Vec<String>>, pub v8_flags: Vec<String>, pub version: bool, pub watch: bool, @@ -217,13 +217,13 @@ impl Flags { _ => {} } - match &self.unsafely_treat_insecure_origin_as_secure { + match &self.unsafely_ignore_certificate_errors { Some(ic_allowlist) if ic_allowlist.is_empty() => { - args.push("--unsafely-treat-insecure-origin-as-secure".to_string()); + args.push("--unsafely-ignore_certificate_errors".to_string()); } Some(ic_allowlist) => { let s = format!( - "--unsafely-treat-insecure-origin-as-secure={}", + "--unsafely-ignore_certificate_errors={}", ic_allowlist.join(",") ); args.push(s); @@ -1237,13 +1237,14 @@ fn permission_args<'a, 'b>(app: App<'a, 'b>) -> App<'a, 'b> { .validator(crate::flags_allow_net::validator), ) .arg( - Arg::with_name("unsafely-treat-insecure-origin-as-secure") - .long("unsafely-treat-insecure-origin-as-secure") + Arg::with_name("unsafely-ignore-certificate-errors") + .long("unsafely-ignore-certificate-errors") .min_values(0) .takes_value(true) .use_delimiter(true) .require_equals(true) - .help("DANGER: Disables verification of SSL certificates") + .value_name("HOSTNAMES") + .help("DANGER: Disables verification of TLS certificates") .validator(crate::flags_allow_net::validator), ) .arg( @@ -1906,13 +1907,11 @@ fn permission_args_parse(flags: &mut Flags, matches: &clap::ArgMatches) { flags.allow_net = Some(net_allowlist); } - if let Some(ic_wl) = - matches.values_of("unsafely-treat-insecure-origin-as-secure") - { + if let Some(ic_wl) = matches.values_of("unsafely-ignore-certificate-errors") { let ic_allowlist: Vec<String> = crate::flags_allow_net::parse(ic_wl.map(ToString::to_string).collect()) .unwrap(); - flags.unsafely_treat_insecure_origin_as_secure = Some(ic_allowlist); + flags.unsafely_ignore_certificate_errors = Some(ic_allowlist); } if let Some(env_wl) = matches.values_of("allow-env") { @@ -2756,7 +2755,7 @@ mod tests { repl: true, subcommand: DenoSubcommand::Repl { eval: None }, allow_net: Some(vec![]), - unsafely_treat_insecure_origin_as_secure: None, + unsafely_ignore_certificate_errors: None, allow_env: Some(vec![]), allow_run: Some(vec![]), allow_read: Some(vec![]), @@ -3232,7 +3231,7 @@ mod tests { #[test] fn install_with_flags() { #[rustfmt::skip] - let r = flags_from_vec(svec!["deno", "install", "--import-map", "import_map.json", "--no-remote", "--config", "tsconfig.json", "--no-check", "--unsafely-treat-insecure-origin-as-secure", "--reload", "--lock", "lock.json", "--lock-write", "--cert", "example.crt", "--cached-only", "--allow-read", "--allow-net", "--v8-flags=--help", "--seed", "1", "--inspect=127.0.0.1:9229", "--name", "file_server", "--root", "/foo", "--force", "https://deno.land/std/http/file_server.ts", "foo", "bar"]); + let r = flags_from_vec(svec!["deno", "install", "--import-map", "import_map.json", "--no-remote", "--config", "tsconfig.json", "--no-check", "--unsafely-ignore-certificate-errors", "--reload", "--lock", "lock.json", "--lock-write", "--cert", "example.crt", "--cached-only", "--allow-read", "--allow-net", "--v8-flags=--help", "--seed", "1", "--inspect=127.0.0.1:9229", "--name", "file_server", "--root", "/foo", "--force", "https://deno.land/std/http/file_server.ts", "foo", "bar"]); assert_eq!