mirror of
https://github.com/usebruno/bruno.git
synced 2025-01-11 00:18:46 +01:00
feat(#306): module whitelisting support
This commit is contained in:
parent
0f3a8a87bb
commit
e3679c9ee9
@ -1,6 +1,6 @@
|
||||
{
|
||||
"name": "@usebruno/js",
|
||||
"version": "0.6.0",
|
||||
"version": "0.8.0",
|
||||
"license": "MIT",
|
||||
"main": "src/index.js",
|
||||
"files": [
|
||||
|
@ -8,6 +8,7 @@ const zlib = require('zlib');
|
||||
const url = require('url');
|
||||
const punycode = require('punycode');
|
||||
const fs = require('fs');
|
||||
const { get } = require('lodash');
|
||||
const Bru = require('../bru');
|
||||
const BrunoRequest = require('../bruno-request');
|
||||
const BrunoResponse = require('../bruno-response');
|
||||
@ -38,10 +39,23 @@ class ScriptRuntime {
|
||||
collectionPath,
|
||||
onConsoleLog,
|
||||
processEnvVars,
|
||||
allowScriptFilesystemAccess
|
||||
scriptingConfig
|
||||
) {
|
||||
const bru = new Bru(envVariables, collectionVariables, processEnvVars, collectionPath);
|
||||
const req = new BrunoRequest(request);
|
||||
const allowScriptFilesystemAccess = get(scriptingConfig, 'filesystemAccess.allow', false);
|
||||
const moduleWhitelist = get(scriptingConfig, 'moduleWhitelist', []);
|
||||
|
||||
const whitelistedModules = {};
|
||||
|
||||
for (let module of moduleWhitelist) {
|
||||
try {
|
||||
whitelistedModules[module] = require(module);
|
||||
} catch (e) {
|
||||
// Ignore
|
||||
console.warn(e);
|
||||
}
|
||||
}
|
||||
|
||||
const context = {
|
||||
bru,
|
||||
@ -89,6 +103,7 @@ class ScriptRuntime {
|
||||
chai,
|
||||
'node-fetch': fetch,
|
||||
'crypto-js': CryptoJS,
|
||||
...whitelistedModules,
|
||||
fs: allowScriptFilesystemAccess ? fs : undefined
|
||||
}
|
||||
}
|
||||
@ -111,11 +126,24 @@ class ScriptRuntime {
|
||||
collectionPath,
|
||||
onConsoleLog,
|
||||
processEnvVars,
|
||||
allowScriptFilesystemAccess
|
||||
scriptingConfig
|
||||
) {
|
||||
const bru = new Bru(envVariables, collectionVariables, processEnvVars, collectionPath);
|
||||
const req = new BrunoRequest(request);
|
||||
const res = new BrunoResponse(response);
|
||||
const allowScriptFilesystemAccess = get(scriptingConfig, 'filesystemAccess.allow', false);
|
||||
const moduleWhitelist = get(scriptingConfig, 'moduleWhitelist', []);
|
||||
|
||||
const whitelistedModules = {};
|
||||
|
||||
for (let module of moduleWhitelist) {
|
||||
try {
|
||||
whitelistedModules[module] = require(module);
|
||||
} catch (e) {
|
||||
// Ignore
|
||||
console.warn(e);
|
||||
}
|
||||
}
|
||||
|
||||
const context = {
|
||||
bru,
|
||||
@ -163,6 +191,7 @@ class ScriptRuntime {
|
||||
axios,
|
||||
'node-fetch': fetch,
|
||||
'crypto-js': CryptoJS,
|
||||
...whitelistedModules,
|
||||
fs: allowScriptFilesystemAccess ? fs : undefined
|
||||
}
|
||||
}
|
||||
|
@ -9,6 +9,7 @@ const zlib = require('zlib');
|
||||
const url = require('url');
|
||||
const punycode = require('punycode');
|
||||
const fs = require('fs');
|
||||
const { get } = require('lodash');
|
||||
const Bru = require('../bru');
|
||||
const BrunoRequest = require('../bruno-request');
|
||||
const BrunoResponse = require('../bruno-response');
|
||||
@ -38,11 +39,24 @@ class TestRuntime {
|
||||
collectionPath,
|
||||
onConsoleLog,
|
||||
processEnvVars,
|
||||
allowScriptFilesystemAccess
|
||||
scriptingConfig
|
||||
) {
|
||||
const bru = new Bru(envVariables, collectionVariables, processEnvVars, collectionPath);
|
||||
const req = new BrunoRequest(request);
|
||||
const res = new BrunoResponse(response);
|
||||
const allowScriptFilesystemAccess = get(scriptingConfig, 'filesystemAccess.allow', false);
|
||||
const moduleWhitelist = get(scriptingConfig, 'moduleWhitelist', []);
|
||||
|
||||
const whitelistedModules = {};
|
||||
|
||||
for (let module of moduleWhitelist) {
|
||||
try {
|
||||
whitelistedModules[module] = require(module);
|
||||
} catch (e) {
|
||||
// Ignore
|
||||
console.warn(e);
|
||||
}
|
||||
}
|
||||
|
||||
const __brunoTestResults = new TestResults();
|
||||
const test = Test(__brunoTestResults, chai);
|
||||
@ -106,6 +120,7 @@ class TestRuntime {
|
||||
nanoid,
|
||||
chai,
|
||||
'crypto-js': CryptoJS,
|
||||
...whitelistedModules,
|
||||
fs: allowScriptFilesystemAccess ? fs : undefined
|
||||
}
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user