From 22e0ee92a6618db0168b9dfce6c598b6df207a4c Mon Sep 17 00:00:00 2001
From: Nayeem Rahman <nayeemrmn99@gmail.com>
Date: Wed, 30 Dec 2020 22:35:28 +0000
Subject: BREAKING(unstable): Use hosts for net allowlists (#8845)

Allowlist checking already uses hosts but for some reason
requests, revokes and the runtime permissions API use URLs.

- BREAKING(lib.deno.unstable.d.ts): Change
NetPermissionDescriptor::url to NetPermissionDescriptor::host

- fix(runtime/permissions): Don't add whole URLs to the
allowlist on request

- fix(runtime/permissions): Harden strength semantics:
({ name: "net", host: "127.0.0.1" } is stronger than
{ name: "net", host: "127.0.0.1:8000" }) for blocklisting

- refactor(runtime/permissions): Use tuples for hosts, make
the host optional in Permissions::{query_net, request_net, revoke_net}()
---
 std/permissions/mod.ts | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'std')

diff --git a/std/permissions/mod.ts b/std/permissions/mod.ts
index 71c7e43ff..ebdeaf0db 100644
--- a/std/permissions/mod.ts
+++ b/std/permissions/mod.ts
@@ -14,8 +14,8 @@ function getPermissionString(descriptors: Deno.PermissionDescriptor[]): string {
                 ? `--allow-${pd.name}=${pd.path}`
                 : `--allow-${pd.name}`;
             case "net":
-              return pd.url
-                ? `--allow-${pd.name}=${pd.url}`
+              return pd.host
+                ? `--allow-${pd.name}=${pd.host}`
                 : `--allow-${pd.name}`;
             default:
               return `--allow-${pd.name}`;
-- 
cgit v1.2.3