Don't trap when outbound http request is not allowed

Signed-off-by: Ryan Levick <[email protected]>
fermyon · Aug 20, 2024 · e9a5248 · e9a5248
1 parent 152409c
commit e9a5248
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 10 deletions.
diff --git a/crates/factor-outbound-http/src/wasi.rs b/crates/factor-outbound-http/src/wasi.rs
@@ -112,7 +112,7 @@ async fn send_request_impl(
     let is_relative_url = request.uri().authority().is_none();
     if is_relative_url {
         if !allowed_hosts.allows_relative_url(&["http", "https"]) {
-            return handle_not_allowed(request.uri(), true);
+            return Ok(handle_not_allowed(request.uri(), true));
         }
 
         let origin = request
@@ -131,7 +131,7 @@ async fn send_request_impl(
         let outbound_url = OutboundUrl::parse(request.uri().to_string(), "https")
             .map_err(|_| ErrorCode::HttpRequestUriInvalid)?;
         if !allowed_hosts.allows(&outbound_url) {
-            return handle_not_allowed(request.uri(), false);
+            return Ok(handle_not_allowed(request.uri(), false));
         }
     }
 
@@ -147,11 +147,8 @@ async fn send_request_impl(
 }
 
 // TODO(factors): Move to some callback on spin-factor-outbound-networking (?)
-fn handle_not_allowed(
-    uri: &Uri,
-    is_relative: bool,
-) -> anyhow::Result<Result<IncomingResponse, ErrorCode>> {
-    tracing::error!("Destination not allowed: {uri}");
+fn handle_not_allowed(uri: &Uri, is_relative: bool) -> Result<IncomingResponse, ErrorCode> {
+    tracing::error!("Destination not allowed!: {uri}");
     let allowed_host_example = if is_relative {
         terminal::warn!("A component tried to make a HTTP request to the same component but it does not have permission.");
         "http://self".to_string()
@@ -165,7 +162,7 @@ fn handle_not_allowed(
         host
     };
     eprintln!("To allow requests, add 'allowed_outbound_hosts = [\"{allowed_host_example}\"]' to the manifest component section.");
-    Err(ErrorCode::HttpRequestDenied.into())
+    Err(ErrorCode::HttpRequestDenied)
 }
 
 /// This is a fork of wasmtime_wasi_http::default_send_request_handler function

diff --git a/crates/factor-outbound-http/tests/factor_test.rs b/crates/factor-outbound-http/tests/factor_test.rs
@@ -65,9 +65,9 @@ async fn disallowed_host_fails() -> anyhow::Result<()> {
     let req = Request::get("https://denied.test").body(Default::default())?;
     let mut future_resp = wasi_http.send_request(req, test_request_config())?;
     future_resp.ready().await;
-    match future_resp.unwrap_ready() {
+    match future_resp.unwrap_ready().unwrap() {
         Ok(_) => bail!("expected Err, got Ok"),
-        Err(err) => assert!(matches!(err.downcast()?, ErrorCode::HttpRequestDenied)),
+        Err(err) => assert!(matches!(err, ErrorCode::HttpRequestDenied)),
     };
     Ok(())
 }