( r.unwrap(), Flags { @@ -3256,7 +3255,7 @@ mod tests { seed: Some(1), inspect: Some("127.0.0.1:9229".parse().unwrap()), allow_net: Some(vec![]), - unsafely_treat_insecure_origin_as_secure: Some(vec![]), + unsafely_ignore_certificate_errors: Some(vec![]), allow_read: Some(vec![]), ..Flags::default() } @@ -3402,11 +3401,11 @@ mod tests { } #[test] - fn unsafely_treat_insecure_origin_as_secure() { + fn unsafely_ignore_certificate_errors() { let r = flags_from_vec(svec![ "deno", "run", - "--unsafely-treat-insecure-origin-as-secure", + "--unsafely-ignore-certificate-errors", "script.ts" ]); assert_eq!( @@ -3415,7 +3414,7 @@ mod tests { subcommand: DenoSubcommand::Run { script: "script.ts".to_string(), }, - unsafely_treat_insecure_origin_as_secure: Some(vec![]), + unsafely_ignore_certificate_errors: Some(vec![]), ..Flags::default() } ); @@ -3426,7 +3425,7 @@ mod tests { let r = flags_from_vec(svec![ "deno", "run", - "--unsafely-treat-insecure-origin-as-secure=deno.land,localhost,::,127.0.0.1,[::1],1.2.3.4", + "--unsafely-ignore-certificate-errors=deno.land,localhost,::,127.0.0.1,[::1],1.2.3.4", "script.ts" ]); assert_eq!( @@ -3435,7 +3434,7 @@ mod tests { subcommand: DenoSubcommand::Run { script: "script.ts".to_string(), }, - unsafely_treat_insecure_origin_as_secure: Some(svec![ + unsafely_ignore_certificate_errors: Some(svec![ "deno.land", "localhost", "::", @@ -3927,7 +3926,7 @@ mod tests { #[test] fn compile_with_flags() { #[rustfmt::skip] - let r = flags_from_vec(svec!["deno", "compile", "--import-map", "import_map.json", "--no-remote", "--config", "tsconfig.json", "--no-check", "--unsafely-treat-insecure-origin-as-secure", "--reload", "--lock", "lock.json", "--lock-write", "--cert", "example.crt", "--cached-only", "--location", "https:foo", "--allow-read", "--allow-net", "--v8-flags=--help", "--seed", "1", "--output", "colors", "https://deno.land/std/examples/colors.ts", "foo", "bar"]); + let r = flags_from_vec(svec!["deno", "compile", "--import-map", "import_map.json", "--no-remote", "--config", "tsconfig.json", "--no-check", "--unsafely-ignore-certificate-errors", "--reload", "--lock", "lock.json", "--lock-write", "--cert", "example.crt", "--cached-only", "--location", "https:foo", "--allow-read", "--allow-net", "--v8-flags=--help", "--seed", "1", "--output", "colors", "https://deno.land/std/examples/colors.ts", "foo", "bar"]); assert_eq!( r.unwrap(), Flags { @@ -3948,7 +3947,7 @@ mod tests { cached_only: true, location: Some(Url::parse("https://foo/").unwrap()), allow_read: Some(vec![]), - unsafely_treat_insecure_origin_as_secure: Some(vec![]), + unsafely_ignore_certificate_errors: Some(vec![]), allow_net: Some(vec![]), v8_flags: svec!["--help", "--random-seed=1"], seed: Some(1), diff --git a/cli/main.rs b/cli/main.rs index 93b3d5021..da40e4528 100644 --- a/cli/main.rs +++ b/cli/main.rs @@ -109,9 +109,9 @@ fn create_web_worker_callback( .log_level .map_or(false, |l| l == log::Level::Debug), unstable: program_state.flags.unstable, - unsafely_treat_insecure_origin_as_secure: program_state + unsafely_ignore_certificate_errors: program_state .flags - .unsafely_treat_insecure_origin_as_secure + .unsafely_ignore_certificate_errors .clone(), root_cert_store: