Security issue - content security policy - script unsafe-eval

[stiano]

Context:
I use @xenova/transformers 2.6.2 npm package from a web application to do image classifcations. Here is the gist of my setup:

const modelPath = 'own-domain/models-and-wasm/'

env.localModelPath = "/";
env.useBrowserCache = true;
env.backends.onnx.wasm.wasmPaths = modelPath;

const classifier = await pipeline("image-classification", modelPath, { quantized: true });
const output = await classifier(imagePath, { topk: 5 });

Everything works code-wise but when I remove unsafe-inline in CSP, it fails with this warning in the browser console:

Failed to asynchronously prepare wasm: 
CompileError: WebAssembly.instantiate(): Refused to compile or instantiate WebAssembly module because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive

I cannot allow script-src: unsafe-eval in my web application (corporate rules). Do I have any alternatives?

[MentalGear]

There's specially for that the CSP wasm-unsafe-eval permission.

[stiano]

If I cannot use wasm-unsafe-eval either? What are my options then? Another library perhaps?

[xenova]

Hi there 👋 So, the only place that eval is used is in one of the dependencies that onnxruntime (one of our dependencies) uses: protobuf.js.

function inquire(moduleName) {
    try {
        var mod = eval("quire".replace(/^/,"re"))(moduleName); // eslint-disable-line no-eval
        if (mod && (mod.length || Object.keys(mod).length))
            return mod;
    } catch (e) {} // eslint-disable-line no-empty
    return null;
}

As you can see, it is completely safe, since it replaces a static string and evaluates that (which becomes require). I believe this is needed because certain build tools replace the require function with something else during build time. Unfortunately, this does trigger unsafe-eval.

This has actually been an issue for years, but some users seem to have found a way around it: protobufjs/protobuf.js#593

Let me know if you get it right, because I think this will benefit other users too :) 🤗

[MentalGear]

none afaik .

…

On 6 Nov 2023, at 13:51, Stian Øyna ***@***.***> wrote: If I cannot use wasm-unsafe-eval either? What are my options then? Another library perhaps? — Reply to this email directly, view it on GitHub <#378 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AAVUVG7E5OFFWYVFHSAT5B3YDDMOHAVCNFSM6AAAAAA64O5P6WVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTOOJUG42DSMBRGA>. You are receiving this because you commented.