jfmonty2/creddy
2
1
Fork 0
Code Issues Pull Requests Packages Projects Releases 12 Wiki Activity

restrictive CSP and tauri allowlist

Browse Source
This commit is contained in:
Joseph Montanaro 2023-05-01 09:05:46 -07:00
parent 55775b6b05
commit 886fcd9bb8
6 changed files with 9 additions and 248 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

244
src-tauri/Cargo.lock generated
View File

@ -89,8 +89,8 @@ dependencies = [
"serde_json",
"sodiumoxide",
"sqlx",
"strum 0.24.1",
"strum_macros 0.24.3",
"strum",
"strum_macros",
"sysinfo",
"tauri",
"tauri-build",
@ -225,22 +225,6 @@ dependencies = [
"num-traits",
]
[[package]]
name = "attohttpc"
version = "0.22.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1fcf00bc6d5abb29b5f97e3c61a90b6d3caa12f3faf897d4a3e3607c050a35a7"
dependencies = [
"flate2",
"http",
"log",
"native-tls",
"serde",
"serde_json",
"serde_urlencoded",
"url",
]
[[package]]
name = "auto-launch"
version = "0.4.0"
@ -978,17 +962,6 @@ dependencies = [
"syn 1.0.98",
]
[[package]]
name = "dbus"
version = "0.9.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "6f8bcdd56d2e5c4ed26a529c5a9029f5db8290d433497506f958eae3be148eb6"
dependencies = [
"libc",
"libdbus-sys",
"winapi",
]
[[package]]
name = "deflate"
version = "1.0.0"
@ -2090,15 +2063,6 @@ version = "0.2.142"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "6a987beff54b60ffa6d51982e1aa1146bc42f19bd26be28b0586f252fccf5317"
[[package]]
name = "libdbus-sys"
version = "0.2.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "c185b5b7ad900923ef3a8ff594083d4d9b5aea80bb4f32b8342363138c0d456b"
dependencies = [
"pkg-config",
]
[[package]]
name = "libloading"
version = "0.7.4"
@ -2187,19 +2151,6 @@ version = "0.1.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "c41e0c4fef86961ac6d6f8a82609f55f31b05e4fce149ac5710e439df7619ba4"
[[package]]
name = "mac-notification-sys"
version = "0.5.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "fff231a88fe2e9985f9d159a2f02986fe46daa0f6af976a0d934be4870cc9d02"
dependencies = [
"cc",
"dirs-next",
"objc-foundation",
"objc_id",
"time",
]
[[package]]
name = "malloc_buf"
version = "0.0.6"
@ -2289,24 +2240,6 @@ dependencies = [
"windows-sys 0.36.1",
]
[[package]]
name = "native-tls"
version = "0.2.10"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "fd7e2f3618557f980e0b17e8856252eee3c97fa12c54dff0ca290fb6266ca4a9"
dependencies = [
"lazy_static",
"libc",
"log",
"openssl",
"openssl-probe",
"openssl-sys",
"schannel",
"security-framework",
"security-framework-sys",
"tempfile",
]
[[package]]
name = "ndk"
version = "0.6.0"
@ -2383,17 +2316,6 @@ dependencies = [
"minimal-lexical",
]
[[package]]
name = "notify-rust"
version = "4.5.8"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a995a3d2834cefa389218e7a35156e8ce544bc95f836900da01ee0b26a07e9d4"
dependencies = [
"dbus",
"mac-notification-sys",
"winrt-notification",
]
[[package]]
name = "ntapi"
version = "0.4.0"
@ -2529,61 +2451,12 @@ version = "1.16.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "86f0b0d4bf799edbc74508c1e8bf170ff5f41238e5f8225603ca7caaae2b7860"
[[package]]
name = "open"
version = "3.0.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f23a407004a1033f53e93f9b45580d14de23928faad187384f891507c9b0c045"
dependencies = [
"pathdiff",
"windows-sys 0.36.1",
]
[[package]]
name = "openssl"
version = "0.10.41"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "618febf65336490dfcf20b73f885f5651a0c89c64c2d4a8c3662585a70bf5bd0"
dependencies = [
"bitflags",
"cfg-if",
"foreign-types",
"libc",
"once_cell",
"openssl-macros",
"openssl-sys",
]
[[package]]
name = "openssl-macros"
version = "0.1.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b501e44f11665960c7e7fcf062c7d96a14ade4aa98116c004b2e37b5be7d736c"
dependencies = [
"proc-macro2",
"quote",
"syn 1.0.98",
]
[[package]]
name = "openssl-probe"
version = "0.1.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ff011a302c396a5197692431fc1948019154afc178baf7d8e37367442a4601cf"
[[package]]
name = "openssl-sys"
version = "0.9.75"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e5f9bd0c2710541a3cda73d6f9ac4f1b240de4ae261065d309dbe73d9dceb42f"
dependencies = [
"autocfg",
"cc",
"libc",
"pkg-config",
"vcpkg",
]
[[package]]
name = "ordered-stream"
version = "0.0.1"
@ -2605,16 +2478,6 @@ dependencies = [
"winapi",
]
[[package]]
name = "os_pipe"
version = "1.0.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "2c92f2b54f081d635c77e7120862d48db8e91f7f21cef23ab1b4fe9971c59f55"
dependencies = [
"libc",
"winapi",
]
[[package]]
name = "outref"
version = "0.1.0"
@ -2706,12 +2569,6 @@ version = "1.0.7"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "0c520e05135d6e763148b6426a837e239041653ba7becd2e538c076c738025fc"