program_state.root_cert_store.clone(), user_agent: version::get_user_agent(), @@ -193,9 +193,9 @@ pub fn create_main_worker( .log_level .map_or(false, |l| l == log::Level::Debug), unstable: program_state.flags.unstable, - unsafely_treat_insecure_origin_as_secure: program_state + unsafely_ignore_certificate_errors: program_state .flags - .unsafely_treat_insecure_origin_as_secure + .unsafely_ignore_certificate_errors .clone(), root_cert_store: program_state.root_cert_store.clone(), user_agent: version::get_user_agent(), diff --git a/cli/program_state.rs b/cli/program_state.rs index 721ccda9c..0ec233b88 100644 --- a/cli/program_state.rs +++ b/cli/program_state.rs @@ -119,15 +119,15 @@ impl ProgramState { } if let Some(insecure_allowlist) = - flags.unsafely_treat_insecure_origin_as_secure.as_ref() + flags.unsafely_ignore_certificate_errors.as_ref() { let domains = if insecure_allowlist.is_empty() { - "for all domains".to_string() + "for all hostnames".to_string() } else { format!("for: {}", insecure_allowlist.join(", ")) }; let msg = format!( - "DANGER: SSL ceritificate validation is disabled {}", + "DANGER: TLS ceritificate validation is disabled {}", domains ); eprintln!("{}", colors::yellow(msg)); @@ -153,7 +153,7 @@ impl ProgramState { !flags.no_remote, Some(root_cert_store.clone()), blob_store.clone(), - flags.unsafely_treat_insecure_origin_as_secure.clone(), + flags.unsafely_ignore_certificate_errors.clone(), )?; let lockfile = if let Some(filename) = &flags.lock { diff --git a/cli/standalone.rs b/cli/standalone.rs index ded3c88e8..013e2e60f 100644 --- a/cli/standalone.rs +++ b/cli/standalone.rs @@ -57,7 +57,7 @@ pub struct Metadata { pub log_level: Option<Level>, pub ca_stores: Option<Vec<String>>, pub ca_data: Option<Vec<u8>>, - pub unsafely_treat_insecure_origin_as_secure: Option<Vec<String>>, + pub unsafely_ignore_certificate_errors: Option<Vec<String>>, } pub const MAGIC_TRAILER: &[u8; 8] = b"d3n0l4nd"; @@ -253,8 +253,8 @@ pub async fn run( debug_flag: metadata.log_level.map_or(false, |l| l == log::Level::Debug), user_agent: version::get_user_agent(), unstable: metadata.unstable, - unsafely_treat_insecure_origin_as_secure: metadata - .unsafely_treat_insecure_origin_as_secure, + unsafely_ignore_certificate_errors: metadata + .unsafely_ignore_certificate_errors, root_cert_store: Some(root_cert_store), seed: metadata.seed, js_error_create_fn: None, diff --git a/cli/tests/cafile_ts_fetch_unsafe_ssl.ts.out b/cli/tests/cafile_ts_fetch_unsafe_ssl.ts.out index f0b63833a..66b3258ee 100644 --- a/cli/tests/cafile_ts_fetch_unsafe_ssl.ts.out +++ b/cli/tests/cafile_ts_fetch_unsafe_ssl.ts.out @@ -1,2 +1,2 @@ -DANGER: SSL ceritificate validation is disabled for all domains +DANGER: TLS ceritificate validation is disabled for all hostnames Hello diff --git a/cli/tests/cafile_url_imports_unsafe_ssl.ts.out b/cli/tests/cafile_url_imports_unsafe_ssl.ts.out index 3f6a0c07f..2a3df0ea4 100644 --- a/cli/tests/cafile_url_imports_unsafe_ssl.ts.out +++ b/cli/tests/cafile_url_imports_unsafe_ssl.ts.out @@ -1,3 +1,3 @@ -DANGER: SSL ceritificate validation is disabled for: localhost +DANGER: TLS ceritificate validation is disabled for: localhost Hello success diff --git a/cli/tests/integration/mod.rs b/cli/tests/integration/mod.rs index 76bda70a7..392101e54 100644 --- a/cli/tests/integration/mod.rs +++ b/cli/tests/integration/mod.rs @@ -475,14 +475,14 @@ fn broken_stdout() { // }); itest!