niva icon indicating copy to clipboard operation
niva copied to clipboard
verified publisher icon bramblex

Feature Request: Add api permission control

Open SaekiRaku opened this issue 2 years ago • 1 comments

Public Niva api to window, especially Niva.api.fs, Niva.api.process.exec, etc. Is very dangerous when having XSS attack.

Please consider add api permission control (maybe like Deno Permissions) in niva.json or somewhere else, for those apps that never used api like Niva.api.fs.

Great project, thanks.

SaekiRaku avatar May 23 '23 12:05 SaekiRaku

API pression control and XSS protection will both be supported in version v1.0.0.

bramblex avatar May 25 '23 12:05 bramblex