Hardened URL vetted shim #2635
Labels
Comments
kriskowal
added
enhancement
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
What is the Problem Being Solved?
harden(URL)is not sufficient to make URL safe to share among fearlessly coöperating compartments because some methods return objects with prototypes that are not among the shared intrinsics, particularly the search param iterator.Description of the Design
I propose the creation of an
@endo/urlpackage with an@endo/url/shim.jsexported module that can be included in@endo/initand harden the entirety ofURLif it is present, to the extent it is implemented. The module will need its own notion of permits and should remove unknown properties. This might entail ejection of a utility package fromses.Security Considerations
harden(URL)is not sufficient to makeURLsafe to share between fearlessly coöperating compartments. This change should make it safe to endowURLinglobals.XS does not provide
URLand Agoric’s platform on XS does not rely on aURLbeing present. There are no plans to introduce one.Scaling Considerations
Some overhead for vat initialization.
Test Plan
To be designed.
Compatibility Considerations
Some, to be enumerated.
Upgrade Considerations
Some, to be enumerated.
The text was updated successfully, but these errors were encountered: