The cleaning process happens in the end method of process, after cmd.Wait.
Deleting it early while the cmd is still running is causing issues for
security tools.
Move the assignment of p.path along with its comment to happen earlier,
after the temporary directory is created. It clarifies that the lack of
call to os.RemoveAll is not a mistake.
Fixesgolang/go#40902
Change-Id: I0e555c58893c64a0de5880a5e12e6ff2e01b1eec
Reviewed-on: https://go-review.googlesource.com/c/tools/+/249777
Run-TryBot: Dmitri Shuralyov <dmitshur@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Dmitri Shuralyov <dmitshur@golang.org>
Reviewed-by: Alexander Rakoczy <alex@golang.org>
With modern versions of App Engine, it's no longer needed to use the
google.golang.org/appengine/... packages.
Package log from standard library can be used instead of the
google.golang.org/appengine/log package. Packages net/http and
context from standard library can be used instead of
google.golang.org/appengine/urlfetch.
This simplifies the code and reduces the number of dependences.
Start using the golangorgenv package from previous commit to
make the decision of whether to enforce sharing restrictions,
rather than relying on the appengine build tag. The appengine
build tag is no longer set in App Engine Standard with Go 1.11+
runtime. An alternative solution would be detect App Engine by
doing something like:
// GAE_ENV environment variable is set to "standard" in App Engine environment, Go 1.11 runtime.
// See https://cloud.google.com/appengine/docs/standard/go111/runtime#environment_variables.
var onAppengine = os.Getenv("GAE_ENV") == "standard"
But we choose to upgrade to explicit app-scoped environment variable
configuration as part of this change. It provides better security
properties, and the value of adding an intermediate transitional step
is not high enough to justify doing it.
When getting the value of "X-AppEngine-Country" header, use its
canonical format "X-Appengine-Country" to avoid an allocation.
This does not change behavior.
Run go mod tidy (using Go 1.12).
Updates golang/go#29981
Updates golang/go#30486
Change-Id: I82a59e0f28623e06762b7ebdf3930b5ee243acda
Reviewed-on: https://go-review.googlesource.com/c/tools/+/160837
Reviewed-by: Michael Matloob <matloob@golang.org>
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Calling golang.org/{compile|share} just forwards it to
play.golang.org/{compile|share}. Avoid the extra jump for the
request.
Change-Id: I95e8e79fe4623346663d0c11204f196c75716177
Reviewed-on: https://go-review.googlesource.com/c/140839
Reviewed-by: Dmitri Shuralyov <dmitshur@golang.org>
Currently, when a POST request is made using code with build tag
+build !appengine it doesn't set the content-type header passed
to the function. This was breaking the case where a url-encoded
body (a code snippet's body and protocol version) was being POSTed
to golang.org/compile since it never set the content-type of the
request and the corresponding form values parsed out were empty as
a result.
Update golang/go#28080
Change-Id: I677ca01b2f5aecedbd13d1faa7a838ddc0199244
Reviewed-on: https://go-review.googlesource.com/c/140838
Run-TryBot: Andrew Bonventre <andybons@golang.org>
Reviewed-by: Dmitri Shuralyov <dmitshur@golang.org>
The default timeout for urlfetch requests on App Engine Classic is
5 seconds. Sometimes the requests can take longer, so increase it to
the maximum value of 60 seconds. The playground has its own timeout for
running code so there's no need to impose a second level of protection.
Also cleans up the code to remove old appenginevm code and use the
correct imports.
Change-Id: I15da96e5ba70fb008bf821f4609f431847662223
Reviewed-on: https://go-review.googlesource.com/129395
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Run-TryBot: Andrew Bonventre <andybons@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
The baseURL is used to construct the target URLs for both /compile
and /share. When I changed it recently, I forgot about the latter case.
Change-Id: Icde617b1cc3d31d98ca4b62e313b9d886253f1cc
Reviewed-on: https://go-review.googlesource.com/22689
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Not sure why this was originally going via the playground. It needn't.
Change-Id: I40b5886a56ba4b941ff74f4bc325625412d7eaff
Reviewed-on: https://go-review.googlesource.com/22497
Reviewed-by: Andrew Gerrand <adg@golang.org>
Use time.After to avoid the finnicky antics of
correctly resetting a time.Timer.
Fixesgolang/go#13749
Change-Id: I3f1ed17a31d981996e2bb7a8155c3ba0ec723c7d
Reviewed-on: https://go-review.googlesource.com/19942
Reviewed-by: Dmitry Vyukov <dvyukov@google.com>
These codes were initially included because of a miscommunication.
They should not be in the list at all.
Fixesgolang/go#12747
Change-Id: I1a53e9c7be8edf5e1dbb95cd03101b93023a12c1
Reviewed-on: https://go-review.googlesource.com/15082
Reviewed-by: Andrew Gerrand <adg@golang.org>
This will permit us to serve *.golang.org to Chinese users.
Change-Id: If184760d7f4c9e49a3df3785c15af770958413de
Reviewed-on: https://go-review.googlesource.com/14190
Reviewed-by: Jason Buberel <jbuberel@google.com>
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
This doesn't fix the race; doing that would require a bit of a redesign.
Since GopherCon is this week, just put in this stop-gap measure for now.
Update golang/go#11534
Change-Id: Ied6c5dd52778534a7a08b5ba3fa15c0352a65646
Reviewed-on: https://go-review.googlesource.com/11886
Reviewed-by: Josh Bleecher Snyder <josharian@gmail.com>
Rewrite performed with this command:
sed -i '' 's_code.google.com/p/go\._golang.org/x/_g' \
$(grep -lr 'code.google.com/p/go.' *)
LGTM=rsc
R=rsc
CC=golang-codereviews
https://golang.org/cl/170920043
This logs all successful handshakes and all requests to run code snippets;
it is not immediately obvious how to limit this to non-localhost hosts, or
to instances where publicly available playgrounds are allowed without resorting
to addition of a new global. The level of noise on the log should not be too
great.
LGTM=adg
R=adg
CC=golang-codereviews
https://golang.org/cl/112850043
Also fixes the following nits;
- literal IPv6 address handling
- URL host component handling in the case of a wildcard listen
- URL port component handling in the case of no port component in origin
Fixesgolang/go#8096.
LGTM=dan.kortschak, adg
R=adg, golang-codereviews, dan.kortschak
CC=golang-codereviews
https://golang.org/cl/102770046
This change allows code to be sent safely to a partially sandboxed playground using the Native Client environment.
Execution of non-Go code is blocked when the RunScripts is false to prevent inclusion of code that might escape by virtue of being under a different runtime environment.
Two options for communicating whether to prevent non-Go code were considered: as has been done here and alternatively, using a message field. The latter was not chosen to close that as an attack option.
Another will be follow that adds a -nacl flag to the present command to allow sandboxing of playground code in presentations.
See discussion here: https://groups.google.com/d/topic/golang-dev/Hy-7PBP-T4Q/
LGTM=adg
R=adg, dave
CC=golang-codereviews
https://golang.org/cl/74740045