Feature #73
[Roadmap 6] Implement a permissions system
50%
Description
This seems to be a common component of several security- and feature-related powers now. It probably deserves a standardized interface in order to reduce the burden of adding or removing various permissions in the future.
Please share your thoughts.
Related issues
History
Updated by jahoti 9 months ago
Could potentially draw from or just use https://jshelter.org/ alongside Haketilo (still experimental).
Updated by koszko 9 months ago
If JSHelter turns out to be able to also work properly on sites modified by Hachette, running it in parallel would be the least problematic approach.
As to otherwise drawing from it... It might be an option, although it'll still require a serious bit of work. I personally don't consider this1 a priority as long as the scripts we're providing are somewhat trusted
-
By "this" I mean security mechanisms like those in JSHelter. Permissions for CORS bypassing are still needed ↩
Updated by jahoti 9 months ago
As to otherwise drawing from it... It might be an option, although it'll still require a serious bit of work. I personally don't consider this1 a priority as long as the scripts we're providing are somewhat trusted
It definitely isn't at this stage, or possibly even into the future; I just wanted to make sure I didn't forget the idea.
Ideally there won't be any interference between the two and, as you note, we can have many of the benefits for no work!
Updated by koszko 4 months ago
- Blocked by Feature #88: [Roadmap 6][Milestone] Allow payloads to also specify CSP rules that should be used instead of the original ones served by page added
Updated by koszko about 2 months ago
- Blocks Site script request/donation #114: [script donation] codeforces.com added
Updated by koszko 6 days ago
- Blocked by deleted (Feature #88: [Roadmap 6][Milestone] Allow payloads to also specify CSP rules that should be used instead of the original ones served by page)