remove allowlist, move asset protocol config under security

tauri-apps · May 12, 2023 · 3dbc0f8 · 3dbc0f8
1 parent 63506f2
commit 3dbc0f8
Show file tree

Hide file tree

Showing 4 changed files with 167 additions and 252 deletions.
diff --git a/core/tauri-config-schema/schema.json b/core/tauri-config-schema/schema.json
@@ -26,12 +26,6 @@
     "tauri": {
       "description": "The Tauri configuration.",
       "default": {
-        "allowlist": {
-          "protocol": {
-            "asset": false,
-            "assetScope": []
-          }
-        },
         "bundle": {
           "active": false,
           "android": {
@@ -77,6 +71,10 @@
           "use": "brownfield"
         },
         "security": {
+          "assetProtocol": {
+            "enable": false,
+            "scope": []
+          },
           "dangerousDisableAssetCspModification": false,
           "dangerousRemoteDomainIpcAccess": [],
           "freezePrototype": false
@@ -208,23 +206,13 @@
             }
           ]
         },
-        "allowlist": {
-          "description": "The allowlist configuration.",
-          "default": {
-            "protocol": {
-              "asset": false,
-              "assetScope": []
-            }
-          },
-          "allOf": [
-            {
-              "$ref": "#/definitions/AllowlistConfig"
-            }
-          ]
-        },
         "security": {
           "description": "Security configuration.",
           "default": {
+            "assetProtocol": {
+              "enable": false,
+              "scope": []
+            },
             "dangerousDisableAssetCspModification": false,
             "dangerousRemoteDomainIpcAccess": [],
             "freezePrototype": false
@@ -1427,80 +1415,6 @@
         }
       ]
     },
-    "AllowlistConfig": {
-      "description": "Allowlist configuration. The allowlist is a translation of the [Cargo allowlist features](https://docs.rs/tauri/latest/tauri/#cargo-allowlist-features).\n\n# Notes\n\n- Endpoints that don't have their own allowlist option are enabled by default. - There is only \"opt-in\", no \"opt-out\". Setting an option to `false` has no effect.\n\n# Examples\n\n- * [`\"app-all\": true`](https://tauri.app/v1/api/config/#appallowlistconfig.all) will make the [hide](https://tauri.app/v1/api/js/app#hide) endpoint be available regardless of whether `hide` is set to `false` or `true` in the allowlist.",
-      "type": "object",
-      "properties": {
-        "protocol": {
-          "description": "Custom protocol allowlist.",
-          "default": {
-            "asset": false,
-            "assetScope": []
-          },
-          "allOf": [
-            {
-              "$ref": "#/definitions/ProtocolAllowlistConfig"
-            }
-          ]
-        }
-      },
-      "additionalProperties": false
-    },
-    "ProtocolAllowlistConfig": {
-      "description": "Allowlist for the custom protocols.\n\nSee more: https://tauri.app/v1/api/config#protocolallowlistconfig",
-      "type": "object",
-      "properties": {
-        "assetScope": {
-          "description": "The access scope for the asset protocol.",
-          "default": [],
-          "allOf": [
-            {
-              "$ref": "#/definitions/FsAllowlistScope"
-            }
-          ]
-        },
-        "asset": {
-          "description": "Enables the asset protocol.",
-          "default": false,
-          "type": "boolean"
-        }
-      },
-      "additionalProperties": false
-    },
-    "FsAllowlistScope": {
-      "description": "Protocol scope definition. It is a list of glob patterns that restrict the API access from the webview.\n\nEach pattern can start with a variable that resolves to a system base directory. The variables are: `$AUDIO`, `$CACHE`, `$CONFIG`, `$DATA`, `$LOCALDATA`, `$DESKTOP`, `$DOCUMENT`, `$DOWNLOAD`, `$EXE`, `$FONT`, `$HOME`, `$PICTURE`, `$PUBLIC`, `$RUNTIME`, `$TEMPLATE`, `$VIDEO`, `$RESOURCE`, `$APP`, `$LOG`, `$TEMP`, `$APPCONFIG`, `$APPDATA`, `$APPLOCALDATA`, `$APPCACHE`, `$APPLOG`.",
-      "anyOf": [
-        {
-          "description": "A list of paths that are allowed by this scope.",
-          "type": "array",
-          "items": {
-            "type": "string"
-          }
-        },
-        {
-          "description": "A complete scope configuration.",
-          "type": "object",
-          "properties": {
-            "allow": {
-              "description": "A list of paths that are allowed by this scope.",
-              "default": [],
-              "type": "array",
-              "items": {
-                "type": "string"
-              }
-            },
-            "deny": {
-              "description": "A list of paths that are not allowed by this scope. This gets precedence over the [`Self::Scope::allow`] list.",
-              "default": [],
-              "type": "array",
-              "items": {
-                "type": "string"
-              }
-            }
-          }
-        }
-      ]
-    },
     "SecurityConfig": {
       "description": "Security configuration.\n\nSee more: https://tauri.app/v1/api/config#securityconfig",
       "type": "object",
@@ -1548,6 +1462,18 @@
           "items": {
             "$ref": "#/definitions/RemoteDomainAccessScope"
           }
+        },
+        "assetProtocol": {
+          "description": "Custom protocol allowlist.",
+          "default": {
+            "enable": false,
+            "scope": []
+          },
+          "allOf": [
+            {
+              "$ref": "#/definitions/AssetProtocolConfig"
+            }
+          ]
         }
       },
       "additionalProperties": false
@@ -1637,6 +1563,61 @@
       },
       "additionalProperties": false
     },
+    "AssetProtocolConfig": {
+      "description": "Allowlist for the custom protocols.\n\nSee more: https://tauri.app/v1/api/config#protocolallowlistconfig",
+      "type": "object",
+      "properties": {
+        "scope": {
+          "description": "The access scope for the asset protocol.",
+          "default": [],
+          "allOf": [
+            {
+              "$ref": "#/definitions/FsAllowlistScope"
+            }
+          ]
+        },
+        "enable": {
+          "description": "Enables the asset protocol.",
+          "default": false,
+          "type": "boolean"
+        }
+      },
+      "additionalProperties": false
+    },
+    "FsAllowlistScope": {
+      "description": "Protocol scope definition. It is a list of glob patterns that restrict the API access from the webview.\n\nEach pattern can start with a variable that resolves to a system base directory. The variables are: `$AUDIO`, `$CACHE`, `$CONFIG`, `$DATA`, `$LOCALDATA`, `$DESKTOP`, `$DOCUMENT`, `$DOWNLOAD`, `$EXE`, `$FONT`, `$HOME`, `$PICTURE`, `$PUBLIC`, `$RUNTIME`, `$TEMPLATE`, `$VIDEO`, `$RESOURCE`, `$APP`, `$LOG`, `$TEMP`, `$APPCONFIG`, `$APPDATA`, `$APPLOCALDATA`, `$APPCACHE`, `$APPLOG`.",
+      "anyOf": [
+        {
+          "description": "A list of paths that are allowed by this scope.",
+          "type": "array",
+          "items": {
+            "type": "string"
+          }
+        },
+        {
+          "description": "A complete scope configuration.",
+          "type": "object",
+          "properties": {
+            "allow": {
+              "description": "A list of paths that are allowed by this scope.",
+              "default": [],
+              "type": "array",
+              "items": {
+                "type": "string"
+              }
+            },
+            "deny": {
+              "description": "A list of paths that are not allowed by this scope. This gets precedence over the [`Self::Scope::allow`] list.",
+              "default": [],
+              "type": "array",
+              "items": {
+                "type": "string"
+              }
+            }
+          }
+        }
+      ]
+    },
     "SystemTrayConfig": {
       "description": "Configuration for application system tray icon.\n\nSee more: https://tauri.app/v1/api/config#systemtrayconfig",
       "type": "object",

