diff --git a/cli/js/lib.deno.unstable.d.ts b/cli/js/lib.deno.unstable.d.ts index f4a7b27868..da3c651438 100644 --- a/cli/js/lib.deno.unstable.d.ts +++ b/cli/js/lib.deno.unstable.d.ts @@ -992,6 +992,12 @@ declare namespace Deno { export interface NetPermissionDescriptor { name: "net"; + /** Optional url associated with this descriptor. + * + * If specified: must be a valid url. Expected format: ://[:port][/path] + * If the scheme is unknown, callers should specify some scheme, such as x:// na:// unknown:// + * + * See: https://www.iana.org/assignments/uri-schemes/uri-schemes.xhtml */ url?: string; } diff --git a/cli/permissions.rs b/cli/permissions.rs index 9fd2338c17..dd70b067b8 100644 --- a/cli/permissions.rs +++ b/cli/permissions.rs @@ -283,6 +283,14 @@ impl Permissions { let url: &str = url.unwrap(); // If url is invalid, then throw a TypeError. let parsed = Url::parse(url).map_err(OpError::from)?; + // The url may be parsed correctly but still lack a host, i.e. "localhost:235" or "mailto:someone@somewhere.com" or "file:/1.txt" + // Note that host:port combos are parsed as scheme:path + if parsed.host().is_none() { + return Err(OpError::uri_error( + "invalid url, expected format: ://[:port][/subpath]" + .to_owned(), + )); + } Ok( self.get_state_net(&format!("{}", parsed.host().unwrap()), parsed.port()), ) @@ -833,11 +841,35 @@ mod tests { ); let mut perms3 = Permissions::from_flags(&Flags { - net_allowlist: allowlist, + net_allowlist: allowlist.clone(), ..Default::default() }); set_prompt_result(true); assert!(perms3.request_net(&Some(":")).is_err()); + + let mut perms4 = Permissions::from_flags(&Flags { + net_allowlist: allowlist.clone(), + ..Default::default() + }); + set_prompt_result(false); + assert_eq!( + perms4 + .request_net(&Some("localhost:8080")) + .unwrap_err() + .kind, + crate::op_error::ErrorKind::URIError + ); + + let mut perms5 = Permissions::from_flags(&Flags { + net_allowlist: allowlist, + ..Default::default() + }); + set_prompt_result(false); + assert_eq!( + perms5.request_net(&Some("file:/1.txt")).unwrap_err().kind, + crate::op_error::ErrorKind::URIError + ); + drop(guard); }