policy: add dependencies map for redirect and whitelisting (!28767) · Merge requests · Rodrigo Test / Test Group-nodejs / node

Rodrigo Muino Tomonari requested to merge github/fork/bmeck/policy-dependencies into master Jul 19, 2019

Adds a "dependencies" field that will be used by policies to mark what can be loaded by a resource. Since this is per resource it is quite verbose, but I expect to formulate a follow on PR will something more similar to scopes in import maps to reduce the noise and make it more manageable. This PR is to assist in experimentation purposes and to ease out the UX.

Since policies are URL based, a tentative node: protocol was used that matches the ESM internals for whitelisting builtins directly (undocumented for now until builtins namespacing discussion is resolved).

Since all dependencies must be whitelisted, this effectively grants the ability to prevent loading certain builtins.

Checklist

make -j4 test (UNIX), or vcbuild test (Windows) passes
tests and/or benchmarks are included
documentation is changed or added
commit message follows commit guidelines

Admin message

Admin message

policy: add dependencies map for redirect and whitelisting

Checklist

Merge request reports