Wasmtime GitHub notifications bot (May 18 2023 at 18:48): Wasmtime GitHub notifications bot (May 18 2023 at 18:48):brendandburns edited PR #6401:
This adds allow lists to HTTP which enable the creator of the wasm runtime to specify:
- allowed methods
- allowed schemes
- allowed authorities
It also supports a wildcard value
*which matches everything.Unit tests to validate the functionality are also included.
Wasmtime GitHub notifications bot (May 19 2023 at 00:23):Mossaka created PR review comment:
Do you want to follow the convention in wasi-experimental-http that uses "insecure:allow-all" to match everything?
Wasmtime GitHub notifications bot (Jun 02 2023 at 02:59):brendandburns updated PR #6401.
Wasmtime GitHub notifications bot (Jun 02 2023 at 13:52):brendandburns updated PR #6401.
Wasmtime GitHub notifications bot (Jun 23 2023 at 14:06):brendandburns created PR review comment:
I think I will leave wild-card in for now. I'm not sure we want to imply wild-card == insecure, that seems to be up to the user of
wasmtimeto determine what is secure or not in their environment. (or we should define this in the wasi-http spec)
Wasmtime GitHub notifications bot (Sep 05 2023 at 23:22):brendandburns closed without merge PR #6401.
Last updated: Nov 22 2024 at 17:03 UTC