From dc202c76b4d0628437f5f54a37268b19bd1d04d6 Mon Sep 17 00:00:00 2001
From: Francesco Ceccon <francesco@ceccon.me>
Date: Fri, 19 Jan 2024 17:14:07 +0100
Subject: [PATCH] sink: --allow-net="" allows any host

**Summary**
This change ensures that the --allow-net flag works in environments were
changing the command line arguments is not feasible/recommended (e.g.
docker containers).

Fix #312
---
 script/src/script.rs | 15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)

diff --git a/script/src/script.rs b/script/src/script.rs
index ceb0f7a5..06218bb0 100644
--- a/script/src/script.rs
+++ b/script/src/script.rs
@@ -354,10 +354,23 @@ impl Script {
     }
 
     fn default_permissions(options: &ScriptOptions) -> Result<PermissionsContainer, ScriptError> {
+        // If users use an empty hostname, allow all hosts.
+        let allow_net = options.allow_net.clone().map(|hosts| {
+            if hosts.len() == 1 {
+                if hosts[0].is_empty() {
+                    vec![]
+                } else {
+                    hosts
+                }
+            } else {
+                hosts
+            }
+        });
+
         match Permissions::from_options(&PermissionsOptions {
             allow_env: options.allow_env.clone(),
             allow_hrtime: true,
-            allow_net: options.allow_net.clone(),
+            allow_net,
             prompt: false,
             ..PermissionsOptions::default()
         }) {