feat(security): RQ-2426 — Developer Script Mode preference#363
feat(security): RQ-2426 — Developer Script Mode preference#363dinex-dev wants to merge 1 commit into
Conversation
…ring Adds the desktop `devScriptMode` user preference and threads it into the proxy so "code" rules run sandboxed by default, with an opt-in full-access dev mode. - userPreference schema/types + GET/UPDATE_DEV_SCRIPT_MODE actions (fail-safe: only an explicit boolean/"true" enables it). - getDevScriptMode() → threaded into proxyConfig in startProxyServer. - storage-cache applies it live on the running proxy (no restart), mirroring allowInsecureCerts. Pairs with requestly-proxy RQ-2426 (safe/dev modes) and the interceptor web toggle. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
WalkthroughAdds a boolean Estimated code review effort: 3 (Moderate) | ~20 minutes Possibly related PRs
🚥 Pre-merge checks | ✅ 4 | ❌ 1❌ Failed checks (1 warning)
✅ Passed checks (4 passed)
✨ Finishing Touches📝 Generate docstrings
🧪 Generate unit tests (beta)
Warning There were issues while running some tools. Please review the errors and either fix the tool's configuration or disable the tool if it's a critical failure. 🔧 ESLint
ESLint install timed out. The project may have too many dependencies for the sandbox. Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
There was a problem hiding this comment.
Actionable comments posted: 1
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In `@src/renderer/services/storage-cache.ts`:
- Around line 49-56: Update the live preference application flow around
appliedLive, setAllowInsecureCerts, and setDevScriptMode so appliedLive is true
only when both methods exist and complete successfully. If either method is
unavailable or throws, preserve the false state so the fallback proxy restart is
triggered.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Organization UI
Review profile: CHILL
Plan: Pro
Run ID: 812af10c-d9cd-4432-b088-c4ed6dc5e9b9
📒 Files selected for processing (7)
src/lib/storage/action-processors/user-preference.tssrc/lib/storage/schemas/userPreferenceSchema.tssrc/lib/storage/types/action-types.tssrc/lib/storage/types/user-preference.tssrc/renderer/actions/proxy/startProxyServer.tssrc/renderer/actions/storage/cacheUtils.tssrc/renderer/services/storage-cache.ts
| // RQ-2426: apply the DEV script-mode toggle live on the running proxy too. | ||
| // Only an explicit `true` enables it (full host access); anything else is | ||
| // the safe sandbox. | ||
| if (rqProxy?.setDevScriptMode) { | ||
| rqProxy.setDevScriptMode(newUserPreferences?.devScriptMode === true); | ||
| } | ||
| } catch (e) { | ||
| console.log("Failed to apply allowInsecureCerts live", e); | ||
| console.log("Failed to apply allowInsecureCerts/devScriptMode live", e); |
There was a problem hiding this comment.
🎯 Functional Correctness | 🟠 Major | ⚡ Quick win
Ensure the fallback restart triggers if setDevScriptMode is unavailable.
Currently, appliedLive is set to true when setAllowInsecureCerts is present, regardless of whether setDevScriptMode exists. If an older proxy build has setAllowInsecureCerts but lacks setDevScriptMode, appliedLive will still evaluate to true, preventing the fallback proxy restart. This will cause the devScriptMode preference change to be silently ignored until the proxy restarts naturally.
To guarantee that the proxy restarts when any live update fails, appliedLive should only be true if both methods are available and applied successfully.
🐛 Proposed fix
- let appliedLive = false;
+ let appliedLive = true;
try {
const rqProxy: any = RQProxyProvider.getInstance();
if (rqProxy?.setAllowInsecureCerts) {
rqProxy.setAllowInsecureCerts(!!newUserPreferences?.allowInsecureCerts);
- appliedLive = true;
+ } else {
+ appliedLive = false;
}
// RQ-2426: apply the DEV script-mode toggle live on the running proxy too.
// Only an explicit `true` enables it (full host access); anything else is
// the safe sandbox.
if (rqProxy?.setDevScriptMode) {
rqProxy.setDevScriptMode(newUserPreferences?.devScriptMode === true);
+ } else {
+ appliedLive = false;
}
} catch (e) {
+ appliedLive = false;
console.log("Failed to apply allowInsecureCerts/devScriptMode live", e);
}📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| // RQ-2426: apply the DEV script-mode toggle live on the running proxy too. | |
| // Only an explicit `true` enables it (full host access); anything else is | |
| // the safe sandbox. | |
| if (rqProxy?.setDevScriptMode) { | |
| rqProxy.setDevScriptMode(newUserPreferences?.devScriptMode === true); | |
| } | |
| } catch (e) { | |
| console.log("Failed to apply allowInsecureCerts live", e); | |
| console.log("Failed to apply allowInsecureCerts/devScriptMode live", e); | |
| // RQ-2426: apply the DEV script-mode toggle live on the running proxy too. | |
| // Only an explicit `true` enables it (full host access); anything else is | |
| // the safe sandbox. | |
| if (rqProxy?.setDevScriptMode) { | |
| rqProxy.setDevScriptMode(newUserPreferences?.devScriptMode === true); | |
| } else { | |
| appliedLive = false; | |
| } | |
| } catch (e) { | |
| appliedLive = false; | |
| console.log("Failed to apply allowInsecureCerts/devScriptMode live", e); |
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
In `@src/renderer/services/storage-cache.ts` around lines 49 - 56, Update the live
preference application flow around appliedLive, setAllowInsecureCerts, and
setDevScriptMode so appliedLive is true only when both methods exist and
complete successfully. If either method is unavailable or throws, preserve the
false state so the fallback proxy restart is triggered.
RQ-2426 — Developer Script Mode preference (desktop)
Ticket: RQ-2426 (part of RQ-3555) · PR 2 of 3 (proxy → desktop → web)
What
Adds the
devScriptModedesktop user preference and wires it into the proxy so"code" Modify Request/Response rules run in the secure sandbox by default, with
an opt-in Developer Script Mode (full host access).
userPreferenceschema/types +GET/UPDATE_DEV_SCRIPT_MODEactions(fail-safe: only an explicit boolean
true/"true"enables it).getDevScriptMode()threaded intoproxyConfiginstartProxyServer.storage-cacheapplies the toggle live on the running proxy (no restart),mirroring the
allowInsecureCertspattern.This PR does not yet bump
@requestly/requestly-proxy. Oncerequestly-proxy#118 merges and publishes, bump the dependency here to that version —
that's what actually delivers safe-by-default execution to the app.
Not included (separate concern)
The Electron-42/Node-24 dev-run fix (
dev-entry.cjs+start:main) is intentionallyexcluded — it's a dev-tooling fix unrelated to RQ-2426.
Release note (breaking for power users)
After updating, existing code rules that use
require/fs/processwill be blockeduntil the user enables Developer Script Mode. Built-in/example code rules (pure JSON
transforms) are unaffected.
🤖 Generated with Claude Code
Summary by CodeRabbit
New Features
Bug Fixes