diff options
author | Bradley Farias <bradley.meck@gmail.com> | 2018-09-13 14:27:12 -0500 |
---|---|---|
committer | Bradley Farias <bradley.meck@gmail.com> | 2019-01-17 09:43:42 -0600 |
commit | 9d5fbeb55fb1927928237e09475d39346d9c3ad9 (patch) | |
tree | ca2f567ff647c9a1706f39e93e54caa03cd98c1d /lib/internal/process | |
parent | 7b6e9aedaf8c9aa219ff759bed6b1680910eefe0 (diff) | |
download | android-node-v8-9d5fbeb55fb1927928237e09475d39346d9c3ad9.tar.gz android-node-v8-9d5fbeb55fb1927928237e09475d39346d9c3ad9.tar.bz2 android-node-v8-9d5fbeb55fb1927928237e09475d39346d9c3ad9.zip |
policy: manifest with subresource integrity checks
This enables code loaded via the module system to be checked for
integrity to ensure the code loaded matches expectations.
PR-URL: https://github.com/nodejs/node/pull/23834
Reviewed-By: Guy Bedford <guybedford@gmail.com>
Reviewed-By: Vladimir de Turckheim <vlad2t@hotmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Diffstat (limited to 'lib/internal/process')
-rw-r--r-- | lib/internal/process/policy.js | 33 |
1 files changed, 33 insertions, 0 deletions
diff --git a/lib/internal/process/policy.js b/lib/internal/process/policy.js new file mode 100644 index 0000000000..f5ca4eeb07 --- /dev/null +++ b/lib/internal/process/policy.js @@ -0,0 +1,33 @@ +'use strict'; + +const { + ERR_MANIFEST_TDZ, +} = require('internal/errors').codes; +const { Manifest } = require('internal/policy/manifest'); +let manifest; +module.exports = Object.freeze({ + __proto__: null, + setup(src, url) { + if (src === null) { + manifest = null; + return; + } + const json = JSON.parse(src, (_, o) => { + if (o && typeof o === 'object') { + Reflect.setPrototypeOf(o, null); + Object.freeze(o); + } + return o; + }); + manifest = new Manifest(json, url); + }, + get manifest() { + if (typeof manifest === 'undefined') { + throw new ERR_MANIFEST_TDZ(); + } + return manifest; + }, + assertIntegrity(moduleURL, content) { + this.manifest.matchesIntegrity(moduleURL, content); + } +}); |