(cafile_url_imports_unsafe_ssl { - args: "run --quiet --reload --unsafely-treat-insecure-origin-as-secure=localhost cafile_url_imports.ts", + args: "run --quiet --reload --unsafely-ignore-certificate-errors=localhost cafile_url_imports.ts", output: "cafile_url_imports_unsafe_ssl.ts.out", http_server: true, }); itest!(cafile_ts_fetch_unsafe_ssl { args: - "run --quiet --reload --allow-net --unsafely-treat-insecure-origin-as-secure cafile_ts_fetch.ts", + "run --quiet --reload --allow-net --unsafely-ignore-certificate-errors cafile_ts_fetch.ts", output: "cafile_ts_fetch_unsafe_ssl.ts.out", http_server: true, }); diff --git a/cli/tools/standalone.rs b/cli/tools/standalone.rs index 2eaf50161..18d887588 100644 --- a/cli/tools/standalone.rs +++ b/cli/tools/standalone.rs @@ -99,8 +99,8 @@ pub fn create_standalone_binary( location: flags.location.clone(), permissions: flags.clone().into(), v8_flags: flags.v8_flags.clone(), - unsafely_treat_insecure_origin_as_secure: flags - .unsafely_treat_insecure_origin_as_secure + unsafely_ignore_certificate_errors: flags + .unsafely_ignore_certificate_errors .clone(), log_level: flags.log_level, ca_stores: flags.ca_stores, @@ -226,8 +226,8 @@ pub fn compile_to_runtime_flags( lock: None, log_level: flags.log_level, no_check: false, - unsafely_treat_insecure_origin_as_secure: flags - .unsafely_treat_insecure_origin_as_secure, + unsafely_ignore_certificate_errors: flags + .unsafely_ignore_certificate_errors, no_remote: false, prompt: flags.prompt, reload: false, diff --git a/extensions/fetch/lib.rs b/extensions/fetch/lib.rs index cc5954b74..d9e016b0d 100644 --- a/extensions/fetch/lib.rs +++ b/extensions/fetch/lib.rs @@ -60,7 +60,7 @@ pub fn init<P: FetchPermissions + 'static>( root_cert_store: Option<RootCertStore>, proxy: Option<Proxy>, request_builder_hook: Option<fn(RequestBuilder) -> RequestBuilder>, - unsafely_treat_insecure_origin_as_secure: Option<Vec<String>>, + unsafely_ignore_certificate_errors: Option<Vec<String>>, ) -> Extension { Extension::builder() .js(include_js_files!( @@ -88,7 +88,7 @@ pub fn init<P: FetchPermissions + 'static>( root_cert_store.clone(), None, proxy.clone(), - unsafely_treat_insecure_origin_as_secure.clone(), + unsafely_ignore_certificate_errors.clone(), ) .unwrap() }); @@ -97,8 +97,8 @@ pub fn init<P: FetchPermissions + 'static>( root_cert_store: root_cert_store.clone(), proxy: proxy.clone(), request_builder_hook, - unsafely_treat_insecure_origin_as_secure: - unsafely_treat_insecure_origin_as_secure.clone(), + unsafely_ignore_certificate_errors: unsafely_ignore_certificate_errors + .clone(), }); Ok(()) }) @@ -110,7 +110,7 @@ pub struct HttpClientDefaults { pub root_cert_store: Option<RootCertStore>, pub proxy: Option<Proxy>, pub request_builder_hook: Option<fn(RequestBuilder) -> RequestBuilder>, - pub unsafely_treat_insecure_origin_as_secure: Option<Vec<String>>, + pub unsafely_ignore_certificate_errors: Option<Vec<String>>, } pub trait FetchPermissions { @@ -543,7 +543,7 @@ where