diff --git a/plugins/http/Cargo.toml b/plugins/http/Cargo.toml index b498c517..b90bf8f5 100644 --- a/plugins/http/Cargo.toml +++ b/plugins/http/Cargo.toml @@ -73,3 +73,4 @@ charset = ["reqwest/charset"] macos-system-configuration = ["reqwest/macos-system-configuration"] unsafe-headers = [] tracing = ["dep:tracing"] +dangerous-settings = [] diff --git a/plugins/http/guest-js/index.ts b/plugins/http/guest-js/index.ts index 4362e893..b86f4c47 100644 --- a/plugins/http/guest-js/index.ts +++ b/plugins/http/guest-js/index.ts @@ -84,6 +84,26 @@ export interface ClientOptions { * Configuration of a proxy that a Client should pass requests to. */ proxy?: Proxy + /** + * Configuration for dangerous settings on the client such as disabling SSL verification. + */ + danger?: DangerousSettings + } + + /** + * Configuration for dangerous settings on the client such as disabling SSL verification. + * + * @since 2.2.0 + */ + export interface DangerousSettings { + /** + * Disables SSL verification. + */ + acceptInvalidCerts?: boolean, + /** + * Disables hostname verification. + */ + acceptInvalidHostnames?: boolean } const ERROR_REQUEST_CANCELLED = 'Request canceled' @@ -115,12 +135,14 @@ export async function fetch( const maxRedirections = init?.maxRedirections const connectTimeout = init?.connectTimeout const proxy = init?.proxy + const danger = init?.danger // Remove these fields before creating the request if (init) { delete init.maxRedirections delete init.connectTimeout delete init.proxy + delete init.danger } const headers = init?.headers @@ -172,7 +194,8 @@ export async function fetch( data, maxRedirections, connectTimeout, - proxy + proxy, + danger } }) diff --git a/plugins/http/src/commands.rs b/plugins/http/src/commands.rs index 03c84adf..38bac092 100644 --- a/plugins/http/src/commands.rs +++ b/plugins/http/src/commands.rs @@ -75,6 +75,13 @@ pub struct FetchResponse { rid: ResourceId, } +#[derive(Debug, Deserialize)] +#[serde(rename_all = "camelCase")] +pub struct DangerousSettings { + accept_invalid_certs: bool, + accept_invalid_hostnames: bool, +} + #[derive(Debug, Deserialize)] #[serde(rename_all = "camelCase")] pub struct ClientConfig { @@ -85,6 +92,7 @@ pub struct ClientConfig { connect_timeout: Option, max_redirections: Option, proxy: Option, + danger: Option, } #[derive(Debug, Deserialize)] @@ -181,6 +189,7 @@ pub async fn fetch( connect_timeout, max_redirections, proxy, + danger, } = client_config; let scheme = url.scheme(); @@ -220,6 +229,23 @@ pub async fn fetch( { let mut builder = reqwest::ClientBuilder::new(); + if let Some(danger_config) = danger { + #[cfg(not(feature = "dangerous-settings"))] + { + #[cfg(debug_assertions)] + { + eprintln!("[\x1b[33mWARNING\x1b[0m] using dangerous settings requires `dangerous-settings` feature flag in your Cargo.toml"); + } + let _ = danger_config; + return Err(Error::DangerousSettings); + } + #[cfg(feature = "dangerous-settings")]{ + builder = builder + .danger_accept_invalid_certs(danger_config.accept_invalid_certs) + .danger_accept_invalid_hostnames(danger_config.accept_invalid_hostnames) + } + } + if let Some(timeout) = connect_timeout { builder = builder.connect_timeout(Duration::from_millis(timeout)); } diff --git a/plugins/http/src/error.rs b/plugins/http/src/error.rs index 78ff08a2..ef8de0c5 100644 --- a/plugins/http/src/error.rs +++ b/plugins/http/src/error.rs @@ -41,6 +41,8 @@ pub enum Error { Tauri(#[from] tauri::Error), #[error(transparent)] Utf8(#[from] std::string::FromUtf8Error), + #[error("dangerous settings used but are not enabled")] + DangerousSettings, } impl Serialize for Error {