From 2c75be7aa7e53d7be7f6126f8f7b50e1b365894e Mon Sep 17 00:00:00 2001 From: "Brandon H. Gomes" Date: Mon, 13 Dec 2021 14:41:06 -0500 Subject: [PATCH] feat: add unsafe CORS disable feature for dev --- Cargo.toml | 8 +- release.sh | 4 +- src/config.rs | 13 ++- src/service.rs | 8 +- ui/src-tauri/Cargo.lock | 187 ++++++++++++++++++++++++++-------------- ui/src-tauri/Cargo.toml | 5 +- 6 files changed, 142 insertions(+), 83 deletions(-) diff --git a/Cargo.toml b/Cargo.toml index 3814993d..0ae92f52 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -24,10 +24,14 @@ is-it-maintained-issue-resolution = { repository = "Manta-Network/manta-signer" is-it-maintained-open-issues = { repository = "Manta-Network/manta-signer" } maintenance = { status = "actively-developed" } +[features] +# Disable CORS Check +unsafe-disable-cors = [] + [dependencies] ark-serialize = { version = "0.3.0", default-features = false } async-std = { version = "1.10.0" } -bip0039 = { version = "0.9.0" } +bip0039 = { version = "0.10.0" } bip32 = { version = "0.2.2" } bs58 = { version = "0.4.0" } cocoon = { version = "0.3.0" } @@ -43,7 +47,7 @@ manta-data = { git = "https://github.com/Manta-Network/manta-types", branch = "m rand = { version = "0.8.4", default-features = false } rand_chacha = { version = "0.3.1", default-features = false } secrecy = { version = "0.8.0", default-features = false, features = ["alloc"] } -serde = { version = "1.0.130", default-features = false, features = ["derive"] } +serde = { version = "1.0.131", default-features = false, features = ["derive"] } serde_json = { version = "1.0.68", default-features = false } subtle = { version = "2.4.1" } tide = { version = "0.16.0" } diff --git a/release.sh b/release.sh index 04badf9d..077865ce 100755 --- a/release.sh +++ b/release.sh @@ -41,8 +41,8 @@ EOF # curl ... # mv *.bin ui -# cd ui -# cargo tauri build --bundle dmg deb msi +cd ui +cargo tauri build echo "release" diff --git a/src/config.rs b/src/config.rs index 2fea9c70..d71e596a 100644 --- a/src/config.rs +++ b/src/config.rs @@ -57,11 +57,8 @@ pub struct Config { /// Service URL pub service_url: String, - /// Dev origin URL - pub dev_origin_url: String, - - /// Prod origin URL - pub prod_origin_url: String, + /// Origin URL + pub origin_url: String, } impl Config { @@ -72,8 +69,10 @@ impl Config { root_seed_file: file(dirs_next::config_dir(), "root_seed.aes")?, proving_key_directory: directory(dirs_next::data_local_dir())?, service_url: String::from("http://127.0.0.1:29987"), - dev_origin_url: String::from("http://localhost:8000"), - prod_origin_url: String::from("https://app.dolphin.manta.network"), + #[cfg(feature = "unsafe-disable-cors")] + origin_url: String::from("*"), + #[cfg(not(feature = "unsafe-disable-cors"))] + origin_url: String::from("https://app.dolphin.manta.network"), }) } diff --git a/src/service.rs b/src/service.rs index 3d998756..0e9c5870 100644 --- a/src/service.rs +++ b/src/service.rs @@ -312,15 +312,9 @@ where /// Builds a new [`Service`] from `config` and `authorizer`. #[inline] pub fn build(config: Config, authorizer: A) -> Self { - // FIXME: This is not the best strategy for choosing which URL we want. - #[cfg(debug_assertions)] - let url = config.dev_origin_url.as_str(); - #[cfg(not(debug_assertions))] - let url = config.prod_origin_url.as_str(); - let cors = CorsMiddleware::new() .allow_methods("GET, POST".parse::().unwrap()) - .allow_origin(Origin::from(url)) + .allow_origin(Origin::from(config.origin_url.as_str())) .allow_credentials(false); let mut server = Server::with_state(State::new(config, authorizer)); server.with(cors); diff --git a/ui/src-tauri/Cargo.lock b/ui/src-tauri/Cargo.lock index 282d2722..591b4c4a 100644 --- a/ui/src-tauri/Cargo.lock +++ b/ui/src-tauri/Cargo.lock @@ -165,7 +165,7 @@ dependencies = [ "ark-std", "blake2", "derivative", - "digest", + "digest 0.9.0", "tracing", ] @@ -320,7 +320,7 @@ checksum = "1d6c2b318ee6e10f8c2853e73a83adc0ccb88995aa978d8a3408d492ab2ee671" dependencies = [ "ark-serialize-derive", "ark-std", - "digest", + "digest 0.9.0", ] [[package]] @@ -356,7 +356,7 @@ dependencies = [ "ark-serialize", "ark-std", "derivative", - "digest", + "digest 0.9.0", "rand_chacha 0.3.1", ] @@ -527,7 +527,7 @@ dependencies = [ "rand 0.7.3", "serde", "serde_json", - "sha2", + "sha2 0.9.8", ] [[package]] @@ -580,9 +580,9 @@ checksum = "e91831deabf0d6d7ec49552e489aed63b7456a7a3c46cff62adad428110b0af0" [[package]] name = "async-trait" -version = "0.1.51" +version = "0.1.52" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "44318e776df68115a881de9a8fd1b9e53368d7a4a5ce4cc48517da3393233a5e" +checksum = "061a7acccaa286c011ddc30970520b98fa40e00c9d644633fb26b5fc63a265e3" dependencies = [ "proc-macro2", "quote", @@ -678,14 +678,14 @@ dependencies = [ [[package]] name = "bip0039" -version = "0.9.0" +version = "0.10.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d0830ae4cc96b0617cc912970c2b17e89456fecbf55e8eed53a956f37ab50c41" +checksum = "2b71631eb4482b4222c906c9ceebe5540edfd3bd5f3e6d3be50793e20a2f331e" dependencies = [ - "hmac 0.11.0", - "pbkdf2 0.9.0", + "hmac 0.12.0", + "pbkdf2 0.10.0", "rand 0.8.4", - "sha2", + "sha2 0.10.0", "unicode-normalization", "zeroize", ] @@ -701,7 +701,7 @@ dependencies = [ "hmac 0.11.0", "k256", "ripemd160", - "sha2", + "sha2 0.9.8", "subtle", "zeroize", ] @@ -719,7 +719,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "0a4e37d16930f5459780f5621038b6382b9bb37c19016f39fb6b5808d831f174" dependencies = [ "crypto-mac 0.8.0", - "digest", + "digest 0.9.0", "opaque-debug", ] @@ -735,7 +735,7 @@ dependencies = [ "cfg-if 0.1.10", "constant_time_eq", "crypto-mac 0.8.0", - "digest", + "digest 0.9.0", ] [[package]] @@ -749,7 +749,7 @@ dependencies = [ "cc", "cfg-if 1.0.0", "constant_time_eq", - "digest", + "digest 0.9.0", "rayon", ] @@ -769,6 +769,15 @@ dependencies = [ "generic-array", ] +[[package]] +name = "block-buffer" +version = "0.10.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f1d36a02058e76b040de25a4464ba1c80935655595b661505c8b39b664828b95" +dependencies = [ + "generic-array", +] + [[package]] name = "block-padding" version = "0.2.1" @@ -795,7 +804,7 @@ version = "0.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "771fe0050b883fcc3ea2359b1a96bcfbc090b7116eae7c3c512c7a083fdf23d3" dependencies = [ - "sha2", + "sha2 0.9.8", ] [[package]] @@ -1030,7 +1039,7 @@ dependencies = [ "hmac 0.11.0", "pbkdf2 0.9.0", "rand 0.8.4", - "sha2", + "sha2 0.9.8", "zeroize", ] @@ -1104,7 +1113,7 @@ dependencies = [ "hmac 0.10.1", "percent-encoding", "rand 0.8.4", - "sha2", + "sha2 0.9.8", "time 0.2.27", "version_check", ] @@ -1271,6 +1280,15 @@ dependencies = [ "zeroize", ] +[[package]] +name = "crypto-common" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "567569e659735adb39ff2d4c20600f7cd78be5471f8c58ab162bce3c03fdbc5f" +dependencies = [ + "generic-array", +] + [[package]] name = "crypto-mac" version = "0.8.0" @@ -1369,7 +1387,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1c359b7249347e46fb28804470d071c921156ad62b3eef5d34e2ba867533dec8" dependencies = [ "byteorder", - "digest", + "digest 0.9.0", "rand_core 0.6.3", "subtle-ng", "zeroize", @@ -1479,6 +1497,18 @@ dependencies = [ "generic-array", ] +[[package]] +name = "digest" +version = "0.10.