Project

General

Profile

Feature #73

[Roadmap 6] Implement a permissions system

Added by jahoti about 2 years ago. Updated about 1 year ago.

Status:
New
Priority:
Normal
Assignee:
-
Start date:
08/02/2021
Due date:
% Done:

50%

Estimated time:

Description

This seems to be a common component of several security- and feature-related powers now. It probably deserves a standardized interface in order to reduce the burden of adding or removing various permissions in the future.

Please share your thoughts.

Roadmap

Related issues

Blocks Site fixes - Site script request/donation #114: [script donation] codeforces.comNew03/04/2022

Actions

History

#1

Updated by jahoti almost 2 years ago

Could potentially draw from or just use https://jshelter.org/ alongside Haketilo (still experimental).

#2

Updated by koszko almost 2 years ago

If JSHelter turns out to be able to also work properly on sites modified by Hachette, running it in parallel would be the least problematic approach.

As to otherwise drawing from it... It might be an option, although it'll still require a serious bit of work. I personally don't consider this1 a priority as long as the scripts we're providing are somewhat trusted

  1. By "this" I mean security mechanisms like those in JSHelter. Permissions for CORS bypassing are still needed 

#3

Updated by jahoti almost 2 years ago

As to otherwise drawing from it... It might be an option, although it'll still require a serious bit of work. I personally don't consider this1 a priority as long as the scripts we're providing are somewhat trusted

It definitely isn't at this stage, or possibly even into the future; I just wanted to make sure I didn't forget the idea.

Ideally there won't be any interference between the two and, as you note, we can have many of the benefits for no work!

#4

Updated by koszko over 1 year ago

  • Subject changed from Implement a permissions system to [Roadmap 6] Implement a permissions system
  • Description updated (diff)
  • Parent task deleted (#71)
#5

Updated by koszko over 1 year ago

  • Blocked by Feature #88: [Roadmap 6][Milestone] Allow payloads to also specify CSP rules that should be used instead of the original ones served by page added
#6

Updated by koszko over 1 year ago

#7

Updated by koszko about 1 year ago

  • % Done changed from 0 to 50

This is now part of Hydrilla (with just 2 kinds of permissions now). Haketilo will gain support for this in 3.0.

#8

Updated by koszko about 1 year ago

  • Blocked by deleted (Feature #88: [Roadmap 6][Milestone] Allow payloads to also specify CSP rules that should be used instead of the original ones served by page)

Also available in: Atom PDF