mirror of
https://github.com/denoland/deno.git
synced 2024-11-21 15:04:11 -05:00
feat(repl): add --unsafe-ignore-certificate-errors flag (#13045)
This commit is contained in:
VishnuJin
GitHub
parent
0f0dd5b7ec
commit
2bdb528eb8
1 changed files with 91 additions and 22 deletions
113
cli/flags.rs
113
cli/flags.rs
|
|
@ -1171,6 +1171,7 @@ fn repl_subcommand<'a, 'b>() -> App<'a, 'b> {
|
|||
.takes_value(true)
|
||||
.value_name("code"),
|
||||
)
|
||||
.arg(unsafely_ignore_ceritifcate_errors_arg())
|
||||
}
|
||||
|
||||
fn run_subcommand<'a, 'b>() -> App<'a, 'b> {
|
||||
|
|
@ -1426,17 +1427,7 @@ fn permission_args<'a, 'b>(app: App<'a, 'b>) -> App<'a, 'b> {
|
|||
.help("Allow network access")
|
||||
.validator(crate::flags_allow_net::validator),
|
||||
)
|
||||
.arg(
|
||||
Arg::with_name("unsafely-ignore-certificate-errors")
|
||||
.long("unsafely-ignore-certificate-errors")
|
||||
.min_values(0)
|
||||
.takes_value(true)
|
||||
.use_delimiter(true)
|
||||
.require_equals(true)
|
||||
.value_name("HOSTNAMES")
|
||||
.help("DANGER: Disables verification of TLS certificates")
|
||||
.validator(crate::flags_allow_net::validator),
|
||||
)
|
||||
.arg(unsafely_ignore_ceritifcate_errors_arg())
|
||||
.arg(
|
||||
Arg::with_name("allow-env")
|
||||
.long("allow-env")
|
||||
|
|
@ -1728,6 +1719,18 @@ fn no_remote_arg<'a, 'b>() -> Arg<'a, 'b> {
|
|||
.help("Do not resolve remote modules")
|
||||
}
|
||||
|
||||
fn unsafely_ignore_ceritifcate_errors_arg<'a, 'b>() -> Arg<'a, 'b> {
|
||||
Arg::with_name("unsafely-ignore-certificate-errors")
|
||||
.long("unsafely-ignore-certificate-errors")
|
||||
.min_values(0)
|
||||
.takes_value(true)
|
||||
.use_delimiter(true)
|
||||
.require_equals(true)
|
||||
.value_name("HOSTNAMES")
|
||||
.help("DANGER: Disables verification of TLS certificates")
|
||||
.validator(crate::flags_allow_net::validator)
|
||||
}
|
||||
|
||||
fn bundle_parse(flags: &mut Flags, matches: &clap::ArgMatches) {
|
||||
compile_args_parse(flags, matches);
|
||||
|
||||
|
|
@ -2029,6 +2032,7 @@ fn lint_parse(flags: &mut Flags, matches: &clap::ArgMatches) {
|
|||
|
||||
fn repl_parse(flags: &mut Flags, matches: &clap::ArgMatches) {
|
||||
runtime_args_parse(flags, matches, false, true);
|
||||
unsafely_ignore_ceritifcate_errors_parse(flags, matches);
|
||||
flags.repl = true;
|
||||
flags.subcommand = DenoSubcommand::Repl(ReplFlags {
|
||||
eval: matches.value_of("eval").map(ToOwned::to_owned),
|
||||
|
|
@ -2184,6 +2188,7 @@ fn compile_args_parse(flags: &mut Flags, matches: &clap::ArgMatches) {
|
|||
}
|
||||
|
||||
fn permission_args_parse(flags: &mut Flags, matches: &clap::ArgMatches) {
|
||||
unsafely_ignore_ceritifcate_errors_parse(flags, matches);
|
||||
if let Some(read_wl) = matches.values_of("allow-read") {
|
||||
let read_allowlist: Vec<PathBuf> = read_wl.map(PathBuf::from).collect();
|
||||
flags.allow_read = Some(read_allowlist);
|
||||
|
|
@ -2201,13 +2206,6 @@ fn permission_args_parse(flags: &mut Flags, matches: &clap::ArgMatches) {
|
|||
flags.allow_net = Some(net_allowlist);
|
||||
}
|
||||
|
||||
if let Some(ic_wl) = matches.values_of("unsafely-ignore-certificate-errors") {
|
||||
let ic_allowlist: Vec<String> =
|
||||
crate::flags_allow_net::parse(ic_wl.map(ToString::to_string).collect())
|
||||
.unwrap();
|
||||
flags.unsafely_ignore_certificate_errors = Some(ic_allowlist);
|
||||
}
|
||||
|
||||
if let Some(env_wl) = matches.values_of("allow-env") {
|
||||
let env_allowlist: Vec<String> = env_wl
|
||||
.map(|env: &str| {
|
||||
|
|
@ -2250,7 +2248,17 @@ fn permission_args_parse(flags: &mut Flags, matches: &clap::ArgMatches) {
|
|||
flags.prompt = true;
|
||||
}
|
||||
}
|
||||
|
||||
fn unsafely_ignore_ceritifcate_errors_parse(
|
||||
flags: &mut Flags,
|
||||
matches: &clap::ArgMatches,
|
||||
) {
|
||||
if let Some(ic_wl) = matches.values_of("unsafely-ignore-certificate-errors") {