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8549e6bfdecd113b7e221fe60b433087f6957387a20f8118ebca9b12af19143d" +dependencies = [ + "block-buffer 0.10.0", + "crypto-common", + "generic-array", + "subtle", +] + [[package]] name = "dirs-next" version = "2.0.0" @@ -1579,9 +1609,9 @@ checksum = "53dd2e43a7d32952a6054141ee0d75183958620e84e5eab045de362dff13dc99" [[package]] name = "encoding_rs" -version = "0.8.29" +version = "0.8.30" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a74ea89a0a1b98f6332de42c95baff457ada66d1cb4030f9ff151b2041a1c746" +checksum = "7896dc8abb250ffdda33912550faa54c88ec8b998dec0b2c55ab224921ce11df" dependencies = [ "cfg-if 1.0.0", ] @@ -2154,9 +2184,9 @@ dependencies = [ [[package]] name = "h2" -version = "0.3.7" +version = "0.3.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7fd819562fcebdac5afc5c113c3ec36f902840b70fd4fc458799c8ce4607ae55" +checksum = "8f072413d126e57991455e0a922b31e4c8ba7c2ffbebf6b78b4f8521397d65cd" dependencies = [ "bytes", "fnv", @@ -2208,7 +2238,7 @@ dependencies = [ "once_cell", "pbkdf2 0.8.0", "rand_core 0.6.3", - "sha2", + "sha2 0.9.8", "zeroize", ] @@ -2218,7 +2248,7 @@ version = "0.10.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "51ab2f639c231793c5f6114bdb9bbe50a7dbbfcd7c7c6bd8475dec2d991e964f" dependencies = [ - "digest", + "digest 0.9.0", "hmac 0.10.1", ] @@ -2228,7 +2258,7 @@ version = "0.11.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "01706d578d5c281058480e673ae4086a9f4710d8df1ad80a5b03e39ece5f886b" dependencies = [ - "digest", + "digest 0.9.0", "hmac 0.11.0", ] @@ -2239,7 +2269,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "126888268dcc288495a26bf004b38c5fdbb31682f992c84ceb046a1f0fe38840" dependencies = [ "crypto-mac 0.8.0", - "digest", + "digest 0.9.0", ] [[package]] @@ -2249,7 +2279,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "c1441c6b1e930e2817404b5046f1f989899143a12bf92de603b69f4e0aee1e15" dependencies = [ "crypto-mac 0.10.1", - "digest", + "digest 0.9.0", ] [[package]] @@ -2259,7 +2289,16 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "2a2a2320eb7ec0ebe8da8f744d7812d9fc4cb4d09344ac01898dbcb6a20ae69b" dependencies = [ "crypto-mac 0.11.1", - "digest", + "digest 0.9.0", +] + +[[package]] +name = "hmac" +version = "0.12.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ddca131f3e7f2ce2df364b57949a9d47915cfbd35e46cfee355ccebbf794d6a2" +dependencies = [ + "digest 0.10.0", ] [[package]] @@ -2353,9 +2392,9 @@ checksum = "c4a1e36c821dbe04574f602848a19f742f4fb3c98d40449f11bcad18d6b17421" [[package]] name = "hyper" -version = "0.14.15" +version = "0.14.16" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "436ec0091e4f20e655156a30a0df3770fe2900aa301e548e08446ec794b6953c" +checksum = "b7ec3e62bdc98a2f0393a5048e4c30ef659440ea6e0e572965103e72bd836f55" dependencies = [ "bytes", "futures-channel", @@ -2495,9 +2534,9 @@ checksum = "68f2d64f2edebec4ce84ad108148e67e1064789bee435edc5b60ad398714a3a9" [[package]] name = "itertools" -version = "0.10.1" +version = "0.10.