fix: apply server.fs check to env transport (#22159)

sapphi-red · web-flow · commit f02d9fde0b19 · 2026-04-06T19:14:38.000+09:00
diff --git a/docs/guide/api-environment-runtimes.md b/docs/guide/api-environment-runtimes.md
@@ -156,6 +156,8 @@ function createWorkerdDevEnvironment(
 }
 ```
 
+By default, `HotChannel` transports have `server.fs` restrictions applied, meaning only files within the allowed directories can be served. If your transport is not exposed over the network (e.g., it communicates via worker threads or in-process calls), you can set `skipFsCheck: true` on the `HotChannel` to bypass these restrictions.
+
 There are [multiple communication levels for the `DevEnvironment`](/guide/api-environment-frameworks#devenvironment-communication-levels). To make it easier for frameworks to write runtime agnostic code, we recommend to implement the most flexible communication level possible.
 
 ## `ModuleRunner`
@@ -369,6 +371,8 @@ function createWorkerEnvironment(name, config, context) {
   }
 
   const workerHotChannel = {
+    // Worker threads post messages are not exposed over the network, skip server.fs checks
+    skipFsCheck: true,
     send: (data) => worker.postMessage(data),
     on: (event, handler) => {
       // client is already connected
diff --git a/packages/vite/src/node/config.ts b/packages/vite/src/node/config.ts
@@ -254,6 +254,7 @@ function defaultCreateClientDevEnvironment(
   return new DevEnvironment(name, config, {
     hot: true,
     transport: context.ws,
+    disableFetchModule: true,
   })
 }
 
diff --git a/packages/vite/src/node/server/environment.ts b/packages/vite/src/node/server/environment.ts
@@ -26,10 +26,7 @@ import type {
   NormalizedHotChannelClient,
 } from './hmr'
 import { getShortName, normalizeHotChannel, updateModules } from './hmr'
-import type {
-  TransformOptionsInternal,
-  TransformResult,
-} from './transformRequest'
+import type { TransformResult } from './transformRequest'
 import { transformRequest } from './transformRequest'
 import type { EnvironmentPluginContainer } from './pluginContainer'
 import {
@@ -48,6 +45,8 @@ export interface DevEnvironmentContext {
     inlineSourceMap?: boolean
   }
   depsOptimizer?: DepsOptimizer
+  /** @internal used for client environment */
+  disableFetchModule?: boolean
   /** @internal used for full bundle mode */
   disableDepsOptimizer?: boolean
 }
@@ -61,6 +60,10 @@ export class DevEnvironment extends BaseEnvironment {
    * @internal
    */
   _remoteRunnerOptions: DevEnvironmentContext['remoteRunner']
+  /**
+   * @internal
+   */
+  _skipFsCheck: boolean
 
   get pluginContainer(): EnvironmentPluginContainer<DevEnvironment> {
     if (!this._pluginContainer)
@@ -128,6 +131,11 @@ export class DevEnvironment extends BaseEnvironment {
     this._crawlEndFinder = setupOnCrawlEnd()
 
     this._remoteRunnerOptions = context.remoteRunner ?? {}
+    this._skipFsCheck = !!(
+      context.transport &&
+      !(isWebSocketServer in context.transport) &&
+      context.transport.skipFsCheck
+    )
 
     this.hot = context.transport
       ? isWebSocketServer in context.transport
@@ -137,6 +145,9 @@ export class DevEnvironment extends BaseEnvironment {
 
     this.hot.setInvokeHandler({
       fetchModule: (id, importer, options) => {
+        if (context.disableFetchModule) {
+          throw new Error('fetchModule is disabled in this environment')
+        }
         return this.fetchModule(id, importer, options)
       },
       getBuiltins: async () => {
@@ -233,17 +244,13 @@ export class DevEnvironment extends BaseEnvironment {
     }
   }
 
-  transformRequest(
-    url: string,
-    /** @internal */
-    options?: TransformOptionsInternal,
-  ): Promise<TransformResult | null> {
-    return transformRequest(this, url, options)
+  transformRequest(url: string): Promise<TransformResult | null> {
+    return transformRequest(this, url, { skipFsCheck: this._skipFsCheck })
   }
 
   async warmupRequest(url: string): Promise<void> {
     try {
-      await this.transformRequest(url)
+      await transformRequest(this, url, { skipFsCheck: true })
     } catch (e) {
       if (
         e?.code === ERR_OUTDATED_OPTIMIZED_DEP ||
diff --git a/packages/vite/src/node/server/hmr.ts b/packages/vite/src/node/server/hmr.ts
@@ -89,6 +89,11 @@ export type HotChannelListener<T extends string = string> = (
 ) => void
 
 export interface HotChannel<Api = any> {
+  /**
+   * When true, the fs access check is skipped in fetchModule.
+   * Set this for transports that is not exposed over the network.
+   */
+  skipFsCheck?: boolean
   /**
    * Broadcast events to all clients
    */
@@ -1130,6 +1135,7 @@ export function createServerHotChannel(): ServerHotChannel {
   const outsideEmitter = new EventEmitter()
 
   return {
+    skipFsCheck: true,
     send(payload: HotPayload) {
       outsideEmitter.emit('send', payload)
     },
diff --git a/packages/vite/src/node/server/middlewares/transform.ts b/packages/vite/src/node/server/middlewares/transform.ts
@@ -57,7 +57,10 @@ const rawRE = /[?&]raw\b/
 const inlineRE = /[?&]inline\b/
 const svgRE = /\.svg\b/
 
-function isServerAccessDeniedForTransform(config: ResolvedConfig, id: string) {
+export function isServerAccessDeniedForTransform(
+  config: ResolvedConfig,
+  id: string,
+): boolean {
   if (rawRE.test(id) || urlRE.test(id) || inlineRE.test(id) || svgRE.test(id)) {
     return checkLoadingAccess(config, id) !== 'allowed'
   }
@@ -244,14 +247,7 @@ export function transformMiddleware(
         }
 
         // resolve, load and transform using the plugin container
-        const result = await environment.transformRequest(url, {
-          allowId(id) {
-            return (
-              id[0] === '\0' ||
-              !isServerAccessDeniedForTransform(server.config, id)
-            )
-          },
-        })
+        const result = await environment.transformRequest(url)
         if (result) {
           const depsOptimizer = environment.depsOptimizer
           const type = isDirectCSSRequest(url) ? 'css' : 'js'
diff --git a/packages/vite/src/node/server/transformRequest.ts b/packages/vite/src/node/server/transformRequest.ts
@@ -35,6 +35,7 @@ import {
 import { isFileLoadingAllowed } from './middlewares/static'
 import { throwClosedServerError } from './pluginContainer'
 import type { DevEnvironment } from './environment'
+import { isServerAccessDeniedForTransform } from './middlewares/transform'
 
 export const ERR_LOAD_URL = 'ERR_LOAD_URL'
 export const ERR_LOAD_PUBLIC_URL = 'ERR_LOAD_PUBLIC_URL'
@@ -60,11 +61,11 @@ export interface TransformOptions {
   ssr?: boolean
 }
 
-export interface TransformOptionsInternal {
+interface TransformOptionsInternal {
   /**
-   * @internal
+   * Whether to skip the `server.fs` check.
    */
-  allowId?: (id: string) => boolean
+  skipFsCheck: boolean
 }
 
 // TODO: This function could be moved to the DevEnvironment class.
