From f1c985ff6f8e249d48385c01630d7551f44cd62d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ricardo=20Iv=C3=A1n=20Vieitez=20Parra?= <3857362+corrideat@users.noreply.github.com> Date: Mon, 25 Sep 2023 18:21:58 +0200 Subject: [PATCH] Bare sandbox improvements --- src/exports/bare.ts | 3 +++ src/index.ts | 10 ++++++---- src/trusted/impl/bare/bareSandbox.ts | 7 ------- src/untrusted/lib/Logger.ts | 20 ++++++++++++++------ src/untrusted/lib/utils.ts | 4 ++-- test/e2e/bare/bareSandbox.spec.ts | 24 ++++++++++++++++++++++-- test/lib/runNodejsTests.ts | 2 +- test/lib/tsconfig.json | 5 ++++- 8 files changed, 52 insertions(+), 23 deletions(-) diff --git a/src/exports/bare.ts b/src/exports/bare.ts index 9415720..a7f942a 100644 --- a/src/exports/bare.ts +++ b/src/exports/bare.ts @@ -14,3 +14,6 @@ */ export { default } from '~trusted/impl/bare/bareSandbox.js'; +// TODO: Fix issue with these exports in Google Closure Compiler +// export { default as freezePrototypes } from '~untrusted/lib/freezePrototypes.js'; +// export { default as hardenGlobals } from '~untrusted/lib/hardenGlobals.js'; diff --git a/src/index.ts b/src/index.ts index ff14e7a..ae0efea 100644 --- a/src/index.ts +++ b/src/index.ts @@ -13,7 +13,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -export { default as bareSandbox } from './trusted/impl/bare/bareSandbox.js'; -export { default as browserSandbox } from './trusted/impl/browser/browserSandbox.js'; -export { default as nodejsSandbox } from './trusted/impl/nodejs/nodejsSandbox.js'; -export { default as workerSandbox } from './trusted/impl/worker/workerSandbox.js'; +export { default as bareSandbox } from '~trusted/impl/bare/bareSandbox.js'; +export { default as browserSandbox } from '~trusted/impl/browser/browserSandbox.js'; +export { default as nodejsSandbox } from '~trusted/impl/nodejs/nodejsSandbox.js'; +export { default as workerSandbox } from '~trusted/impl/worker/workerSandbox.js'; +export { default as freezePrototypes } from '~untrusted/lib/freezePrototypes.js'; +export { default as hardenGlobals } from '~untrusted/lib/hardenGlobals.js'; diff --git a/src/trusted/impl/bare/bareSandbox.ts b/src/trusted/impl/bare/bareSandbox.ts index 6744890..c147c33 100644 --- a/src/trusted/impl/bare/bareSandbox.ts +++ b/src/trusted/impl/bare/bareSandbox.ts @@ -15,17 +15,10 @@ import { ISandbox } from '~/types/index.js'; import bareSandboxManager from '~/untrusted/impl/bare/bareSandboxManager.js'; -import hardenGlobals from '~/untrusted/lib/hardenGlobals.js'; -import freezePrototypes from '~/untrusted/lib/freezePrototypes.js'; import setupSandboxListeners from '~trusted/lib/setupSandboxListeners.js'; import createErrorEventListenerFactory from '~untrusted/lib/createErrorEventEventListenerFactory.js'; import createMessageEventListenerFactory from '~untrusted/lib/createMessageEventListenerFactory.js'; -/* -TODO: These should be exported or called upon creating bareSandbox. -TODO: Fix issues with Node.js and freezePrototypes */ -hardenGlobals(); -freezePrototypes(); // TODO: wrap setTimeout and clearTimeout const bareSandbox: ISandbox = async ( diff --git a/src/untrusted/lib/Logger.ts b/src/untrusted/lib/Logger.ts index 702d20f..28b431b 100644 --- a/src/untrusted/lib/Logger.ts +++ b/src/untrusted/lib/Logger.ts @@ -25,11 +25,19 @@ const logWrapper = (o: T, v: keyof T) => ? o[v] : noop; -const trace = debugOnlyLogWrapper(console, 'trace'); -const