-
Notifications
You must be signed in to change notification settings - Fork 22
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
#105 Add sandbox execution; move JQ to it #4701
Conversation
Cool! I didn't realize that the sandbox is inserted into a page vs. a single sandbox (similar to the singleton background page)
Agree that for now using the Messenger isn't important given that there's only 1-3 message types we'll be using for sandbox (render template, validation JSON Schema form, potentially run jq). The main thing is to be able to wrap in a |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Codecov Report
@@ Coverage Diff @@
## main #4701 +/- ##
==========================================
+ Coverage 53.79% 53.84% +0.04%
==========================================
Files 935 941 +6
Lines 27766 27846 +80
Branches 5365 5369 +4
==========================================
+ Hits 14937 14993 +56
- Misses 12829 12853 +24
Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here. |
The latest updates on your projects. Learn more about Vercel for Git ↗︎
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is ready for a first review and live testing with JQ.
Before merge:
- Do extended testing of the JQ brick — it seems to work but does it match the previous expectations?
- Update tests
/* webpackChunkName: "jq-web" */ "jq-web" | ||
); | ||
|
||
return jq.promised.json(input, filter); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
); | ||
|
||
nunjucks.configure({ autoescape }); | ||
return nunjucks.renderString(template, context); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Untested, blocked by:
It ended up not being necessary
This reverts commit 0e21bd1.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Status:
- implemented safer response mechanism
- added tests
- added sandbox mock/bypass for non-sandbox tests
- sandboxed JQ seems to work in MV2
- the JQ brick does not seem to work in MV3 still, due to unsafe-eval, potentially due to nunjucks
What's left?
- Do you have any ready-made JQ blueprints that you could run to ensure they actually work (in MV2)?
- I may have somehow broken
useUndo.test.ts
locally. On CI the tests silently fail altogether, Jest may be going in a loop somehow
* | ||
* Prior art: https://groups.google.com/a/chromium.org/g/chromium-extensions/c/IPJSfjNSgh8/m/Dh35-tZPAgAJ | ||
* Relevant discussion: https://github.com/w3c/webextensions/issues/78 | ||
*/ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Long comment FYI
No loom links were found in the first post. Please add one there if you'd like to it to appear on Slack. Do not edit this comment manually. |
I'm just running some tests for the sandbox:
I'm tempted to add postMessage support to the Messenger, but I'm afraid to make it even more complicated (including its semi-manual testing). I had done some work in: