I wanted to keep yall up to date on something I've been working on. Partially inspired by the buidltime sandboxing thread I started playing with a run time sandbox env for HTTP handlers. The main idea is to explicitly allow the framework to build in RASP like functionality without some of the sketchy runtime instrumentation and byte code injection most RASPs out there use. Figure it might be of interest to this group eventually but I've got a lot more work to do on it
I'm building it on top of wasm but getting interface types to play well with hostfuncs is requiring a lot of research and education. I think once it makes sense it should be more straightforward.
nice. are you using
wasmtime or what?
Yup. Wasmtime. It's really well put together project
It looks like it supports everything I need but this project is like diving straight into the deepest end I could find of wasm
nice, I've been meaning to play with it
They are extremely helpful on gitter and sunfishcode has a lot of great general wasm documentation
It's better than the spec itself