From a30ae5086004b5ac90d26f68a723193a956655cd Mon Sep 17 00:00:00 2001 From: Filip Skokan Date: Fri, 19 Apr 2024 06:02:01 -0700 Subject: [PATCH] cli: remove --no-experimental-global-webcrypto flag MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit PR-URL: https://github.com/nodejs/node/pull/52564 Reviewed-By: Yagiz Nizipli Reviewed-By: Moshe Atlow Reviewed-By: Matteo Collina Reviewed-By: Luigi Pinca Reviewed-By: Tobias Nießen Reviewed-By: Antoine du Hamel Reviewed-By: Benjamin Gruenbaum --- doc/api/cli.md | 10 ----- doc/api/globals.md | 22 ++++++----- doc/node.1 | 3 -- .../bootstrap/web/exposed-window-or-worker.js | 32 +++++++++++++++ lib/internal/crypto/webcrypto.js | 17 -------- lib/internal/main/eval_string.js | 4 +- lib/internal/process/pre_execution.js | 39 ------------------- src/node_options.cc | 6 +-- test/parallel/test-cli-eval.js | 6 --- .../parallel/test-global-webcrypto-disbled.js | 10 ----- ...rocess-env-allowed-flags-are-documented.js | 1 + 11 files changed, 48 insertions(+), 102 deletions(-) delete mode 100644 test/parallel/test-global-webcrypto-disbled.js diff --git a/doc/api/cli.md b/doc/api/cli.md index aea149ea15e..bc5113f0a2b 100644 --- a/doc/api/cli.md +++ b/doc/api/cli.md @@ -1388,14 +1388,6 @@ added: v21.2.0 Disable exposition of [Navigator API][] on the global scope. -### `--no-experimental-global-webcrypto` - - - -Disable exposition of [Web Crypto API][] on the global scope. - ### `--no-experimental-repl-await` -> Stability: 1 - Experimental. Disable this API with the -> [`--no-experimental-global-webcrypto`][] CLI flag. +> Stability: 2 - Stable. A browser-compatible implementation of {Crypto}. This global is available only if the Node.js binary was compiled with including support for the @@ -380,13 +382,15 @@ added: - v17.6.0 - v16.15.0 changes: + - version: REPLACEME + pr-url: https://github.com/nodejs/node/pull/52564 + description: No longer experimental. - version: v19.0.0 pr-url: https://github.com/nodejs/node/pull/42083 description: No longer behind `--experimental-global-webcrypto` CLI flag. --> -> Stability: 1 - Experimental. Disable this API with the -> [`--no-experimental-global-webcrypto`][] CLI flag. +> Stability: 2 - Stable. A browser-compatible implementation of the [Web Crypto API][]. @@ -397,13 +401,15 @@ added: - v17.6.0 - v16.15.0 changes: + - version: REPLACEME + pr-url: https://github.com/nodejs/node/pull/52564 + description: No longer experimental. - version: v19.0.0 pr-url: https://github.com/nodejs/node/pull/42083 description: No longer behind `--experimental-global-webcrypto` CLI flag. --> -> Stability: 1 - Experimental. Disable this API with the -> [`--no-experimental-global-webcrypto`][] CLI flag. +> Stability: 2 - Stable. A browser-compatible implementation of {CryptoKey}. This global is available only if the Node.js binary was compiled with including support for the @@ -981,8 +987,7 @@ changes: description: No longer behind `--experimental-global-webcrypto` CLI flag. --> -> Stability: 1 - Experimental. Disable this API with the -> [`--no-experimental-global-webcrypto`][] CLI flag. +> Stability: 2 - Stable. A browser-compatible implementation of {SubtleCrypto}. This global is available only if the Node.js binary was compiled with including support for the @@ -1147,7 +1152,6 @@ A browser-compatible implementation of [`WritableStreamDefaultWriter`][]. [Web Crypto API]: webcrypto.md [`--no-experimental-global-customevent`]: cli.md#--no-experimental-global-customevent [`--no-experimental-global-navigator`]: cli.md#--no-experimental-global-navigator -[`--no-experimental-global-webcrypto`]: cli.md#--no-experimental-global-webcrypto [`--no-experimental-websocket`]: cli.md#--no-experimental-websocket [`AbortController`]: https://developer.mozilla.org/en-US/docs/Web/API/AbortController [`ByteLengthQueuingStrategy`]: webstreams.md#class-bytelengthqueuingstrategy diff --git a/doc/node.1 b/doc/node.1 index b35743f757a..6637012d0a3 100644 --- a/doc/node.1 +++ b/doc/node.1 @@ -192,9 +192,6 @@ Disable experimental support for the WebSocket API. .It Fl -no-experimental-global-customevent Disable exposition of the CustomEvent