defaults.root_cert_store.clone(), cert_data, args.proxy, - defaults.unsafely_treat_insecure_origin_as_secure.clone(), + defaults.unsafely_ignore_certificate_errors.clone(), ) .unwrap(); diff --git a/extensions/net/lib.rs b/extensions/net/lib.rs index f68034517..fe10abf5f 100644 --- a/extensions/net/lib.rs +++ b/extensions/net/lib.rs @@ -94,16 +94,16 @@ pub struct DefaultTlsOptions { pub root_cert_store: Option<RootCertStore>, } -/// `UnsafelyTreatInsecureOriginAsSecure` is a wrapper struct so it can be placed inside `GothamState`; +/// `UnsafelyIgnoreCertificateErrors` is a wrapper struct so it can be placed inside `GothamState`; /// using type alias for a `Option<Vec<String>>` could work, but there's a high chance /// that there might be another type alias pointing to a `Option<Vec<String>>`, which /// would override previously used alias. -pub struct UnsafelyTreatInsecureOriginAsSecure(Option<Vec<String>>); +pub struct UnsafelyIgnoreCertificateErrors(Option<Vec<String>>); pub fn init<P: NetPermissions + 'static>( root_cert_store: Option<RootCertStore>, unstable: bool, - unsafely_treat_insecure_origin_as_secure: Option<Vec<String>>, + unsafely_ignore_certificate_errors: Option<Vec<String>>, ) -> Extension { let mut ops_to_register = vec![]; ops_to_register.extend(io::init()); @@ -122,8 +122,8 @@ pub fn init<P: NetPermissions + 'static>( root_cert_store: root_cert_store.clone(), }); state.put(UnstableChecker { unstable }); - state.put(UnsafelyTreatInsecureOriginAsSecure( - unsafely_treat_insecure_origin_as_secure.clone(), + state.put(UnsafelyIgnoreCertificateErrors( + unsafely_ignore_certificate_errors.clone(), )); Ok(()) }) diff --git a/extensions/net/ops_tls.rs b/extensions/net/ops_tls.rs index 6c26ed748..91fad6706 100644 --- a/extensions/net/ops_tls.rs +++ b/extensions/net/ops_tls.rs @@ -9,7 +9,7 @@ use crate::resolve_addr::resolve_addr; use crate::resolve_addr::resolve_addr_sync; use crate::DefaultTlsOptions; use crate::NetPermissions; -use crate::UnsafelyTreatInsecureOriginAsSecure; +use crate::UnsafelyIgnoreCertificateErrors; use deno_core::error::bad_resource; use deno_core::error::bad_resource_id; use deno_core::error::custom_error; @@ -761,9 +761,9 @@ where }; let port = args.port; let cert_file = args.cert_file.as_deref(); - let unsafely_treat_insecure_origin_as_secure = state + let unsafely_ignore_certificate_errors = state .borrow() - .borrow::<UnsafelyTreatInsecureOriginAsSecure>() + .borrow::<UnsafelyIgnoreCertificateErrors>() .0 .clone(); @@ -810,7 +810,7 @@ where let mut tls_config = create_client_config( root_cert_store, ca_data, - unsafely_treat_insecure_origin_as_secure, + unsafely_ignore_certificate_errors, )?; if args.cert_chain.is_some() || args.private_key.is_some() { diff --git a/extensions/tls/lib.rs b/extensions/tls/lib.rs index 2a15b4e75..932f5ba4c 100644 --- a/extensions/tls/lib.rs +++ b/extensions/tls/lib.rs @@ -125,7 +125,7 @@ pub fn create_default_root_cert_store() -> RootCertStore { pub fn create_client_config( root_cert_store: Option<RootCertStore>, ca_data: Option<Vec<u8>>, - unsafely_treat_insecure_origin_as_secure: Option<Vec<String>>, + unsafely_ignore_certificate_errors: Option<Vec<String>>, ) -> Result<ClientConfig, AnyError> { let mut tls_config = ClientConfig::new(); tls_config.set_persistence(CLIENT_SESSION_MEMORY_CACHE.clone()); @@ -141,7 +141,7 @@ pub fn create_client_config( } } - if let Some(ic_allowlist) = unsafely_treat_insecure_origin_as_secure { + if let Some(ic_allowlist) = unsafely_ignore_certificate_errors { tls_config.dangerous().set_certificate_verifier(Arc::new( NoCertificateVerification(ic_allowlist), )); @@ -157,12 +157,12 @@ pub fn create_http_client( root_cert_store: Option<RootCertStore>, ca_data: Option<Vec<u8>>, proxy: Option<Proxy>, - unsafely_treat_insecure_origin_as_secure: Option<Vec<String>>, + unsafely_ignore_certificate_errors: Option<Vec<String>>, ) -> Result<Client, AnyError> { let tls_config = create_client_config( root_cert_store, ca_data, - unsafely_treat_insecure_origin_as_secure, + unsafely_ignore_certificate_errors, )?; let mut headers = HeaderMap::new(); headers.insert(USER_AGENT, user_agent.parse().unwrap()); diff --git a/extensions/websocket/lib.rs b/extensions/websocket/lib.rs index 97e970e85..69c6154b8 100644 --- a/extensions/websocket/lib.rs +++ b/extensions/websocket/lib.rs @@ -54,11 +54,11 @@ pub trait WebSocketPermissions { fn check_net_url(&mut self, _url: &url::Url) -> Result<(), AnyError>; } -/// `UnsafelyTreatInsecureOriginAsSecure` is a wrapper struct so it can be placed inside `GothamState`; +/// `UnsafelyIgnoreCertificateErrors` is a wrapper struct so it can be placed inside `GothamState`; /// using type alias for a `Option<Vec<String>>` could work, but there's a high chance /// that there might be another type alias pointing to a `Option<Vec<String>>`, which /// would override previously used alias. -pub struct UnsafelyTreatInsecureOriginAsSecure(Option<Vec<String>>); +pub struct UnsafelyIgnoreCertificateErrors(Option<Vec<String>>); /// For use with `op_websocket_*` when the user does not want permissions. pub struct NoWebSocketPermissions; @@ -223,9 +223,9 @@ where ); } - let unsafely_treat_insecure_origin_as_secure = state + let unsafely_ignore_certificate_errors = state .borrow() - .borrow::<UnsafelyTreatInsecureOriginAsSecure>() + .borrow::<UnsafelyIgnoreCertificateErrors>() .0 .clone(); let root_cert_store = state.borrow().borrow::<WsRootStore>().0.clone(); @@ -255,7 +255,7 @@ where let tls_config = create_client_config( root_cert_store, None, - unsafely_treat_insecure_origin_as_secure, + unsafely_ignore_certificate_errors, )?; let tls_connector = TlsConnector::from(Arc::new(tls_config)); let dnsname = DNSNameRef::try_from_ascii_str(domain) @@ -430,7 +430,7 @@ pub async fn op_ws_next_event( pub fn init<P: WebSocketPermissions + 'static>( user_agent: String, root_cert_store: Option<RootCertStore>, - unsafely_treat_insecure_origin_as_secure: Option<Vec<String>>, + unsafely_ignore_certificate_errors: Option<Vec<String>>, ) -> Extension { Extension::builder() .js(include_js_files!