From c4d78b8f45fb7088ed5aac666018a452c7a3d3ea Mon Sep 17 00:00:00 2001 From: diamonddrake Date: Fri, 13 Dec 2024 12:59:24 -0500 Subject: [PATCH 1/7] http: add support for reqwest's danger flags --- plugins/http/Cargo.toml | 1 + plugins/http/guest-js/index.ts | 25 ++++++++++++++++++++++++- plugins/http/src/commands.rs | 26 ++++++++++++++++++++++++++ plugins/http/src/error.rs | 2 ++ 4 files changed, 53 insertions(+), 1 deletion(-) diff --git a/plugins/http/Cargo.toml b/plugins/http/Cargo.toml index b498c5174..b90bf8f53 100644 --- a/plugins/http/Cargo.toml +++ b/plugins/http/Cargo.toml @@ -73,3 +73,4 @@ charset = ["reqwest/charset"] macos-system-configuration = ["reqwest/macos-system-configuration"] unsafe-headers = [] tracing = ["dep:tracing"] +dangerous-settings = [] diff --git a/plugins/http/guest-js/index.ts b/plugins/http/guest-js/index.ts index 4362e893a..b86f4c478 100644 --- a/plugins/http/guest-js/index.ts +++ b/plugins/http/guest-js/index.ts @@ -84,6 +84,26 @@ export interface ClientOptions { * Configuration of a proxy that a Client should pass requests to. */ proxy?: Proxy + /** + * Configuration for dangerous settings on the client such as disabling SSL verification. + */ + danger?: DangerousSettings + } + + /** + * Configuration for dangerous settings on the client such as disabling SSL verification. + * + * @since 2.2.0 + */ + export interface DangerousSettings { + /** + * Disables SSL verification. + */ + acceptInvalidCerts?: boolean, + /** + * Disables hostname verification. + */ + acceptInvalidHostnames?: boolean } const ERROR_REQUEST_CANCELLED = 'Request canceled' @@ -115,12 +135,14 @@ export async function fetch( const maxRedirections = init?.maxRedirections const connectTimeout = init?.connectTimeout const proxy = init?.proxy + const danger = init?.danger // Remove these fields before creating the request if (init) { delete init.maxRedirections delete init.connectTimeout delete init.proxy + delete init.danger } const headers = init?.headers @@ -172,7 +194,8 @@ export async function fetch( data, maxRedirections, connectTimeout, - proxy + proxy, + danger } }) diff --git a/plugins/http/src/commands.rs b/plugins/http/src/commands.rs index 03c84adf5..38bac0925 100644 --- a/plugins/http/src/commands.rs +++ b/plugins/http/src/commands.rs @@ -75,6 +75,13 @@ pub struct FetchResponse { rid: ResourceId, } +#[derive(Debug, Deserialize)] +#[serde(rename_all = "camelCase")] +pub struct DangerousSettings { + accept_invalid_certs: bool, + accept_invalid_hostnames: bool, +} + #[derive(Debug, Deserialize)] #[serde(rename_all = "camelCase")] pub struct ClientConfig { @@ -85,6 +92,7 @@ pub struct ClientConfig { connect_timeout: Option, max_redirections: Option, proxy: Option, + danger: Option, } #[derive(Debug, Deserialize)] @@ -181,6 +189,7 @@ pub async fn fetch( connect_timeout, max_redirections, proxy, + danger, } = client_config; let scheme = url.scheme(); @@ -220,6 +229,23 @@ pub async fn fetch( { let mut builder = reqwest::ClientBuilder::new(); + if let Some(danger_config) = danger { + #[cfg(not(feature = "dangerous-settings"))] + { + #[cfg(debug_assertions)] + { + eprintln!("[\x1b[33mWARNING\x1b[0m] using dangerous settings requires `dangerous-settings` feature flag in your Cargo.toml"); + } + let _ = danger_config; + return Err(Error::DangerousSettings); + } + #[cfg(feature = "dangerous-settings")]{ + builder = builder + .danger_accept_invalid_certs(danger_config.accept_invalid_certs) + .danger_accept_invalid_hostnames(danger_config.accept_invalid_hostnames) + } + } + if let Some(timeout) = connect_timeout { builder = builder.connect_timeout(Duration::from_millis(timeout)); } diff --git a/plugins/http/src/error.rs b/plugins/http/src/error.rs index 78ff08a20..ef8de0c52 100644 --- a/plugins/http/src/error.rs +++ b/plugins/http/src/error.rs @@ -41,6 +41,8 @@ pub enum Error { Tauri(#[from] tauri::Error), #[error(transparent)] Utf8(#[from] std::string::FromUtf8Error), + #[error("dangerous settings used but are not enabled")] + DangerousSettings, } impl Serialize for Error { From 89bdab58f5321e012b3a28741269140e93a970c2 Mon Sep 17 00:00:00 2001 From: diamonddrake Date: Fri, 13 Dec 2024 13:10:43 -0500 Subject: [PATCH 2/7] http: bump http plugin version --- plugins/http/Cargo.toml | 2 +- plugins/http/package.json | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/plugins/http/Cargo.toml b/plugins/http/Cargo.toml index b90bf8f53..9aa49e0e4 100644 --- a/plugins/http/Cargo.toml +++ b/plugins/http/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "tauri-plugin-http" -version = "2.2.0" +version = "2.3.0" description = "Access an HTTP client written in Rust." edition = { workspace = true } authors = { workspace = true } diff --git a/plugins/http/package.json b/plugins/http/package.json index f9e4e64c6..02ea80bfc 100644 --- a/plugins/http/package.json +++ b/plugins/http/package.json @@ -1,6 +1,6 @@ { "name": "@tauri-apps/plugin-http", - "version": "2.2.0", + "version": "2.3.0", "license": "MIT OR Apache-2.0", "authors": [ "Tauri Programme within The Commons Conservancy" From a0eab23132f5260c91da852cdd33c07e0b5b870d Mon Sep 17 00:00:00 2001 From: diamonddrake Date: Sun, 15 Dec 2024 09:19:13 -0500 Subject: [PATCH 3/7] revert manual version changes --- plugins/http/Cargo.toml | 2 +- plugins/http/package.json | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/plugins/http/Cargo.toml b/plugins/http/Cargo.toml index 9aa49e0e4..b90bf8f53 100644 --- a/plugins/http/Cargo.toml +++ b/plugins/http/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "tauri-plugin-http" -version = "2.3.0" +version = "2.2.0" description = "Access an HTTP client written in Rust." edition = { workspace = true } authors = { workspace = true } diff --git a/plugins/http/package.json b/plugins/http/package.json index 02ea80bfc..f9e4e64c6 100644 --- a/plugins/http/package.json +++ b/plugins/http/package.json @@ -1,6 +1,6 @@ { "name": "@tauri-apps/plugin-http", - "version": "2.3.0", + "version": "2.2.0", "license": "MIT OR Apache-2.0", "authors": [ "Tauri Programme within The Commons Conservancy" From 8186253a115b5df65f1f516b92d8029bca6e9e44 Mon Sep 17 00:00:00 2001 From: DiamondDrake Date: Sun, 15 Dec 2024 09:24:30 -0500 Subject: [PATCH 4/7] Create http-dangerous-settings.md .changes file --- .changes/http-dangerous-settings.md | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 .changes/http-dangerous-settings.md diff --git a/.changes/http-dangerous-settings.md b/.changes/http-dangerous-settings.md new file mode 100644 index 000000000..247032690 --- /dev/null +++ b/.changes/http-dangerous-settings.md @@ -0,0 +1,6 @@ +--- +"http": minor +"http-js": minor +--- + +http new api to disable tls hostname/certificate validation From 084f9968568169e9740985e66af23946f7c3de82 Mon Sep 17 00:00:00 2001 From: diamonddrake Date: Sun, 15 Dec 2024 09:38:48 -0500 Subject: [PATCH 5/7] run prettier on http *.ts files --- plugins/http/guest-js/index.ts | 32 ++++++++++++++++---------------- 1 file changed, 16 insertions(+), 16 deletions(-) diff --git a/plugins/http/guest-js/index.ts b/plugins/http/guest-js/index.ts index b86f4c478..bea18e448 100644 --- a/plugins/http/guest-js/index.ts +++ b/plugins/http/guest-js/index.ts @@ -84,26 +84,26 @@ export interface ClientOptions { * Configuration of a proxy that a Client should pass requests to. */ proxy?: Proxy - /** + /** * Configuration for dangerous settings on the client such as disabling SSL verification. */ - danger?: DangerousSettings - } - + danger?: DangerousSettings +} + +/** + * Configuration for dangerous settings on the client such as disabling SSL verification. + * + * @since 2.3.0 + */ +export interface DangerousSettings { /** - * Configuration for dangerous settings on the client such as disabling SSL verification. - * - * @since 2.2.0 + * Disables SSL verification. + */ + acceptInvalidCerts?: boolean + /** + * Disables hostname verification. */ - export interface DangerousSettings { - /** - * Disables SSL verification. - */ - acceptInvalidCerts?: boolean, - /** - * Disables hostname verification. - */ - acceptInvalidHostnames?: boolean + acceptInvalidHostnames?: boolean } const ERROR_REQUEST_CANCELLED = 'Request canceled' From 6d75e76a408ac3f474d0ad099e7ca4a8c9f6663c Mon Sep 17 00:00:00 2001 From: diamonddrake Date: Sun, 15 Dec 2024 09:43:11 -0500 Subject: [PATCH 6/7] run fmt and fix warnings --- plugins/http/src/commands.rs | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/plugins/http/src/commands.rs b/plugins/http/src/commands.rs index 38bac0925..3dc0297e4 100644 --- a/plugins/http/src/commands.rs +++ b/plugins/http/src/commands.rs @@ -77,6 +77,7 @@ pub struct FetchResponse { #[derive(Debug, Deserialize)] #[serde(rename_all = "camelCase")] +#[allow(dead_code)] //feature flags shoudln't affect api pub struct DangerousSettings { accept_invalid_certs: bool, accept_invalid_hostnames: bool, @@ -239,7 +240,8 @@ pub async fn fetch( let _ = danger_config; return Err(Error::DangerousSettings); } - #[cfg(feature = "dangerous-settings")]{ + #[cfg(feature = "dangerous-settings")] + { builder = builder .danger_accept_invalid_certs(danger_config.accept_invalid_certs) .danger_accept_invalid_hostnames(danger_config.accept_invalid_hostnames) From 398c6038b614dfc5beeca1b438bdb325ebb108e1 Mon Sep 17 00:00:00 2001 From: diamonddrake Date: Sun, 15 Dec 2024 13:23:16 -0500 Subject: [PATCH 7/7] check in built api-iife.js --- plugins/http/api-iife.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/plugins/http/api-iife.js b/plugins/http/api-iife.js index 0cfeb063a..76b498ada 100644 --- a/plugins/http/api-iife.js +++ b/plugins/http/api-iife.js @@ -1 +1 @@ -if("__TAURI__"in window){var __TAURI_PLUGIN_HTTP__=function(e){"use strict";async function t(e,t={},r){return window.__TAURI_INTERNALS__.invoke(e,t,r)}"function"==typeof SuppressedError&&SuppressedError;const r="Request canceled";return e.fetch=async function(e,n){const a=n?.signal;if(a?.aborted)throw new Error(r);const o=n?.maxRedirections,s=n?.connectTimeout,i=n?.proxy;n&&(delete n.maxRedirections,delete n.connectTimeout,delete n.proxy);const d=n?.headers?n.headers instanceof Headers?n.headers:new Headers(n.headers):new Headers,c=new Request(e,n),u=await c.arrayBuffer(),f=0!==u.byteLength?Array.from(new Uint8Array(u)):null;for(const[e,t]of c.headers)d.get(e)||d.set(e,t);const _=(d instanceof Headers?Array.from(d.entries()):Array.isArray(d)?d:Object.entries(d)).map((([e,t])=>[e,"string"==typeof t?t:t.toString()]));if(a?.aborted)throw new Error(r);const h=await t("plugin:http|fetch",{clientConfig:{method:c.method,url:c.url,headers:_,data:f,maxRedirections:o,connectTimeout:s,proxy:i}}),l=()=>t("plugin:http|fetch_cancel",{rid:h});if(a?.aborted)throw l(),new Error(r);a?.addEventListener("abort",(()=>{l()}));const{status:p,statusText:w,url:y,headers:T,rid:A}=await t("plugin:http|fetch_send",{rid:h}),g=await t("plugin:http|fetch_read_body",{rid:A}),R=new Response(g instanceof ArrayBuffer&&0!==g.byteLength?g:g instanceof Array&&g.length>0?new Uint8Array(g):null,{status:p,statusText:w});return Object.defineProperty(R,"url",{value:y}),Object.defineProperty(R,"headers",{value:new Headers(T)}),R},e}({});Object.defineProperty(window.__TAURI__,"http",{value:__TAURI_PLUGIN_HTTP__})} +if("__TAURI__"in window){var __TAURI_PLUGIN_HTTP__=function(e){"use strict";async function t(e,t={},r){return window.__TAURI_INTERNALS__.invoke(e,t,r)}"function"==typeof SuppressedError&&SuppressedError;const r="Request canceled";return e.fetch=async function(e,n){const a=n?.signal;if(a?.aborted)throw new Error(r);const o=n?.maxRedirections,s=n?.connectTimeout,i=n?.proxy,d=n?.danger;n&&(delete n.maxRedirections,delete n.connectTimeout,delete n.proxy,delete n.danger);const c=n?.headers?n.headers instanceof Headers?n.headers:new Headers(n.headers):new Headers,u=new Request(e,n),f=await u.arrayBuffer(),_=0!==f.byteLength?Array.from(new Uint8Array(f)):null;for(const[e,t]of u.headers)c.get(e)||c.set(e,t);const h=(c instanceof Headers?Array.from(c.entries()):Array.isArray(c)?c:Object.entries(c)).map((([e,t])=>[e,"string"==typeof t?t:t.toString()]));if(a?.aborted)throw new Error(r);const l=await t("plugin:http|fetch",{clientConfig:{method:u.method,url:u.url,headers:h,data:_,maxRedirections:o,connectTimeout:s,proxy:i,danger:d}}),p=()=>t("plugin:http|fetch_cancel",{rid:l});if(a?.aborted)throw p(),new Error(r);a?.addEventListener("abort",(()=>{p()}));const{status:w,statusText:y,url:g,headers:T,rid:A}=await t("plugin:http|fetch_send",{rid:l}),R=await t("plugin:http|fetch_read_body",{rid:A}),b=new Response(R instanceof ArrayBuffer&&0!==R.byteLength?R:R instanceof Array&&R.length>0?new Uint8Array(R):null,{status:w,statusText:y});return Object.defineProperty(b,"url",{value:g}),Object.defineProperty(b,"headers",{value:new Headers(T)}),b},e}({});Object.defineProperty(window.__TAURI__,"http",{value:__TAURI_PLUGIN_HTTP__})}