diff --git a/core/tauri-utils/src/config.rs b/core/tauri-utils/src/config.rs
@@ -1134,6 +1134,9 @@ pub struct SecurityConfig {
   /// vulnerable to dangerous Tauri command related attacks otherwise.
   #[serde(default, alias = "dangerous-remote-domain-ipc-access")]
   pub dangerous_remote_domain_ipc_access: Vec<RemoteDomainAccessScope>,
+  /// Custom protocol allowlist.
+  #[serde(default)]
+  pub asset_protocol: AssetProtocolConfig,
 }
 
 /// Defines an allowlist type.
@@ -1208,60 +1211,27 @@ impl FsAllowlistScope {
 #[derive(Debug, Default, PartialEq, Eq, Clone, Deserialize, Serialize)]
 #[cfg_attr(feature = "schema", derive(JsonSchema))]
 #[serde(rename_all = "camelCase", deny_unknown_fields)]
-pub struct ProtocolAllowlistConfig {
+pub struct AssetProtocolConfig {
   /// The access scope for the asset protocol.
   #[serde(default, alias = "asset-scope")]
-  pub asset_scope: FsAllowlistScope,
+  pub scope: FsAllowlistScope,
   /// Enables the asset protocol.
   #[serde(default)]
-  pub asset: bool,
+  pub enable: bool,
 }
 