debug = debugOnlyLogWrapper(console, 'debug'); -const info = debugOnlyLogWrapper(console, 'info'); -const log = debugOnlyLogWrapper(console, 'log'); -const warn = logWrapper(console, 'warn'); -const error = logWrapper(console, 'error'); +const trace = debugOnlyLogWrapper(console, 'trace') as { + (...args: unknown[]): void; +}; +const debug = debugOnlyLogWrapper(console, 'debug') as { + (...args: unknown[]): void; +}; +const info = debugOnlyLogWrapper(console, 'info') as { + (...args: unknown[]): void; +}; +const log = debugOnlyLogWrapper(console, 'log') as { + (...args: unknown[]): void; +}; +const warn = logWrapper(console, 'warn') as { (...args: unknown[]): void }; +const error = logWrapper(console, 'error') as { (...args: unknown[]): void }; export { trace, debug, info, log, warn, error }; diff --git a/src/untrusted/lib/utils.ts b/src/untrusted/lib/utils.ts index a01ab18..1c2b925 100644 --- a/src/untrusted/lib/utils.ts +++ b/src/untrusted/lib/utils.ts @@ -67,7 +67,7 @@ export const aForEach = ( callbackfn: { (value: TT, index: number, array: TT[]): void }, thisArg?: TAny, ): void => fnCall(l_aForEach, a, callbackfn, thisArg); -export const aFrom = globalThis['Array'].from; +export const aFrom = l_Array.from; export const aIncludes = ( a: TT[], searchElement: TT, @@ -80,7 +80,7 @@ export const aIndexOf = ( ): number => fnCall(l_aIndexOf, a, searchElement, fromIndexOf); export const aJoin = (a: TT[], separator?: string | undefined): string => fnCall(l_aJoin, a, separator); -export const aIsArray = globalThis['Array'].isArray; +export const aIsArray = l_Array.isArray; export const aMap = ( a: TT[], callbackfn: (value: TT, index: number, array: TT[]) => TU, diff --git a/test/e2e/bare/bareSandbox.spec.ts b/test/e2e/bare/bareSandbox.spec.ts index 075411f..d3d2fec 100644 --- a/test/e2e/bare/bareSandbox.spec.ts +++ b/test/e2e/bare/bareSandbox.spec.ts @@ -15,6 +15,26 @@ import runNodejsTests from '@test/lib/runNodejsTests.js'; -import { default as m } from '@dist/exports/bare'; +import * as bare from '@dist/exports/bare'; -runNodejsTests('Bare', m); +// TODO: Import from '@dist/exports/bare' +import { hardenGlobals, freezePrototypes } from '@dist/index.js'; + +hardenGlobals(); + +// See +if (process.version) { + const [major, minor] = process.version + .slice(1) + .split('.', 2) + .map((n) => parseInt(n)); + if ( + (major === 18 && minor >= 18) || + (major === 20 && minor >= 6) || + major > 20 + ) { + freezePrototypes(); + } +} + +runNodejsTests('Bare', bare.default); diff --git a/test/lib/runNodejsTests.ts b/test/lib/runNodejsTests.ts index cc29a06..ca68a61 100644 --- a/test/lib/runNodejsTests.ts +++ b/test/lib/runNodejsTests.ts @@ -25,7 +25,7 @@ const assertRejectsWith = assertRejectsWithFactory((predicate, c) => assert.rejects(predicate, c), ); -const runNodejsTests = (name: string, m: ISandbox, ) => { +const runNodejsTests = (name: string, m: ISandbox) => { describe(name, () => { describe('Can run tasks', async () => { it( diff --git a/test/lib/tsconfig.json b/test/lib/tsconfig.json index 7dba015..6ab601c 100644 --- a/test/lib/tsconfig.json +++ b/test/lib/tsconfig.json @@ -6,6 +6,9 @@ "lib": ["es2022", "dom"], "outDir": "dist" }, - "references": [{ "path": "../../src/types" }, { "path": "../../src/untrusted" }], + "references": [ + { "path": "../../src/types" }, + { "path": "../../src/untrusted" } + ], "include": ["**/*", "**/*.json"] }