( @@ -450,8 +450,8 @@ pub fn init<P: WebSocketPermissions + 'static>( ]) .state(move |state| { state.put::<WsUserAgent>(WsUserAgent(user_agent.clone())); - state.put(UnsafelyTreatInsecureOriginAsSecure( - unsafely_treat_insecure_origin_as_secure.clone(), + state.put(UnsafelyIgnoreCertificateErrors( + unsafely_ignore_certificate_errors.clone(), )); state.put::<WsRootStore>(WsRootStore(root_cert_store.clone())); Ok(()) diff --git a/runtime/examples/hello_runtime.rs b/runtime/examples/hello_runtime.rs index e3a8b88b2..776dc23c3 100644 --- a/runtime/examples/hello_runtime.rs +++ b/runtime/examples/hello_runtime.rs @@ -27,7 +27,7 @@ async fn main() -> Result<(), AnyError> { args: vec![], debug_flag: false, unstable: false, - unsafely_treat_insecure_origin_as_secure: None, + unsafely_ignore_certificate_errors: None, root_cert_store: None, user_agent: "hello_runtime".to_string(), seed: None, diff --git a/runtime/web_worker.rs b/runtime/web_worker.rs index 1349c510a..495fedb81 100644 --- a/runtime/web_worker.rs +++ b/runtime/web_worker.rs @@ -253,7 +253,7 @@ pub struct WebWorkerOptions { pub args: Vec<String>, pub debug_flag: bool, pub unstable: bool, - pub unsafely_treat_insecure_origin_as_secure: Option<Vec<String>>, + pub unsafely_ignore_certificate_errors: Option<Vec<String>>, pub root_cert_store: Option<RootCertStore>, pub user_agent: String, pub seed: Option<u64>, @@ -305,12 +305,12 @@ impl WebWorker { options.root_cert_store.clone(), None, None, - options.unsafely_treat_insecure_origin_as_secure.clone(), + options.unsafely_ignore_certificate_errors.clone(), ), deno_websocket::init::<Permissions>( options.user_agent.clone(), options.root_cert_store.clone(), - options.unsafely_treat_insecure_origin_as_secure.clone(), + options.unsafely_ignore_certificate_errors.clone(), ), deno_broadcast_channel::init( options.broadcast_channel.clone(), @@ -344,7 +344,7 @@ impl WebWorker { deno_net::init::<Permissions>( options.root_cert_store.clone(), options.unstable, - options.unsafely_treat_insecure_origin_as_secure.clone(), + options.unsafely_ignore_certificate_errors.clone(), ), ops::os::init(), ops::permissions::init(), diff --git a/runtime/worker.rs b/runtime/worker.rs index f8b0edb64..8057e38f1 100644 --- a/runtime/worker.rs +++ b/runtime/worker.rs @@ -50,7 +50,7 @@ pub struct WorkerOptions { pub args: Vec<String>, pub debug_flag: bool, pub unstable: bool, - pub unsafely_treat_insecure_origin_as_secure: Option<Vec<String>>, + pub unsafely_ignore_certificate_errors: Option<Vec<String>>, pub root_cert_store: Option<RootCertStore>, pub user_agent: String, pub seed: Option<u64>, @@ -104,12 +104,12 @@ impl MainWorker { options.root_cert_store.clone(), None, None, - options.unsafely_treat_insecure_origin_as_secure.clone(), + options.unsafely_ignore_certificate_errors.clone(), ), deno_websocket::init::<Permissions>( options.user_agent.clone(), options.root_cert_store.clone(), - options.unsafely_treat_insecure_origin_as_secure.clone(), + options.unsafely_ignore_certificate_errors.clone(), ), deno_webstorage::init(options.origin_storage_dir.clone()), deno_crypto::init(options.seed), @@ -134,7 +134,7 @@ impl MainWorker { deno_net::init::<Permissions>( options.root_cert_store.clone(), options.unstable, - options.unsafely_treat_insecure_origin_as_secure.clone(), + options.unsafely_ignore_certificate_errors.clone(), ), ops::os::init(), ops::permissions::init(), @@ -304,7 +304,7 @@ mod tests { args: vec![], debug_flag: false, unstable: false, - unsafely_treat_insecure_origin_as_secure: None, + unsafely_ignore_certificate_errors: None, root_cert_store: None, seed: None, js_error_create_fn: None, |