-impl Allowlist for ProtocolAllowlistConfig {
+impl Allowlist for AssetProtocolConfig {
   fn all_features() -> Vec<&'static str> {
     Self {
-      asset_scope: Default::default(),
-      asset: true,
+      scope: Default::default(),
+      enable: true,
     }
     .to_features()
   }
 
   fn to_features(&self) -> Vec<&'static str> {
     let mut features = Vec::new();
-    check_feature!(self, features, asset, "protocol-asset");
-    features
-  }
-}
-
-/// Allowlist configuration. The allowlist is a translation of the [Cargo allowlist features](https://docs.rs/tauri/latest/tauri/#cargo-allowlist-features).
-///
-/// # Notes
-///
-/// - Endpoints that don't have their own allowlist option are enabled by default.
-/// - There is only "opt-in", no "opt-out". Setting an option to `false` has no effect.
-///
-/// # Examples
-///
-/// - * [`"app-all": true`](https://tauri.app/v1/api/config/#appallowlistconfig.all) will make the [hide](https://tauri.app/v1/api/js/app#hide) endpoint be available regardless of whether `hide` is set to `false` or `true` in the allowlist.
-#[derive(Debug, Default, PartialEq, Eq, Clone, Deserialize, Serialize)]
-#[cfg_attr(feature = "schema", derive(JsonSchema))]
-#[serde(rename_all = "camelCase", deny_unknown_fields)]
-pub struct AllowlistConfig {
-  /// Custom protocol allowlist.
-  #[serde(default)]
-  pub protocol: ProtocolAllowlistConfig,
-}
-
-impl Allowlist for AllowlistConfig {
-  fn all_features() -> Vec<&'static str> {
-    let mut features = Vec::new();
-    features.extend(ProtocolAllowlistConfig::all_features());
-    features
-  }
-
-  fn to_features(&self) -> Vec<&'static str> {
-    let mut features = Vec::new();
-    features.extend(self.protocol.to_features());
+    check_feature!(self, features, enable, "protocol-asset");
     features
   }
 }
@@ -1304,9 +1274,6 @@ pub struct TauriConfig {
   /// The bundler configuration.
   #[serde(default)]
   pub bundle: BundleConfig,
-  /// The allowlist configuration.
-  #[serde(default)]
-  pub allowlist: AllowlistConfig,
   /// Security configuration.
   #[serde(default)]
   pub security: SecurityConfig,
@@ -1322,15 +1289,13 @@ impl TauriConfig {
   /// Returns all Cargo features.
   #[allow(dead_code)]
   pub fn all_features() -> Vec<&'static str> {
-    let mut features = AllowlistConfig::all_features();
-    features.extend(vec!["system-tray", "macos-private-api", "isolation"]);
-    features
+    vec!["system-tray", "macos-private-api", "isolation"]
   }
 
   /// Returns the enabled Cargo features.
   #[allow(dead_code)]
   pub fn features(&self) -> Vec<&str> {
-    let mut features = self.allowlist.to_features();
+    let mut features = Vec::new();
     if self.system_tray.is_some() {
       features.push("system-tray");
     }
@@ -2403,17 +2368,10 @@ mod build {
     }
   }
 
-  impl ToTokens for ProtocolAllowlistConfig {
-    fn to_tokens(&self, tokens: &mut TokenStream) {
-      let asset_scope = &self.asset_scope;
-      tokens.append_all(quote! { ::tauri::utils::config::ProtocolAllowlistConfig { asset_scope: #asset_scope, ..Default::default() } })
-    }
-  }
-
-  impl ToTokens for AllowlistConfig {
+  impl ToTokens for AssetProtocolConfig {
     fn to_tokens(&self, tokens: &mut TokenStream) {
-      let protocol = &self.protocol;
-      tokens.append_all(quote! { ::tauri::utils::config::AllowlistConfig {  protocol: #protocol } })
+      let scope = &self.scope;
+      tokens.append_all(quote! { ::tauri::utils::config::ProtocolAllowlistConfig { scope: #scope, ..Default::default() } })
     }
   }
 
@@ -2424,7 +2382,6 @@ mod build {
       let bundle = &self.bundle;
       let security = &self.security;
       let system_tray = opt_lit(self.system_tray.as_ref());
-      let allowlist = &self.allowlist;
       let macos_private_api = self.macos_private_api;
 
       literal_struct!(
@@ -2435,7 +2392,6 @@ mod build {
         bundle,
         security,
         system_tray,
-        allowlist,
         macos_private_api
       );
     }
@@ -2525,8 +2481,8 @@ mod test {
         freeze_prototype: false,
         dangerous_disable_asset_csp_modification: DisabledCspModificationKind::Flag(false),
         dangerous_remote_domain_ipc_access: Vec::new(),
+        asset_protocol: AssetProtocolConfig::default(),
       },
-      allowlist: AllowlistConfig::default(),
       system_tray: None,
       macos_private_api: false,
     };

diff --git a/core/tauri/src/app.rs b/core/tauri/src/app.rs
@@ -1337,10 +1337,7 @@ impl<R: Runtime> Builder<R> {
     app.manage(Scopes {
       ipc: IpcScope::new(&app.config()),
       #[cfg(feature = "protocol-asset")]
-      asset_protocol: FsScope::for_fs_api(
-        &app,
-        &app.config().tauri.allowlist.protocol.asset_scope,
-      )?,
+      asset_protocol: FsScope::for_fs_api(&app, &app.config().tauri.security.asset_protocol.scope)?,
     });
 
     #[cfg(windows)]