language-tools icon indicating copy to clipboard operation
language-tools copied to clipboard

Published 20 hours ago verified publisher icon sveltejs

Code execution of .svelte file open

Open delamonpansie opened this issue 10 months ago • 2 comments

Describe the bug

A code is executed from vite.config.ts upon opening .svelte file. For example, opening file from non-trusted svelte source may perform unwanted changed to a filesystem: e.g. rm -rf $HOME. This is a surprising behavior in a default configuration.

Reproduction

#!/bin/sh
npx sv create --template minimal --types ts --no-add-ons --no-install baz
cd baz

cat > src/routes/+page.svelte <<EOF
<script lang="ts">
</script>

<form method="POST">
</form>

<style>
</style>
EOF

cat >> vite.config.ts <<EOF
import { writeFile } from "fs";
writeFile("/tmp/gotcha.txt", "", () => {});
process.exit(1);
EOF

npm i svelte-language-server
export PATH=$(pwd)/node_modules/.bin:$PATH # so emacs can find svelteserver

emacs src/routes/+page.svelte

ls -l /tmp/gotcha.txt # <<< file has been created

Expected behaviour

No code executed from a project on file open in a default configuration. If code execution is necessary for some features, it should be explicit opt-in.

System Info

npm:

[email protected] /tmp/baz
├── @sveltejs/[email protected]
├── @sveltejs/[email protected]
├── @sveltejs/[email protected]
├── [email protected]
├── [email protected]
├── [email protected]
├── [email protected]
└── [email protected]

emacs: 30.0.93 lsp-mode: 20250116.14

Which package is the issue about?

svelte-language-server

Additional Information, eg. Screenshots

No response

delamonpansie avatar Jan 20 '25 10:01 delamonpansie

Reading svelte.config.js, thus vite.config.ts, for preprocess setup is a core part of the svelte compiler diagnostic. So I am not sure if it's possible to make it opt-in without affecting most people. This also requires the language server client to provide a way to configure this opt-in since reading a config file has the same problem.

In VSCode, there is a "workspace trust" feature that svelte-language-server supports. The first time you open a directory it'll ask if trust the workspace. If you don't trust it, the supported extension can disable specific features.

The most possible solution I can think of is that you can hook into this "trust" feature on the language server side. You can pass in isTrusted in the initialization option for the svelte language server to "untrust" the workspace. https://github.com/sveltejs/language-tools/blob/9b44c6db9e20b0c6cd51a358a60313a5aa45edb3/packages/language-server/src/server.ts#L133

But I don't how and if it's possible to add this in emacs, Maybe https://emacs-lsp.github.io/lsp-mode/page/settings/mode/#lsp-before-initialize-hook?

jasonlyu123 avatar Jan 23 '25 04:01 jasonlyu123

Thanks, that is helpful! Though, it is surprising, that the default is "trusted". From security conscious point of view the default should be closed, not open.

Apparently, there is no builtin way of configuring out "trusted workspace" in emacs. Emacs does configure bunch of svelte-server setting: https://github.com/emacs-lsp/lsp-mode/blob/master/clients/lsp-svelte.el#L228 . Do you know what it the way for enabling isTrusted? I assume it is also a part of the initialization message?

delamonpansie avatar Jan 26 '25 05:01 delamonpansie