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "69ddb889f9d0d08a67338271fa9b62996bc788c7796a5c18cf057420aaed5eaf" +checksum = "a9a9d19fa1e79b6215ff29b9d6880b706147f16e9b1dbb1e4e5947b5b02bc5e3" dependencies = [ "either", ] @@ -2560,7 +2599,7 @@ dependencies = [ "cfg-if 1.0.0", "ecdsa", "elliptic-curve", - "sha2", + "sha2 0.9.8", "sha3", ] @@ -2599,9 +2638,9 @@ checksum = "e2abad23fbc42b3700f2f279844dc832adb2b2eb069b2df918f455c4e18cc646" [[package]] name = "libc" -version = "0.2.109" +version = "0.2.111" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f98a04dce437184842841303488f70d0188c5f51437d2a834dc097eafa909a01" +checksum = "8e167738f1866a7ec625567bae89ca0d44477232a4f7c52b1c7f2adc2c98804f" [[package]] name = "lock_api" @@ -2679,7 +2718,7 @@ dependencies = [ "parity-scale-codec", "rand 0.8.4", "rand_chacha 0.3.1", - "sha2", + "sha2 0.9.8", "zeroize", ] @@ -3116,9 +3155,9 @@ checksum = "28988d872ab76095a6e6ac88d99b54fd267702734fd7ffe610ca27f533ddb95a" [[package]] name = "openssl-sys" -version = "0.9.71" +version = "0.9.72" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7df13d165e607909b363a4757a6f133f8a818a74e9d3a98d09c6128e15fa4c73" +checksum = "7e46109c383602735fa0a2e48dd2b7c892b048e1bf69e5c3b1d804b7d9c203cb" dependencies = [ "autocfg", "cc", @@ -3241,8 +3280,17 @@ checksum = "f05894bce6a1ba4be299d0c5f29563e08af2bc18bb7d48313113bed71e904739" dependencies = [ "crypto-mac 0.11.1", "hmac 0.11.0", + "sha2 0.9.8", +] + +[[package]] +name = "pbkdf2" +version = "0.10.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a4628cc3cf953b82edcd3c1388c5715401420ce5524fedbab426bd5aba017434" +dependencies = [ + "digest 0.10.0", "password-hash", - "sha2", ] [[package]] @@ -3273,9 +3321,9 @@ dependencies = [ [[package]] name = "phf" -version = "0.10.0" +version = "0.10.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b9fc3db1018c4b59d7d582a739436478b6035138b6aecbce989fc91c3e98409f" +checksum = "fabbf1ead8a5bcbc20f5f8b939ee3f5b0f6f281b6ad3468b84656b658b455259" dependencies = [ "phf_macros 0.10.0", "phf_shared 0.10.0", @@ -3398,9 +3446,9 @@ checksum = "8b870d8c151b6f2fb93e84a13146138f05d02ed11c7e7c54f8826aaaf7c9f184" [[package]] name = "pkg-config" -version = "0.3.22" +version = "0.3.24" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "12295df4f294471248581bc09bef3c38a5e46f1e36d6a37353621a0c6c357e1f" +checksum = "58893f751c9b0412871a09abd62ecd2a00298c6c83befa223ef98c52aef40cbe" [[package]] name = "png" @@ -3536,9 +3584,9 @@ checksum = "dbf0c48bc1d91375ae5c3cd81e3722dff1abcf81a30960240640d223f59fe0e5" [[package]] name = "proc-macro2" -version = "1.0.32" +version = "1.0.33" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ba508cc11742c0dc5c1659771673afbab7a0efab23aa17e854cbab0837ed0b43" +checksum = "fb37d2df5df740e582f28f8560cf425f52bb267d872fe58358eadb554909f07a" dependencies = [ "unicode-xid", ] @@ -3806,8 +3854,8 @@ version = "0.9.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "2eca4ecc81b7f313189bf73ce724400a07da2a6dac19588b03c8bd76a2dcc251" dependencies = [ - "block-buffer", - "digest", + "block-buffer 0.9.0", + "digest 0.9.0", "opaque-debug", ] @@ -3846,15 +3894,15 @@ dependencies = [ [[package]] name = "rustversion" -version = "1.0.5" +version = "1.0.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "61b3909d758bb75c79f23d4736fac9433868679d3ad2ea7a61e3c25cfda9a088" +checksum = "f2cc38e8fa666e2de3c4aba7edeb5ffc5246c1c2ed0e3d17e560aeeba736b23f" [[package]] name = "ryu" -version = "1.0.6" +version = "1.0.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3c9613b5a66ab9ba26415184cfc41156594925a9cf3a2057e57f31ff145f6568" +checksum = "73b4b750c782965c211b42f022f59af1fbceabdd026623714f104152f1ec149f" [[package]] name = "same-file" @@ -3980,18 +4028,18 @@ dependencies = [ [[package]] name = "serde" -version = "1.0.130" +version = "1.0.131" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f12d06de37cf59146fbdecab66aa99f9fe4f78722e3607577a5375d66bd0c913" +checksum = "b4ad69dfbd3e45369132cc64e6748c2d65cdfb001a2b1c232d128b4ad60561c1" dependencies = [ "serde_derive", ] [[package]] name = "serde_derive" -version = "1.0.130" +version = "1.0.131" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d7bc1a1ab1961464eae040d96713baa5a724a8152c1222492465b54322ec508b" +checksum = "b710a83c4e0dff6a3d511946b95274ad9ca9e5d3ae497b63fda866ac955358d2" dependencies = [ "proc-macro2", "quote", @@ -4077,21 +4125,32 @@ version = "0.9.8" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "b69f9a4c9740d74c5baa3fd2e547f9525fa8088a8a958e0ca2409a514e33f5fa" dependencies = [ - "block-buffer", + "block-buffer 0.9.0", "cfg-if 1.0.0", "cpufeatures", - "digest", + "digest 0.9.0", "opaque-debug", ] +[[package]] +name = "sha2" +version = "0.10.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "900d964dd36bb15bcf2f2b35694c072feab74969a54f2bbeec7a2d725d2bdcb6" +dependencies = [ + "cfg-if 1.0.0", + "cpufeatures", + "digest 0.10.0", +] + [[package]] name = "sha3" version = "0.9.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f81199417d4e5de3f04b1e871023acea7389672c4135918f05aa9cbf2f2fa809" dependencies = [ - "block-buffer", - "digest", + "block-buffer 0.9.0", + "digest 0.9.0", "keccak", "opaque-debug", ] @@ -4107,9 +4166,9 @@ dependencies = [ [[package]] name = "signal-hook" -version = "0.3.10" +version = "0.3.12" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9c98891d737e271a2954825ef19e46bd16bdb98e2746f2eec4f7a4ef7946efd1" +checksum = "c35dfd12afb7828318348b8c408383cf5071a086c1d4ab1c0f9840ec92dbb922" dependencies = [ "libc", "signal-hook-registry", @@ -4130,7 +4189,7 @@ version = "1.3.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f2807892cfa58e081aa1f1111391c7a0649d4fa127a4ffbe34bcbfb35a1171a4" dependencies = [ - "digest", + "digest 0.9.0", "rand_core 0.6.3", ] @@ -4607,7 +4666,7 @@ checksum = "fcb9b79594f22b6ed0cc8362e0dfde5b7969962de3cd8ca683de702e59e8221b" dependencies = [ "html5ever", "kuchiki", - "phf 0.10.0", + "phf 0.10.1", "proc-macro2", "quote", "serde", diff --git a/ui/src-tauri/Cargo.toml b/ui/src-tauri/Cargo.toml index 8e19b6df..3c60b72e 100644 --- a/ui/src-tauri/Cargo.toml +++ b/ui/src-tauri/Cargo.toml @@ -31,10 +31,13 @@ default = ["custom-protocol"] # Tauri Custom Protocol Building Feature custom-protocol = ["tauri/custom-protocol"] +# Disable CORS Check +unsafe-disable-cors = ["manta-signer/unsafe-disable-cors"] + [dependencies] async-std = { version = "1.10.0" } manta-signer = { path = "../../" } -serde = { version = "1.0.130", features = ["derive"] } +serde = { version = "1.0.131", features = ["derive"] } tauri = { version = "1.0.0-beta.8", features = ["reqwest-client", "system-tray"] } [build-dependencies]