From 0a96cb62a83f1d881ebc7fd93dee1796d20f17ff Mon Sep 17 00:00:00 2001 From: Colin Ihrig Date: Thu, 19 May 2022 17:45:09 -0400 Subject: fix(runtime): improve permission descriptor validation (#14676) This commit improves the permission descriptor validation by explicitly checking for object types and using optional chaining when creating error messages in case the descriptor is not an object. Fixes: https://github.com/denoland/deno/issues/14675 --- runtime/js/10_permissions.js | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) (limited to 'runtime/js') diff --git a/runtime/js/10_permissions.js b/runtime/js/10_permissions.js index 1a9be1f27..66c68bbf0 100644 --- a/runtime/js/10_permissions.js +++ b/runtime/js/10_permissions.js @@ -149,7 +149,7 @@ * @returns {desc is Deno.PermissionDescriptor} */ function isValidDescriptor(desc) { - return desc && desc !== null && + return typeof desc === "object" && desc !== null && ArrayPrototypeIncludes(permissionNames, desc.name); } @@ -164,7 +164,8 @@ if (!isValidDescriptor(desc)) { return PromiseReject( new TypeError( - `The provided value "${desc.name}" is not a valid permission name.`, + `The provided value "${desc + ?.name}" is not a valid permission name.`, ), ); } @@ -185,7 +186,8 @@ if (!isValidDescriptor(desc)) { return PromiseReject( new TypeError( - `The provided value "${desc.name}" is not a valid permission name.`, + `The provided value "${desc + ?.name}" is not a valid permission name.`, ), ); } @@ -204,7 +206,8 @@ if (!isValidDescriptor(desc)) { return PromiseReject( new TypeError( - `The provided value "${desc.name}" is not a valid permission name.`, + `The provided value "${desc + ?.name}" is not a valid permission name.`, ), ); } -- cgit v1.2.3