Skip to content

✨ feat(mq-lang): add http_get/http_post and write_file, gated by --allow-net/--allow-write#1974

Open
harehare wants to merge 6 commits into
mainfrom
feat/builtin-net-and-write-io
Open

✨ feat(mq-lang): add http_get/http_post and write_file, gated by --allow-net/--allow-write#1974
harehare wants to merge 6 commits into
mainfrom
feat/builtin-net-and-write-io

Conversation

@harehare

@harehare harehare commented Jul 5, 2026

Copy link
Copy Markdown
Owner

Summary

Adds network and filesystem-write capabilities that were previously
unavailable from mq queries. Both are disabled by default and require
an explicit opt-in flag, mirroring a Deno-style permission model:

  • --allow-net enables http_get(url)/http_post(url, body). Requests are
    HTTPS-only and routed through the same SSRF-hardened ureq agent used
    for HTTP module imports (no redirects, DNS results filtered to
    publicly routable addresses), so even an allowed request can't reach
    a loopback/private/link-local address.
  • --allow-write enables write_file(path, content), accepting either a
    string or bytes.

Permission state lives in a small process-wide capability module
rather than per-Engine, matching how the file-io Cargo feature already
gates read_file at compile time.

Also documents both flags in cli.md/README.md and adds a "Network and
File-Write Capabilities" section to modules_and_imports.md.

Close #1147

Type of Change

  • 🐛 Bug fix
  • ✨ New feature
  • ♻️ Refactor
  • 📝 Documentation
  • ⚡ Performance
  • ✅ Test
  • 📦 Build / dependencies
  • 👷 CI

Checklist

  • I ran cargo fmt and cargo clippy and addressed any warnings
  • I ran just test-all and all tests pass
  • I added or updated tests covering this change
  • I updated relevant documentation (/docs, crate README.md) if needed
  • I added a changelog entry if this is a user-facing change

Additional Context

harehare added 3 commits July 5, 2026 10:43
is_global_ip, SsrfSafeResolver, and the ureq agent construction were
split across http_import.rs and http_resolver.rs, both only used for
HTTP module imports. Moves them into a dedicated ssrf module so the
upcoming http_get/http_post builtins can reuse the same SSRF-hardened
agent (HTTPS-only, no redirects, DNS results filtered to public IPs)
instead of duplicating this security-sensitive logic.

No behavior change; test_is_global_ip moves with the function it tests.
…low-net/--allow-write

Adds network and filesystem-write capabilities that were previously
unavailable from mq queries. Both are disabled by default and require
an explicit opt-in flag, mirroring a Deno-style permission model:

- --allow-net enables http_get(url)/http_post(url, body). Requests are
  HTTPS-only and routed through the same SSRF-hardened ureq agent used
  for HTTP module imports (no redirects, DNS results filtered to
  publicly routable addresses), so even an allowed request can't reach
  a loopback/private/link-local address.
- --allow-write enables write_file(path, content), accepting either a
  string or bytes.

Permission state lives in a small process-wide capability module
rather than per-Engine, matching how the file-io Cargo feature already
gates read_file at compile time.

Also documents both flags in cli.md/README.md and adds a "Network and
File-Write Capabilities" section to modules_and_imports.md.
@harehare harehare force-pushed the feat/builtin-net-and-write-io branch from ace3c43 to 0b8f67b Compare July 5, 2026 01:52
@codspeed-hq

codspeed-hq Bot commented Jul 5, 2026

Copy link
Copy Markdown

Merging this PR will improve performance by 29.08%

⚠️ Different runtime environments detected

Some benchmarks with significant performance changes were compared across different runtime environments,
which may affect the accuracy of the results.

Open the report in CodSpeed to investigate

⚡ 1 improved benchmark
✅ 30 untouched benchmarks

Performance Changes

Benchmark BASE HEAD Efficiency
eval_macro_expansion_simple 127.3 µs 98.6 µs +29.08%

Tip

Curious why this is faster? Comment @codspeedbot explain why this is faster on this PR, or directly use the CodSpeed MCP with your agent.


Comparing feat/builtin-net-and-write-io (d31ef35) with main (9367593)1

Open in CodSpeed

Footnotes

  1. No successful run was found on main (562725c) during the generation of this report, so 9367593 was used instead as the comparison base. There might be some changes unrelated to this pull request in this report.

harehare added 3 commits July 5, 2026 10:57
…apse write_file arms

- Share url.starts_with("https://") via ssrf::is_https() instead of
  duplicating it in http.rs and http_resolver.rs
- Build the SSRF-safe ureq::Agent for http_get/http_post once and reuse
  it, instead of rebuilding on every call
- Collapse write_file_impl's String/Bytes match arms into one helper
…thod, url, body?) builtin

Replaces the two fixed-method builtins with a single native `http` function that
accepts any HTTP method as a string or symbol (e.g. "delete" or :delete), parsed
via http::Method so arbitrary/extension verbs work too. http_get/http_post remain
as thin builtin.mq prelude wrappers around http(:get, ...)/http(:post, ...) so no
ergonomics are lost. Updates mq-check type registrations and adds table-driven
tests covering method parsing and the net/HTTPS capability gates across methods.
Allow http(method, url, headers) / http(method, url, body, headers) so
callers can set request headers like Content-Type or Authorization.
Add http_put/http_patch/http_delete/http_head convenience wrappers
alongside the existing http_get/http_post, and give all six an
optional headers = {} parameter.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Implement Deno-style Permission System for Secure Execution

1 participant