From 22e0ee92a6618db0168b9dfce6c598b6df207a4c Mon Sep 17 00:00:00 2001 From: Nayeem Rahman Date: Wed, 30 Dec 2020 22:35:28 +0000 Subject: BREAKING(unstable): Use hosts for net allowlists (#8845) Allowlist checking already uses hosts but for some reason requests, revokes and the runtime permissions API use URLs. - BREAKING(lib.deno.unstable.d.ts): Change NetPermissionDescriptor::url to NetPermissionDescriptor::host - fix(runtime/permissions): Don't add whole URLs to the allowlist on request - fix(runtime/permissions): Harden strength semantics: ({ name: "net", host: "127.0.0.1" } is stronger than { name: "net", host: "127.0.0.1:8000" }) for blocklisting - refactor(runtime/permissions): Use tuples for hosts, make the host optional in Permissions::{query_net, request_net, revoke_net}() --- cli/dts/lib.deno.unstable.d.ts | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) (limited to 'cli/dts/lib.deno.unstable.d.ts') diff --git a/cli/dts/lib.deno.unstable.d.ts b/cli/dts/lib.deno.unstable.d.ts index 3b9754387..b3933762e 100644 --- a/cli/dts/lib.deno.unstable.d.ts +++ b/cli/dts/lib.deno.unstable.d.ts @@ -1085,13 +1085,12 @@ declare namespace Deno { export interface NetPermissionDescriptor { name: "net"; - /** Optional url associated with this descriptor. + /** Optional host string of the form `"[:]"`. Examples: * - * If specified: must be a valid url. Expected format: ://[:port][/path] - * If the scheme is unknown, callers should specify some scheme, such as x:// na:// unknown:// - * - * See: https://www.iana.org/assignments/uri-schemes/uri-schemes.xhtml */ - url?: string; + * "github.com" + * "deno.land:8080" + */ + host?: string; } export interface EnvPermissionDescriptor { -- cgit v1.2.3