on the global scope. . -.It Fl -no-experimental-global-webcrypto -Disable exposition of the Web Crypto API on the global scope. -. .It Fl -no-experimental-repl-await Disable top-level await keyword support in REPL. . diff --git a/lib/internal/bootstrap/web/exposed-window-or-worker.js b/lib/internal/bootstrap/web/exposed-window-or-worker.js index 82888b3cd95..6934fbdb436 100644 --- a/lib/internal/bootstrap/web/exposed-window-or-worker.js +++ b/lib/internal/bootstrap/web/exposed-window-or-worker.js @@ -11,6 +11,7 @@ const { globalThis, ObjectDefineProperty, + ObjectGetOwnPropertyDescriptor, } = primordials; const { @@ -20,6 +21,11 @@ const { exposeLazyInterfaces, } = require('internal/util'); +const { + ERR_INVALID_THIS, + ERR_NO_CRYPTO, +} = require('internal/errors').codes; + // https://html.spec.whatwg.org/multipage/webappapis.html#windoworworkerglobalscope const timers = require('timers'); defineOperation(globalThis, 'clearInterval', timers.clearInterval); @@ -89,3 +95,29 @@ exposeLazyInterfaces(globalThis, 'internal/deps/undici/undici', ['WebSocket']); internalBinding('wasm_web_api').setImplementation((streamState, source) => { require('internal/wasm_web_api').wasmStreamingCallback(streamState, source); }); + +// WebCryptoAPI +if (internalBinding('config').hasOpenSSL) { + defineReplaceableLazyAttribute( + globalThis, + 'internal/crypto/webcrypto', + ['crypto'], + false, + function cryptoThisCheck() { + if (this !== globalThis && this != null) + throw new ERR_INVALID_THIS( + 'nullish or must be the global object'); + }, + ); + exposeLazyInterfaces( + globalThis, 'internal/crypto/webcrypto', + ['Crypto', 'CryptoKey', 'SubtleCrypto'], + ); +} else { + ObjectDefineProperty(globalThis, 'crypto', + { __proto__: null, ...ObjectGetOwnPropertyDescriptor({ + get crypto() { + throw new ERR_NO_CRYPTO(); + }, + }, 'crypto') }); +} diff --git a/lib/internal/crypto/webcrypto.js b/lib/internal/crypto/webcrypto.js index aaf46ce03dd..592c285d3ca 100644 --- a/lib/internal/crypto/webcrypto.js +++ b/lib/internal/crypto/webcrypto.js @@ -5,7 +5,6 @@ const { JSONParse, JSONStringify, ObjectDefineProperties, - ObjectDefineProperty, ReflectApply, ReflectConstruct, SafeSet, @@ -21,10 +20,6 @@ const { kWebCryptoCipherDecrypt, } = internalBinding('crypto'); -const { - getOptionValue, -} = require('internal/options'); - const { TextDecoder, TextEncoder } = require('internal/encoding'); const { @@ -1025,18 +1020,6 @@ ObjectDefineProperties( }, }); -if (getOptionValue('--no-experimental-global-webcrypto')) { - // For backward compatibility, keep exposing CryptoKey in the Crypto prototype - // when using the flag. - ObjectDefineProperty(Crypto.prototype, 'CryptoKey', { - __proto__: null, - enumerable: true, - configurable: true, - writable: true, - value: CryptoKey, - }); -} - ObjectDefineProperties( SubtleCrypto.prototype, { [SymbolToStringTag]: { diff --git a/lib/internal/main/eval_string.js b/lib/internal/main/eval_string.js index 1125aa8d98e..1ac713a35fa 100644 --- a/lib/internal/main/eval_string.js +++ b/lib/internal/main/eval_string.js @@ -31,9 +31,7 @@ if (getOptionValue('--input-type') === 'module' || } else { // For backward compatibility, we want the identifier crypto to be the // `node:crypto` module rather than WebCrypto. - const isUsingCryptoIdentifier = - getOptionValue('--experimental-global-webcrypto') && - RegExpPrototypeExec(/\bcrypto\b/, source) !== null; + const isUsingCryptoIdentifier = RegExpPrototypeExec(/\bcrypto\b/, source) !== null; const shouldDefineCrypto = isUsingCryptoIdentifier && internalBinding('config').hasOpenSSL; if (isUsingCryptoIdentifier && !shouldDefineCrypto) { diff --git a/lib/internal/process/pre_execution.js b/lib/internal/process/pre_execution.js index c4e39798f29..2c7d9114f1a 100644 --- a/lib/internal/process/pre_execution.js +++ b/lib/internal/process/pre_execution.js @@ -12,7 +12,6 @@ const { NumberParseInt, ObjectDefineProperty, ObjectFreeze, - ObjectGetOwnPropertyDescriptor, SafeMap, String, StringPrototypeStartsWith, @@ -36,9 +35,7 @@ const { } = require('internal/util'); const { - ERR_INVALID_THIS, ERR_MANIFEST_ASSERT_INTEGRITY, - ERR_NO_CRYPTO, ERR_MISSING_OPTION, ERR_ACCESS_DENIED, } = require('internal/errors').codes; @@ -107,7 +104,6 @@ function prepareExecution(options) { setupNavigator(); setupWarningHandler(); setupUndici(); - setupWebCrypto(); setupCustomEvent(); setupCodeCoverage(); setupDebugEnv(); @@ -341,41 +337,6 @@ function setupNavigator() { defineReplaceableLazyAttribute(globalThis, 'internal/navigator', ['navigator'], false); } -// TODO(aduh95): move this to internal/bootstrap/web/* when the CLI flag is -// removed. -function setupWebCrypto() { - if (getEmbedderOptions().noBrowserGlobals || - getOptionValue('--no-experimental-global-webcrypto')) { - return; - } - - if (internalBinding('config').hasOpenSSL) { - defineReplaceableLazyAttribute( - globalThis, - 'internal/crypto/webcrypto', - ['crypto'], - false, - function cryptoThisCheck() { - if (this !== globalThis && this != null) - throw new ERR_INVALID_THIS( - 'nullish or must be the global object'); - }, - ); - exposeLazyInterfaces( - globalThis, 'internal/crypto/webcrypto', - ['Crypto', 'CryptoKey', 'SubtleCrypto'], - ); - } else { - ObjectDefineProperty(globalThis, 'crypto', - { __proto__: null, ...ObjectGetOwnPropertyDescriptor({ - get crypto() { - throw new ERR_NO_CRYPTO(); - }, - }, 'crypto') }); - - } -} - function setupCodeCoverage() { // Resolve the coverage directory to an absolute path, and // overwrite process.env so that the original path gets passed diff --git a/src/node_options.cc b/src/node_options.cc index 45eab7f264e..ba347328efc 100644 --- a/src/node_options.cc +++ b/src/node_options.cc @@ -416,11 +416,7 @@ EnvironmentOptionsParser::EnvironmentOptionsParser() { &EnvironmentOptions::experimental_global_navigator, kAllowedInEnvvar, true); - AddOption("--experimental-global-webcrypto", - "expose experimental Web Crypto API on the global scope", - &EnvironmentOptions::experimental_global_web_crypto, - kAllowedInEnvvar, - true); + AddOption("--experimental-global-webcrypto", "", NoOp{}, kAllowedInEnvvar); AddOption("--experimental-json-modules", "", NoOp{}, kAllowedInEnvvar); AddOption("--experimental-loader", "use the specified module as a custom loader", diff --git a/test/parallel/test-cli-eval.js b/test/parallel/test-cli-eval.js index b993dd47414..9fa1bbce35a 100644 --- a/test/parallel/test-cli-eval.js +++ b/test/parallel/test-cli-eval.js @@ -348,12 +348,6 @@ child.exec( common.mustSucceed((stdout) => { assert.match(stdout, /^number/); })); -child.exec( - `${nodejs} --no-experimental-global-webcrypto ` + - '-p "var crypto = {randomBytes:1};typeof crypto.randomBytes"', - common.mustSucceed((stdout) => { - assert.match(stdout, /^number/); - })); // Regression test for https://github.com/nodejs/node/issues/45336 child.execFile(process.execPath, diff --git a/test/parallel/test-global-webcrypto-disbled.js b/test/parallel/test-global-webcrypto-disbled.js deleted file mode 100644 index ebbb4afa9a0..00000000000 --- a/test/parallel/test-global-webcrypto-disbled.js +++ /dev/null @@ -1,10 +0,0 @@ -// Flags: --no-experimental-global-webcrypto -'use strict'; - -require('../common'); -const assert = require('assert'); - -assert.strictEqual(typeof crypto, 'undefined'); -assert.strictEqual(typeof Crypto, 'undefined'); -assert.strictEqual(typeof CryptoKey, 'undefined'); -assert.strictEqual(typeof SubtleCrypto, 'undefined'); diff --git a/test/parallel/test-process-env-allowed-flags-are-documented.js b/test/parallel/test-process-env-allowed-flags-are-documented.js index 2746fdfc086..3a40e30aa0f 100644 --- a/test/parallel/test-process-env-allowed-flags-are-documented.js +++ b/test/parallel/test-process-env-allowed-flags-are-documented.js @@ -99,6 +99,7 @@ const undocumented = difference(process.allowedNodeEnvironmentFlags, assert(undocumented.delete('--debug-arraybuffer-allocations')); assert(undocumented.delete('--no-debug-arraybuffer-allocations')); assert(undocumented.delete('--es-module-specifier-resolution')); +assert(undocumented.delete('--experimental-global-webcrypto')); assert(undocumented.delete('--experimental-report')); assert(undocumented.delete('--experimental-worker')); assert(undocumented.delete('--node-snapshot'));