refactoring, improving security

Author: marcomq

Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "tauri-plugin-python"
-version = "0.1.0"
+version = "0.2.0"
 authors = [ "Marco Mengelkoch" ]
 description = ""
 edition = "2021"

build.rs

@@ -12,7 +12,7 @@ const COMMANDS: &[&str] = &[
 
 fn main() {
     tauri_plugin::Builder::new(COMMANDS)
-        .global_api_script_path("dist-js/index.iife.js")
+        .global_api_script_path("./dist-js/index.iife.js")
         .android_path("android")
         .ios_path("ios")
         .build();

examples/plain-javascript/package.json

@@ -4,10 +4,6 @@
   "version": "0.1.0",
   "type": "module",
   "scripts": {
-    "mkdirJs": "node -e \"const fs = require('fs'); if (!fs.existsSync('src/tauri-plugin-python-api')) { fs.mkdirSync('src/tauri-plugin-python-api');};\"",
-    "copyJs": "node -e \"const fs = require('fs'); const data = fs.readFileSync('node_modules/tauri-plugin-python-api/dist-js/index.iife.js'); fs.writeFileSync('src/tauri-plugin-python-api/index.iife.js', data);\"",
-    "build": "npm run mkdirJs & npm run copyJs",
-    "pretauri": "npm run build",
     "tauri": "tauri"
   },
   "dependencies": {

examples/plain-javascript/src-tauri/src/lib.rs

@@ -8,7 +8,7 @@ fn greet_rust(name: &str) -> String {
 pub fn run() {
     tauri::Builder::default()
         .invoke_handler(tauri::generate_handler![greet_rust])
-        .plugin(tauri_plugin_python::init())
+        .plugin(tauri_plugin_python::init(vec!["greet_python"]))
         .run(tauri::generate_context!())
         .expect("error while running tauri application");
 }

examples/plain-javascript/src/index.html

@@ -6,7 +6,6 @@
     <meta name="viewport" content="width=device-width, initial-scale=1.0" />
     <title>Tauri App</title>
     <script type="module" src="/main.js" defer></script>
-    <script type="module" src="/tauri-plugin-python-api/index.iife.js" defer></script>
   </head>
 
   <body>

examples/plain-javascript/src/main.js

@@ -5,14 +5,14 @@ let outputEl;
 
 async function greet_rust() {
   // Learn more about Tauri commands at https://tauri.app/develop/calling-rust/
-  outputEl.textContent = await tauri.invoke("greet_rust", { name: inputField.value });
+  outputEl.textContent = await tauri.core.invoke("greet_rust", { name: inputField.value });
 }
 async function greet_python() {
   outputEl.textContent = await tauri.python.call.greet_python(inputField.value);
 }
 
 window.addEventListener("DOMContentLoaded", () => {
-  tauri.python.registerFunction("greet_python", 1);
+  tauri.python.registerJs("greet_python");
   inputField = document.querySelector("#input-field");
   outputEl = document.querySelector("#output-element");
   document.querySelector("#callback-form").addEventListener("submit", (e) => {

guest-js/index.ts

@@ -37,7 +37,7 @@ export async function registerFunction(
       numberOfArgs
     },
   }).then((r: any) => {
-    registerJsOnly(pythonFunctionCall, jsFunctionName);
+    registerJs(pythonFunctionCall, jsFunctionName);
     return r.value;
   });
 }
@@ -50,7 +50,7 @@ export async function registerFunction(
  *  @param {string} pythonFunctionCall - The python function call, can contain one dot
  *  @param {string} [jsFunctionName] - Name that is used in javscript: "call.jsFunctionName". Must not contain dots.
  */
-export async function registerJsOnly(pythonFunctionCall: string, jsFunctionName?: string) {
+export async function registerJs(pythonFunctionCall: string, jsFunctionName?: string) {
   if (jsFunctionName === undefined) {
     jsFunctionName = pythonFunctionCall.replace(".", "_");
   }

permissions/autogenerated/reference.md

@@ -2,7 +2,6 @@
 
 Default permissions for the plugin
 
-- `allow-register-function`
 - `allow-call-function`
 - `allow-read-variable`
 

permissions/default.toml

@@ -1,4 +1,5 @@
 [default]
 description = "Default permissions for the plugin"
-permissions = ["allow-register-function", "allow-call-function", "allow-read-variable"]
-# "allow-run-python" is not enabled by default for security reasons
+permissions = ["allow-call-function", "allow-read-variable"]
+# "allow-register-function" is disabled due to the "secure by default" concept. It can be enabled if the UI isn't exposed via network and secured against XSS sufficiently.
+# "allow-run-python" is also disabled as it allows to run random python code. It must not be enabled if the UI is exposed via network.

src/lib.rs

@@ -19,7 +19,6 @@ mod commands;
 mod error;
 mod models;
 mod py_lib;
-mod py_main_import;
 
 pub use error::{Error, Result};
 
@@ -40,7 +39,7 @@ impl<R: Runtime, T: Manager<R>> crate::PythonExt<R> for T {
 }
 
 /// Initializes the plugin.
-pub fn init<R: Runtime>() -> TauriPlugin<R> {
+pub fn init<R: Runtime>(python_functions: Vec<&'static str>) -> TauriPlugin<R> {
     Builder::new("python")
         .invoke_handler(tauri::generate_handler![
             commands::run_python,
@@ -54,6 +53,9 @@ pub fn init<R: Runtime>() -> TauriPlugin<R> {
             #[cfg(desktop)]
             let python = desktop::init(app, api)?;
             app.manage(python);
+            for function_name in python_functions {
+                py_lib::register_function_str(function_name.into(), None)?;
+            }
             Ok(())
         })
         .build()