mirror of
https://github.com/denoland/deno.git
synced 2024-11-29 16:30:56 -05:00
5504acea67
This replaces `--allow-net` for import permissions and makes the security sandbox stricter by also checking permissions for statically analyzable imports. By default, this has a value of `--allow-import=deno.land:443,jsr.io:443,esm.sh:443,raw.githubusercontent.com:443,gist.githubusercontent.com:443`, but that can be overridden by providing a different set of hosts. Additionally, when no value is provided, import permissions are inferred from the CLI arguments so the following works because `fresh.deno.dev:443` will be added to the list of allowed imports: ```ts deno run -A -r https://fresh.deno.dev ``` --------- Co-authored-by: David Sherret <dsherret@gmail.com>
5 lines
373 B
Text
5 lines
373 B
Text
error: Uncaught (in promise) TypeError: Requires import access to "example.com:443", run again with the --allow-import flag
|
|
at data:application/javascript;base64,aW1wb3J0ICJodHRwczovL2V4YW1wbGUuY29tL3NvbWUvZmlsZS50cyI7:1:8
|
|
await import(`data:application/javascript;base64,${btoa(code)}`);
|
|
^
|
|
at async file:///[WILDCARD]/dynamic_import/permissions_data_remote.ts:3:1
|