[[package]]
name = "pathdiff"
version = "0.2.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8835116a5c179084a830efb3adc117ab007512b535bc1a21c991d3b32a6b44dd"
[[package]]
name = "percent-encoding"
version = "2.2.0"
@ -3422,18 +3279,6 @@ dependencies = [
"syn 1.0.98",
]
[[package]]
name = "serde_urlencoded"
version = "0.7.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d3491c14715ca2294c4d6a88f15e84739788c1d030eed8c110436aafdaa2f3fd"
dependencies = [
"form_urlencoded",
"itoa 1.0.2",
"ryu",
"serde",
]
[[package]]
name = "serde_with"
version = "1.14.0"
@ -3523,16 +3368,6 @@ dependencies = [
"lazy_static",
]
[[package]]
name = "shared_child"
version = "1.0.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b0d94659ad3c2137fef23ae75b03d5241d633f8acded53d672decfa0e6e0caef"
dependencies = [
"libc",
"winapi",
]
[[package]]
name = "signal-hook-registry"
version = "1.4.0"
@ -3803,33 +3638,12 @@ version = "0.10.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "73473c0e59e6d5812c5dfe2a064a6444949f089e20eec9a2e5506596494e4623"
[[package]]
name = "strum"
version = "0.22.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f7ac893c7d471c8a21f31cfe213ec4f6d9afeed25537c772e08ef3f005f8729e"
dependencies = [
"strum_macros 0.22.0",
]
[[package]]
name = "strum"
version = "0.24.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "063e6045c0e62079840579a7e47a355ae92f60eb74daaf156fb1e84ba164e63f"
[[package]]
name = "strum_macros"
version = "0.22.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "339f799d8b549e3744c7ac7feb216383e4005d94bdb22561b3ab8f3b808ae9fb"
dependencies = [
"heck 0.3.3",
"proc-macro2",
"quote",
"syn 1.0.98",
]
[[package]]
name = "strum_macros"
version = "0.24.3"
@ -3978,7 +3792,6 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "fe7e0f1d535e7cbbbab43c82be4fc992b84f9156c16c160955617e0260ebc449"
dependencies = [
"anyhow",
"attohttpc",
"cocoa",
"dirs-next",
"embed_plist",
@ -3991,23 +3804,18 @@ dependencies = [
"heck 0.4.0",
"http",
"ignore",
"notify-rust",
"objc",
"once_cell",
"open",
"os_info",
"os_pipe",
"percent-encoding",
"rand 0.8.5",
"raw-window-handle",
"regex",
"rfd",
"semver 1.0.12",
"serde",
"serde_json",
"serde_repr",
"serialize-to-javascript",
"shared_child",
"state",
"tar",
"tauri-macros",
@ -4054,7 +3862,6 @@ dependencies = [
"png",
"proc-macro2",
"quote",
"regex",
"semver 1.0.12",
"serde",
"serde_json",
@ -4810,18 +4617,6 @@ version = "0.4.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f"
[[package]]
name = "windows"
version = "0.24.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a9f39345ae0c8ab072c0ac7fe8a8b411636aa34f89be19ddd0d9226544f13944"
dependencies = [
"windows_i686_gnu 0.24.0",
"windows_i686_msvc 0.24.0",
"windows_x86_64_gnu 0.24.0",
"windows_x86_64_msvc 0.24.0",
]
[[package]]
name = "windows"
version = "0.32.0"
@ -5018,12 +4813,6 @@ version = "0.48.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b2ef27e0d7bdfcfc7b868b317c1d32c641a6fe4629c171b8928c7b08d98d7cf3"
[[package]]
name = "windows_i686_gnu"
version = "0.24.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "c0866510a3eca9aed73a077490bbbf03e5eaac4e1fd70849d89539e5830501fd"
[[package]]
name = "windows_i686_gnu"
version = "0.32.0"
@ -5060,12 +4849,6 @@ version = "0.48.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "622a1962a7db830d6fd0a69683c80a18fda201879f0f447f065a3b7467daa241"
[[package]]
name = "windows_i686_msvc"
version = "0.24.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "bf0ffed56b7e9369a29078d2ab3aaeceea48eb58999d2cff3aa2494a275b95c6"
[[package]]
name = "windows_i686_msvc"
version = "0.32.0"
@ -5102,12 +4885,6 @@ version = "0.48.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "4542c6e364ce21bf45d69fdd2a8e455fa38d316158cfd43b3ac1c5b1b19f8e00"
[[package]]
name = "windows_x86_64_gnu"
version = "0.24.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "384a173630588044205a2993b6864a2f56e5a8c1e7668c07b93ec18cf4888dc4"
[[package]]
name = "windows_x86_64_gnu"
version = "0.32.0"
@ -5156,12 +4933,6 @@ version = "0.48.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "7896dbc1f41e08872e9d5e8f8baa8fdd2677f29468c4e156210174edc7f7b953"
[[package]]
name = "windows_x86_64_msvc"
version = "0.24.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "9bd8f062d8ca5446358159d79a90be12c543b3a965c847c8f3eedf14b321d399"
[[package]]
name = "windows_x86_64_msvc"
version = "0.32.0"
@ -5216,17 +4987,6 @@ dependencies = [
"toml",
]
[[package]]
name = "winrt-notification"
version = "0.5.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "007a0353840b23e0c6dc73e5b962ff58ed7f6bc9ceff3ce7fe6fbad8d496edf4"
dependencies = [
"strum 0.22.0",
"windows 0.24.0",
"xml-rs",
]
[[package]]
name = "wry"
version = "0.23.4"

