You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Now using Deno.emit to compile user submitted code that also gets executed could also pose a security issue when allowed to import any http resource. It would be nice if we could have a whitelist of domains that we can pass to the Deno.emit function to secure this.
It certainly is worth considering an allow list/block list for Deno.emit() for remote modules, as it might be used in a situation where there is more untrusted code than anticipated.
Now using Deno.emit to compile user submitted code that also gets executed could also pose a security issue when allowed to import any http resource. It would be nice if we could have a whitelist of domains that we can pass to the Deno.emit function to secure this.
Originally posted by @EliteScientist in denoland/deno#9866 (comment)
The text was updated successfully, but these errors were encountered: