Formed in 2009, the Archive Team (not to be confused with the archive.org Archive-It Team) is a rogue archivist collective dedicated to saving copies of rapidly dying or deleted websites for the sake of history and digital heritage. The group is 100% composed of volunteers and interested parties, and has expanded into a large amount of related projects for saving online and digital history.
Canonicalize URLs prior to Policy specifier matching #37863
Closed
+772
−351
Conversation
...xtures/policy/dependencies/dependencies-missing-policy-default-true.json
Show resolved
Hide resolved
bmeck
added a commit
to bmeck/node
that referenced
this pull request
Aug 4, 2021
PR-URL: nodejs#37863 Co-authored-by: Antoine du Hamel <duhamelantoine1995@gmail.com>
|
rebased, @aduh95 can you take a look again, your comments should be resolved |
bmeck
added a commit
to bmeck/node
that referenced
this pull request
Aug 5, 2021
PR-URL: nodejs#37863 Co-authored-by: Antoine du Hamel <duhamelantoine1995@gmail.com> Co-authored-by: James M Snell <jasnell@gmail.com>
|
I'd like to land this in the next day or so and if no requests for changes occur I plan to do so. |
PR-URL: #37863 Co-authored-by: Antoine du Hamel <duhamelantoine1995@gmail.com> Co-authored-by: James M Snell <jasnell@gmail.com>
bmeck
added a commit
that referenced
this pull request
Aug 19, 2021
PR-URL: #37863 Co-authored-by: Antoine du Hamel <duhamelantoine1995@gmail.com> Co-authored-by: James M Snell <jasnell@gmail.com> Reviewed-By: Guy Bedford <guybedford@gmail.com>
|
Landed in 90e2e78 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Currently policies preempt the resolution process entirely and work off of raw specifiers. If
file:///app/component.cjsrequiresrequire("./util.js")or importsimport("./util.js")policies only look for an exact match of"./util.js"in"dependencies". This was found as a usability issue by @giltayar while comparing with / looking at import maps compatibility. In particular, with import maps the specifiers are always canonicalized prior to performing matching, both the specifiers in the map that can be matched and the specifier from the call site. This allows a mapping table to cover all ways to get a hold offile:///app/util.jsin a more concise manner.Consider this as the source texts :
and a policy at
file:///policy.jsoncontaining:{ "scopes": { "file:": { "cascade": true, "integrity": true, "dependencies": { "./bar.cjs": "file:///app/bar.js" } } } }This policy will intercept both the loads from
file:///app/dir/foo.cjsandfile:///app/component.cjs. And have both resolve tofile:///app/bar.js.Canonicalizing early would mean that it only intercepts resolution that PRIOR TO NODE RESOLUTION would point to
file:///bar.cjsregardless of the file containing the load. This actually is a breaking change to policies and one would have to alter some data as seen in the tests in this PR but it would greatly simplify some cases so that instead of needing to specify all routes to dependencies one only needs to specify the eventual target if resolved prior to node resolving. This must be done prior to node resolving so that things likefsandreactare still properly able to be intercepted. Due to the number of closures this uses we likely should add a benchmark and migrate to be less closure heavy and pass around objects instead.