2
src-tauri/Cargo.toml
View File

@ -17,7 +17,7 @@ tauri-build = { version = "1.0.4", features = [] }
[dependencies]
serde_json = "1.0"
serde = { version = "1.0", features = ["derive"] }
tauri = { version = "1.2", features = ["api-all", "dialog", "system-tray"] }
tauri = { version = "1.2", features = ["dialog", "os-all", "system-tray"] }
tauri-plugin-single-instance = { git = "https://github.com/tauri-apps/plugins-workspace", branch = "dev" }
sodiumoxide = "0.2.7"
tokio = { version = ">=1.19", features = ["full"] }

7
src-tauri/tauri.conf.json
View File

@ -12,7 +12,7 @@
},
"tauri": {
"allowlist": {
"all": true
"os": {"all": true}
},
"bundle": {
"active": true,
@ -48,7 +48,10 @@
}
},
"security": {
"csp": null
"csp": {
"default-src": ["'self'"],
"style-src": ["'self'", "'unsafe-inline'"]
}
},
"updater": {
"active": false

2
src/App.svelte
View File

@ -1,5 +1,5 @@
<script>
import { emit, listen } from '@tauri-apps/api/event';
import { listen } from '@tauri-apps/api/event';
import { invoke } from '@tauri-apps/api/tauri';
import { appState } from './lib/state.js';

1
src/views/ShowApproved.svelte
View File

@ -1,7 +1,6 @@
<script>
import { onMount } from 'svelte';
import { draw, fade } from 'svelte/transition';
import { emit } from '@tauri-apps/api/event';
import { invoke } from '@tauri-apps/api/tauri';
import { appState } from '../lib/state.js';

1
src/views/ShowDenied.svelte
View File

@ -1,7 +1,6 @@
<script>
import { onMount } from 'svelte';
import { draw, fade } from 'svelte/transition';
import { emit } from '@tauri-apps/api/event';
import { invoke } from '@tauri-apps/api/tauri';
import { appState } from '../lib/state.js';