@@ -77,7 +78,7 @@ export interface TransformOptionsInternal {
 export function transformRequest(
   environment: DevEnvironment,
   url: string,
-  options: TransformOptionsInternal = {},
+  options: TransformOptionsInternal,
 ): Promise<TransformResult | null> {
   if (environment._closing && environment.config.dev.recoverable)
     throwClosedServerError()
@@ -248,7 +249,11 @@ async function loadAndTransform(
 
   const moduleGraph = environment.moduleGraph
 
-  if (options.allowId && !options.allowId(id)) {
+  if (
+    !options.skipFsCheck &&
+    id[0] !== '\0' &&
+    isServerAccessDeniedForTransform(config, id)
+  ) {
     const err: any = new Error(`Denied ID ${id}`)
     err.code = ERR_DENIED_ID
     err.id = id
@@ -272,7 +277,7 @@ async function loadAndTransform(
     // only try the fallback if access is allowed, skip for out of root url
     // like /service-worker.js or /api/users
     if (
-      environment.config.consumer === 'server' ||
+      options.skipFsCheck ||
       isFileLoadingAllowed(environment.getTopLevelConfig(), slash(file))
     ) {
       try {
diff --git a/packages/vite/src/node/ssr/__tests__/fixtures/basic/file.js b/packages/vite/src/node/ssr/__tests__/fixtures/basic/file.js
@@ -0,0 +1 @@
+export default 'ok'
diff --git a/packages/vite/src/node/ssr/__tests__/ssrLoadModule.spec.ts b/packages/vite/src/node/ssr/__tests__/ssrLoadModule.spec.ts
@@ -406,3 +406,26 @@ test('buildStart before transform', async () => {
     ]
   `)
 })
+
+test('server.fs check is not applied to ssrLoadModule', async () => {
+  const server = await createServer({
+    configFile: false,
+    root,
+    logLevel: 'silent',
+    optimizeDeps: {
+      noDiscovery: true,
+    },
+    server: {
+      fs: {
+        allow: [
+          path.resolve(import.meta.dirname, './fixtures/named-overwrite-all'),
+        ],
+      },
+    },
+  })
+  onTestFinished(() => server.close())
+  await server.environments.ssr.pluginContainer.buildStart({})
+
+  const mod = await server.ssrLoadModule('/fixtures/basic/file.js')
+  expect(mod.default).toBe('ok')
+})
diff --git a/packages/vite/src/node/ssr/runtime/__tests__/fixture-outside.js b/packages/vite/src/node/ssr/runtime/__tests__/fixture-outside.js
@@ -0,0 +1 @@
+export default 'error'
diff --git a/packages/vite/src/node/ssr/runtime/__tests__/server-runtime.spec.ts b/packages/vite/src/node/ssr/runtime/__tests__/server-runtime.spec.ts
@@ -1,5 +1,5 @@
 import { existsSync, readdirSync } from 'node:fs'
-import { posix, win32 } from 'node:path'
+import { posix, resolve, win32 } from 'node:path'
 import { fileURLToPath } from 'node:url'
 import { setTimeout } from 'node:timers/promises'
 import { describe, expect, it, vi } from 'vitest'
@@ -625,3 +625,18 @@ describe('full-reload during close', () => {
     ).toBe(false)
   })
 })
+
+describe('server.fs check', async () => {
+  const it = await createModuleRunnerTester({
+    server: {
+      fs: {
+        allow: [resolve(import.meta.dirname, './fixtures/circular')],
+      },
+    },
+  })
+
+  it('it is not applied to the server module runner', async ({ runner }) => {
+    const mod = await runner.import('/fixtures/basic.js')
+    expect(mod.name).toBe('basic')
+  })
+})
diff --git a/packages/vite/src/node/ssr/runtime/__tests__/server-worker-runner.invoke.spec.ts b/packages/vite/src/node/ssr/runtime/__tests__/server-worker-runner.invoke.spec.ts
@@ -1,4 +1,5 @@
 import { BroadcastChannel, Worker } from 'node:worker_threads'
+import path from 'node:path'
 import { afterAll, beforeAll, describe, expect, it } from 'vitest'
 import type { BirpcReturn } from 'birpc'
 import { createBirpc } from 'birpc'
@@ -34,6 +35,9 @@ describe('running module runner inside a worker and using the ModuleRunnerTransp
         hmr: {
           port: 9610,
         },
+        fs: {
+          allow: [path.resolve(import.meta.dirname, './fixtures')],
+        },
       },
       environments: {
         worker: {
@@ -109,4 +113,13 @@ describe('running module runner inside a worker and using the ModuleRunnerTransp
     expect(output.result).toBe('baz.txt')
     expect(output.error).toBeUndefined()
   })
+
+  it('server.fs check is applied to the custom transport by default', async () => {
+    handleInvoke = (data: any) =>
+      server.environments.worker.hot.handleInvoke(data)
+
+    const output = await run('./fixture-outside.js')
+    expect(output).toHaveProperty('error')
+    expect(output.error).toContain('Failed to load url')
+  })
 })
diff --git a/packages/vite/src/node/ssr/runtime/__tests__/server-worker-runner.spec.ts b/packages/vite/src/node/ssr/runtime/__tests__/server-worker-runner.spec.ts
@@ -1,4 +1,5 @@
 import { BroadcastChannel, Worker } from 'node:worker_threads'
+import path from 'node:path'
 import { describe, expect, it, onTestFinished } from 'vitest'
 import type { HotChannel, HotChannelListener, HotPayload } from 'vite'
 import { DevEnvironment } from '../../..'
