Skip to main content

NetworkAllowlist

Struct NetworkAllowlist

pub struct NetworkAllowlist { /* private fields */ }

Expand description

Network allowlist configuration for controlling HTTP access.

URLs must match an entry in the allowlist to be accessed. An empty allowlist means all URLs are blocked (secure by default).

§Examples

use bashkit::NetworkAllowlist;

// Create allowlist for specific APIs
let allowlist = NetworkAllowlist::new()
    .allow("https://api.example.com")        // Allow entire host
    .allow("https://cdn.example.com/assets/"); // Allow path prefix

// Check URLs
assert!(allowlist.is_allowed("https://api.example.com/v1/users"));
assert!(allowlist.is_allowed("https://cdn.example.com/assets/logo.png"));
assert!(!allowlist.is_allowed("https://evil.com"));

§Pattern Matching

Scheme: Must match exactly (https vs http)
Host: Must match exactly (no wildcards)
Port: Must match (defaults apply: 443 for https, 80 for http)
Path: Pattern path is treated as a prefix

Implementations§

impl NetworkAllowlist

pub fn new() -> Self

Create a new empty allowlist (blocks all URLs)

pub fn allow_all() -> Self

Create an allowlist that allows all URLs.

§Warning

This is dangerous and should only be used for testing or when the script is fully trusted.

pub fn allow(self, pattern: impl Into<String>) -> Self

Add a URL pattern to the allowlist.

§Pattern Format

Patterns can be:

Full URLs: https://api.example.com/v1
Host only: https://example.com
With port: “http://localhost:8080”

A pattern matches if the requested URL’s scheme, host, and port match, and the requested path starts with the pattern’s path (if specified).

pub fn allow_many( self, patterns: impl IntoIterator<Item = impl Into<String>>, ) -> Self

Add multiple URL patterns to the allowlist.

pub fn check(&self, url: &str) -> UrlMatch

Check if a URL is allowed.

pub fn is_allowed(&self, url: &str) -> bool

Check if a URL is allowed (convenience method).

Returns true if the URL is allowed, false otherwise. This is equivalent to checking if check(url) returns UrlMatch::Allowed.

pub fn is_enabled(&self) -> bool

Check if network access is enabled (has any patterns or allow_all)

Trait Implementations§

impl Clone for NetworkAllowlist

fn clone(&self) -> NetworkAllowlist

Returns a duplicate of the value. Read more

1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more

impl Debug for NetworkAllowlist

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more

impl Default for NetworkAllowlist

fn default() -> NetworkAllowlist

Returns the “default value” for a type. Read more

Auto Trait Implementations§

impl Freeze for NetworkAllowlist

impl RefUnwindSafe for NetworkAllowlist

impl Send for NetworkAllowlist

impl Sync for NetworkAllowlist

impl Unpin for NetworkAllowlist

impl UnwindSafe for NetworkAllowlist

Blanket Implementations§

impl<T> Any for T
where T: 'static + ?Sized,

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more

impl<T> Borrow<T> for T
where T: ?Sized,

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more

impl<T> BorrowMut<T> for T
where T: ?Sized,

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more

impl<T> CloneToUninit for T
where T: Clone,

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)

Performs copy-assignment from self to dest. Read more

impl<T> DynClone for T
where T: Clone,

fn __clone_box(&self, _: Private) -> *mut ()

impl<T> From<T> for T

fn from(t: T) -> T

Returns the argument unchanged.

impl<T, U> Into<U> for T
where U: From<T>,

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

impl<T> ToOwned for T
where T: Clone,

type Owned = T

The resulting type after obtaining ownership.

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more

impl<T, U> TryFrom<U> for T
where U: Into<T>,

type Error = Infallible

The type returned in the event of a conversion error.

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.