This PR is to add fdw_package_checksum server option support.
What is the current behavior?
Currently the remote Wasm package is specified by package name, url and version. This package content isn't checked so it is vulnerable to the security issue mentioned in #301 .
What is the new behavior?
Add fdw_package_checksum server option will make the Wasm package content been checked after download, thus can further protect it from the security issue mentioned above.
Additional context
Note this fdw_package_checksum server option is only required for http:// and https:// package url, for local file and warg protocol the checksum isn't required.
What kind of change does this PR introduce?
This PR is to add
fdw_package_checksumserver option support.What is the current behavior?
Currently the remote Wasm package is specified by package name, url and version. This package content isn't checked so it is vulnerable to the security issue mentioned in #301 .
What is the new behavior?
Add
fdw_package_checksumserver option will make the Wasm package content been checked after download, thus can further protect it from the security issue mentioned above.Additional context
Note this
fdw_package_checksumserver option is only required forhttp://andhttps://package url, for local file andwargprotocol the checksum isn't required.