Add taintValue and taintShallowObject APIs

facebook · sebmarkbage · Oct 2, 2023 · Sep 27, 2023 · Sep 27, 2023 · Sep 28, 2023
commit 1710e076b57a6acb326e610511ff4f6da204c6e8
diff --git a/packages/react/src/ReactSharedInternalsClient.js b/packages/react/src/ReactSharedInternalsClient.js
@@ -11,8 +11,9 @@ import ReactCurrentBatchConfig from './ReactCurrentBatchConfig';
 import ReactCurrentActQueue from './ReactCurrentActQueue';
 import ReactCurrentOwner from './ReactCurrentOwner';
 import ReactDebugCurrentFrame from './ReactDebugCurrentFrame';
-import {enableServerContext} from 'shared/ReactFeatureFlags';
+import {enableServerContext, enableTaint} from 'shared/ReactFeatureFlags';
 import {ContextRegistry} from './ReactServerContextRegistry';
+import {TaintRegistry} from './ReactTaintRegistry';
 
 const ReactSharedInternals = {
   ReactCurrentDispatcher,
@@ -30,4 +31,8 @@ if (enableServerContext) {
   ReactSharedInternals.ContextRegistry = ContextRegistry;
 }
 
+if (enableTaint) {
+  ReactSharedInternals.TaintRegistry = TaintRegistry;
+}
+
 export default ReactSharedInternals;
diff --git a/packages/react/src/ReactSharedSubset.experimental.js b/packages/react/src/ReactSharedSubset.experimental.js
@@ -14,6 +14,12 @@ export {default as __SECRET_INTERNALS_DO_NOT_USE_OR_YOU_WILL_BE_FIRED} from './R
 
 export {default as __SECRET_SERVER_INTERNALS_DO_NOT_USE_OR_YOU_WILL_BE_FIRED} from './ReactServerSharedInternals';
 
+// These are server-only
+export {
+  taintValue as unstable_taintValue,
+  taintShallowObject as unstable_taintShallowObject,
+} from './ReactTaint';
+
 export {
   Children,
   Fragment,

diff --git a/packages/react/src/ReactTaint.js b/packages/react/src/ReactTaint.js
@@ -0,0 +1,88 @@
+/**
+ * Copyright (c) Meta Platforms, Inc. and affiliates.
+ *
+ * This source code is licensed under the MIT license found in the
+ * LICENSE file in the root directory of this source tree.
+ *
+ * @flow
+ */
+
+import {enableTaint} from 'shared/ReactFeatureFlags';
+import ReactSharedInternals from 'shared/ReactSharedInternals';
+
+const TaintRegistry = ReactSharedInternals.TaintRegistry;
+
+interface Reference {}
+
+const TypedArrayConstructor = Object.getPrototypeOf(Uint8Array.prototype);
+
+const defaultMessage =
+  'A tainted value was attempted to be serialized to a Client Component or Action closure. ' +
+  'This would leak it to the client.';
+
+export function taintValue(
+  message: ?string,
+  lifetime: Reference,
+  value: string | bigint | $ArrayBufferView,
+): void {
+  if (!enableTaint) {
+    throw new Error('Not implemented.');
+  }
+  // eslint-disable-next-line react-internal/safe-string-coercion
+  message = '' + (message || defaultMessage);
+  if (
+    lifetime === null ||
+    (typeof lifetime !== 'object' && typeof lifetime !== 'function')
+  ) {
+    throw new Error(
+      'To taint a value, a life time must be defined by passing an object that holds ' +
+        'the value.',
+    );
+  }
+  if (typeof value === 'string') {
+    return;
+  }
+  if (typeof value === 'bigint') {
+    return;
+  }
+  if (value instanceof TypedArrayConstructor) {
+    return;
+  }
+  if (value instanceof DataView) {
+    return;
+  }
+  const kind = value === null ? 'null' : typeof value;
+  if (kind === 'object' || kind === 'function') {
+    throw new Error(
+      'taintValue cannot taint objects or functions. Try taintShallowObject instead.',
+    );
+  }
+  throw new Error(
+    'Cannot taint a ' +
+      kind +
+      ' because the value is too general and cannot be ' +
+      'a secret by',
+  );
+}
+
+export function taintShallowObject(message: ?string, object: Reference): void {
+  if (!enableTaint) {
+    throw new Error('Not implemented.');
+  }
+  // eslint-disable-next-line react-internal/safe-string-coercion
+  message = '' + (message || defaultMessage);
+  if (typeof object === 'string' || typeof object === 'bigint') {
+    throw new Error(
+      'Only objects or functions can be passed to taintShallowObject. Try taintValue instead.',
+    );
+  }
+  if (
+    object === null ||
+    (typeof object !== 'object' && typeof object !== 'function')
+  ) {
+    throw new Error(
+      'Only objects or functions can be passed to taintShallowObject.',
+    );
+  }
+  // TODO
+}
diff --git a/packages/react/src/ReactTaintRegistry.js b/packages/react/src/ReactTaintRegistry.js
@@ -0,0 +1,10 @@
+/**
+ * Copyright (c) Meta Platforms, Inc. and affiliates.
+ *
+ * This source code is licensed under the MIT license found in the
+ * LICENSE file in the root directory of this source tree.
+ *
+ * @flow
+ */
+
+export const TaintRegistry: {} = {};
diff --git a/scripts/error-codes/codes.json b/scripts/error-codes/codes.json
@@ -477,5 +477,10 @@
   "489": "Expected to see a component of type \"%s\" in this slot. The tree doesn't match so React will fallback to client rendering.",
   "490": "Expected to see a Suspense boundary in this slot. The tree doesn't match so React will fallback to client rendering.",
   "491": "It should not be possible to postpone both at the root of an element as well as a slot below. This is a bug in React.",
-  "492": "The \"react\" package in this environment is not configured correctly. The \"react-server\" condition must be enabled in any environment that runs React Server Components."
+  "492": "The \"react\" package in this environment is not configured correctly. The \"react-server\" condition must be enabled in any environment that runs React Server Components.",
+  "493": "To taint a value, a life time must be defined by passing an object that holds the value.",
+  "494": "taintValue cannot taint objects or functions. Try taintShallowObject instead.",
+  "495": "Cannot taint a %s because the value is too general and cannot be a secret by",
+  "496": "Only objects or functions can be passed to taintShallowObject. Try taintValue instead.",
+  "497": "Only objects or functions can be passed to taintShallowObject."
 }