validation: flag illegal keywords
All checks were successful
continuous-integration/drone/push Build is passing

This commit is contained in:
Quaternions 2024-12-21 21:08:03 -08:00
parent ca846972c1
commit a45b4f2f0c

View File

@ -17,9 +17,14 @@ struct NamePolicy{
policy:Policy, policy:Policy,
} }
fn source_has_illegal_keywords(source:&str)->bool{
source.find("getfenv").is_some()||source.find("require").is_some()
}
#[allow(dead_code)] #[allow(dead_code)]
#[derive(Debug)] #[derive(Debug)]
pub enum ValidateError{ pub enum ValidateError{
Flagged,
Blocked, Blocked,
NotAllowed, NotAllowed,
Get(rbx_asset::cookie::GetError), Get(rbx_asset::cookie::GetError),
@ -96,6 +101,13 @@ impl Validator{
for &script_ref in &script_refs{ for &script_ref in &script_refs{
if let Some(script)=dom.get_by_ref(script_ref){ if let Some(script)=dom.get_by_ref(script_ref){
if let Some(rbx_dom_weak::types::Variant::String(source))=script.properties.get("Source"){ if let Some(rbx_dom_weak::types::Variant::String(source))=script.properties.get("Source"){
// check the source for illegal keywords
if source_has_illegal_keywords(source){
// immediately abort
return Err(ValidateError::Flagged);
}
// associate a name and policy with the source code
// policy will be fetched from the database to replace the default policy
script_map.insert(source.clone(),NamePolicy{ script_map.insert(source.clone(),NamePolicy{
name:script.name.clone(), name:script.name.clone(),
policy:Policy::None, policy:Policy::None,