@@ -112,4 +113,48 @@ describe('running module runner inside a worker', () => {
       channel.postMessage({ id: './fixtures/default-string.ts' })
     })
   })
+
+  it('server.fs check is applied to the custom transport by default', async () => {
+    const worker = new Worker(
+      new URL('./fixtures/worker.mjs', import.meta.url),
+      { stdout: true },
+    )
+    await new Promise<void>((resolve, reject) => {
+      worker.on('message', () => resolve())
+      worker.on('error', reject)
+    })
+    const server = await createServer({
+      root: import.meta.dirname,
+      logLevel: 'error',
+      server: {
+        middlewareMode: true,
+        watch: null,
+        hmr: {
+          port: 9609,
+        },
+        fs: {
+          allow: [path.resolve(import.meta.dirname, './fixtures')],
+        },
+      },
+      environments: {
+        worker: {
+          dev: {
+            createEnvironment: (name, config) => {
+              return new DevEnvironment(name, config, {
+                hot: false,
+                transport: createWorkerTransport(worker),
+              })
+            },
+          },
+        },
+      },
+    })
+    onTestFinished(async () => {
+      await Promise.allSettled([server.close(), worker.terminate()])
+    })
+
+    await expect(
+      server.environments.worker.transformRequest('./fixture-outside.js'),
+    ).rejects.toThrow('Failed to load url')
+  })
 })
diff --git a/playground/fs-serve/__tests__/commonTests.ts b/playground/fs-serve/__tests__/commonTests.ts

Original file line number	Diff line number	Diff line change
`@@ -156,6 +156,8 @@ function createWorkerdDevEnvironment(`
`156`	`156`	`}`
`157`	`157`	```
`158`	`158`
	`159`	+By default, `HotChannel` transports have `server.fs` restrictions applied, meaning only files within the allowed directories can be served. If your transport is not exposed over the network (e.g., it communicates via worker threads or in-process calls), you can set `skipFsCheck: true` on the `HotChannel` to bypass these restrictions.
	`160`	`+`
`159`	`161`	There are [multiple communication levels for the `DevEnvironment`](/guide/api-environment-frameworks#devenvironment-communication-levels). To make it easier for frameworks to write runtime agnostic code, we recommend to implement the most flexible communication level possible.
`160`	`162`
`161`	`163`	## `ModuleRunner`
`@@ -369,6 +371,8 @@ function createWorkerEnvironment(name, config, context) {`
`369`	`371`	`}`
`370`	`372`
`371`	`373`	`const workerHotChannel = {`
	`374`	`+ // Worker threads post messages are not exposed over the network, skip server.fs checks`
	`375`	`+ skipFsCheck: true,`
`372`	`376`	`send: (data) => worker.postMessage(data),`
`373`	`377`	`on: (event, handler) => {`
`374`	`378`	`// client is already connected`
Original file line number	Diff line number	Diff line change
`@@ -254,6 +254,7 @@ function defaultCreateClientDevEnvironment(`
`254`	`254`	`return new DevEnvironment(name, config, {`
`255`	`255`	`hot: true,`
`256`	`256`	`transport: context.ws,`
	`257`	`+ disableFetchModule: true,`
`257`	`258`	`})`
`258`	`259`	`}`
`259`	`260`