|
||||
let ic_allowlist: Vec<String> =
|
||||
crate::flags_allow_net::parse(ic_wl.map(ToString::to_string).collect())
|
||||
.unwrap();
|
||||
flags.unsafely_ignore_certificate_errors = Some(ic_allowlist);
|
||||
}
|
||||
}
|
||||
fn runtime_args_parse(
|
||||
flags: &mut Flags,
|
||||
matches: &clap::ArgMatches,
|
||||
|
|
@ -3242,7 +3250,7 @@ mod tests {
|
|||
#[test]
|
||||
fn repl_with_flags() {
|
||||
#[rustfmt::skip]
|
||||
let r = flags_from_vec(svec!["deno", "repl", "--import-map", "import_map.json", "--no-remote", "--config", "tsconfig.json", "--no-check", "--reload", "--lock", "lock.json", "--lock-write", "--cert", "example.crt", "--cached-only", "--location", "https:foo", "--v8-flags=--help", "--seed", "1", "--inspect=127.0.0.1:9229"]);
|
||||
let r = flags_from_vec(svec!["deno", "repl", "--import-map", "import_map.json", "--no-remote", "--config", "tsconfig.json", "--no-check", "--reload", "--lock", "lock.json", "--lock-write", "--cert", "example.crt", "--cached-only", "--location", "https:foo", "--v8-flags=--help", "--seed", "1", "--inspect=127.0.0.1:9229", "--unsafely-ignore-certificate-errors"]);
|
||||
assert_eq!(
|
||||
r.unwrap(),
|
||||
Flags {
|
||||
|
|
@ -3268,6 +3276,7 @@ mod tests {
|
|||
allow_write: Some(vec![]),
|
||||
allow_ffi: Some(vec![]),
|
||||
allow_hrtime: true,
|
||||
unsafely_ignore_certificate_errors: Some(vec![]),
|
||||
..Flags::default()
|
||||
}
|
||||
);
|
||||
|
|
@ -3891,7 +3900,36 @@ mod tests {
|
|||
}
|
||||
|
||||
#[test]
|
||||
fn unsafely_ignore_certificate_errors() {
|
||||
fn repl_with_unsafely_ignore_certificate_errors() {
|
||||
let r = flags_from_vec(svec![
|
||||
"deno",
|
||||
"repl",
|
||||
"--eval",
|
||||
"console.log('hello');",
|
||||
"--unsafely-ignore-certificate-errors"
|
||||
]);
|
||||
assert_eq!(
|
||||
r.unwrap(),
|
||||
Flags {
|
||||
repl: true,
|
||||
subcommand: DenoSubcommand::Repl(ReplFlags {
|
||||
eval: Some("console.log('hello');".to_string()),
|
||||
}),
|
||||
unsafely_ignore_certificate_errors: Some(vec![]),
|
||||
allow_net: Some(vec![]),
|
||||
allow_env: Some(vec![]),
|
||||
allow_run: Some(vec![]),
|
||||
allow_read: Some(vec![]),
|
||||
allow_write: Some(vec![]),
|
||||
allow_ffi: Some(vec![]),
|
||||
allow_hrtime: true,
|
||||
..Flags::default()
|
||||
}
|
||||
);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn run_with_unsafely_ignore_certificate_errors() {
|
||||
let r = flags_from_vec(svec![
|
||||
"deno",
|
||||
"run",
|
||||
|
|
@ -3911,7 +3949,7 @@ mod tests {
|
|||
}
|
||||
|
||||
#[test]
|
||||
fn unsafely_treat_insecure_origin_as_secure_with_ipv6_address() {
|
||||
fn run_with_unsafely_treat_insecure_origin_as_secure_with_ipv6_address() {
|
||||
let r = flags_from_vec(svec![
|
||||
"deno",
|
||||
"run",
|
||||
|
|
@ -3937,6 +3975,37 @@ mod tests {
|
|||
);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn repl_with_unsafely_treat_insecure_origin_as_secure_with_ipv6_address() {
|
||||
let r = flags_from_vec(svec![
|
||||
"deno",
|
||||
"repl",
|
||||
"--unsafely-ignore-certificate-errors=deno.land,localhost,::,127.0.0.1,[::1],1.2.3.4"]);
|
||||
assert_eq!(
|
||||
r.unwrap(),
|
||||
Flags {
|
||||
repl: true,
|
||||
subcommand: DenoSubcommand::Repl(ReplFlags { eval: None }),
|
||||
unsafely_ignore_certificate_errors: Some(svec![
|
||||
"deno.land",
|
||||
"localhost",
|
||||
"::",
|
||||
"127.0.0.1",
|
||||
"[::1]",
|
||||
"1.2.3.4"
|
||||
]),
|
||||
allow_net: Some(vec![]),
|
||||
allow_env: Some(vec![]),
|
||||
allow_run: Some(vec![]),
|
||||
allow_read: Some(vec![]),
|
||||
allow_write: Some(vec![]),
|
||||
allow_ffi: Some(vec![]),
|
||||
allow_hrtime: true,
|
||||
..Flags::default()
|
||||
}
|
||||
);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn no_remote() {
|
||||
let r = flags_from_vec(svec!["deno", "run", "--no-remote", "script.ts"]);
|
||||
|
|
|
|||
Loading…
Reference in a new issue