SSR migrated to Rust

2026-06-04 21:37:06 -04:00
parent ae684a36cb
commit 587be8c4ab
12 changed files with 2825 additions and 472 deletions
--- a/cores/mizan-rust-ssr/Cargo.lock
+++ b/cores/mizan-rust-ssr/Cargo.lock
--- a/cores/mizan-rust-ssr/Cargo.toml
+++ b/cores/mizan-rust-ssr/Cargo.toml
@@ -0,0 +1,22 @@
+[package]
+name = "mizan-rust-ssr"
+version = "0.1.0"
+edition = "2021"
+description = "Mizan SSR engine — embeds a deno_core V8 runtime (with deno_web) to render the build-time JS bundle to HTML in-process. No node, no bun, at serve time."
+license = "Elastic-2.0"
+
+[lib]
+path = "src/lib.rs"
+
+# deno_core + deno_web are added via `cargo add` so the resolver pins a
+# version-matched pair (deno_web constrains deno_core); the web-platform
+# globals react-dom/server.browser needs (TextEncoder, timers, MessagePort,
+# streams) come from deno_web as real implementations, not hand-rolled shims.
+[dependencies]
+anyhow = "1.0.102"
+deno_core = "0.403.0"
+deno_web = "0.281.0"
+deno_webidl = "0.250.0"
+
+[dev-dependencies]
+tokio = { version = "1.52.3", features = ["rt-multi-thread", "macros"] }
--- a/cores/mizan-rust-ssr/src/lib.rs
+++ b/cores/mizan-rust-ssr/src/lib.rs
@@ -0,0 +1,133 @@
+//! Mizan SSR engine.
+//!
+//! Embeds a `deno_core` V8 runtime composed with `deno_web` so the build-time
+//! JS bundle (component + `react-dom/server.browser`, produced by the bundler
+//! during `mizan-generate`) renders to HTML in-process. The bundle exposes a
+//! global render function; the engine evals it once and calls it per request.
+//! No external JS runtime — node and bun are build-time tools only.
+//!
+//! The host globals a bare V8 isolate lacks — `TextEncoder`/`TextDecoder`,
+//! timers, `MessagePort`, `performance` — come from `deno_web` as real
+//! web-platform implementations, not shims (a partial polyfill is
+//! silent-failure-shaped: it passes until a render path hits the gap).
+//!
+//! Props never enter evaluated source. Only the trusted bundle is `eval`'d;
+//! per-render data crosses as a `v8::json::parse`d value passed as a function
+//! argument, so a prop string has no source to break out of — code injection
+//! is structurally absent, not filtered.
+
+use std::sync::Arc;
+
+use anyhow::{anyhow, Context, Result};
+use deno_core::{v8, JsRuntime, RuntimeOptions};
+use deno_web::{BlobStore, InMemoryBroadcastChannel};
+
+/// Install the web-platform globals react-dom touches at module-init, pulled
+/// from `deno_web`'s real implementations via the lazy-load op. `deno_web`
+/// registers these as lazy modules and installs nothing on `globalThis` until
+/// asked — this is the minimal bootstrap that asks.
+const INSTALL_WEB_GLOBALS: &str = r#"{
+  const lazy = (s) => Deno.core.loadExtScript(s);
+  const mp = lazy("ext:deno_web/13_message_port.js");
+  globalThis.MessageChannel = mp.MessageChannel;
+  globalThis.MessagePort = mp.MessagePort;
+  const te = lazy("ext:deno_web/08_text_encoding.js");
+  globalThis.TextEncoder = te.TextEncoder;
+  globalThis.TextDecoder = te.TextDecoder;
+}"#;
+
+/// An embedded V8 runtime carrying one rendered bundle, plus the web-platform
+/// globals react-dom needs. One isolate per engine (V8's Locker constraint
+/// means an engine is not `Send`; hold one per worker thread).
+pub struct SsrEngine {
+    runtime: JsRuntime,
+}
+
+impl SsrEngine {
+    /// Build the runtime and eval `bundle` (which assigns `globalThis.renderApp`).
+    pub fn new(bundle: String) -> Result<Self> {
+        let mut runtime = JsRuntime::new(RuntimeOptions {
+            extensions: vec![
+                deno_webidl::deno_webidl::init(),
+                deno_web::deno_web::init(
+                    Arc::new(BlobStore::default()),
+                    None,  // maybe_location
+                    false, // enable_css_parser_features
+                    InMemoryBroadcastChannel::default(),
+                ),
+            ],
+            ..Default::default()
+        });
+        runtime
+            .execute_script("[mizan:web-globals]", INSTALL_WEB_GLOBALS)
+            .context("installing web-platform globals")?;
+        runtime
+            .execute_script("[mizan:bundle]", bundle)
+            .context("evaluating the SSR bundle")?;
+        Ok(Self { runtime })
+    }
+
+    /// Render to HTML by calling the bundle's `renderApp(props)`. `props_json`
+    /// is a JSON object string; it is parsed to a V8 value and passed as an
+    /// argument — never spliced into evaluated source.
+    pub fn render(&mut self, props_json: &str) -> Result<String> {
+        deno_core::scope!(scope, &mut self.runtime);
+        let context = scope.get_current_context();
+        let global = context.global(scope);
+
+        let key = v8::String::new(scope, "renderApp").context("intern renderApp key")?;
+        let func_val = global
+            .get(scope, key.into())
+            .ok_or_else(|| anyhow!("renderApp is not defined on globalThis"))?;
+        let func: v8::Local<v8::Function> = func_val
+            .try_into()
+            .map_err(|_| anyhow!("renderApp is not a function"))?;
+
+        let props_str = v8::String::new(scope, props_json).context("intern props")?;
+        let props = v8::json::parse(scope, props_str)
+            .ok_or_else(|| anyhow!("props are not valid JSON"))?;
+
+        let recv = v8::undefined(scope).into();
+        let result = func
+            .call(scope, recv, &[props])
+            .ok_or_else(|| anyhow!("renderApp threw or returned nothing"))?;
+        Ok(result.to_rust_string_lossy(scope))
+    }
+}
+
+#[cfg(test)]
+mod tests {
+    use super::*;
+
+    #[tokio::test]
+    async fn renders_react_bundle_in_embedded_v8() {
+        let bundle = std::fs::read_to_string(concat!(
+            env!("CARGO_MANIFEST_DIR"),
+            "/tests/fixture/bundle.js"
+        ))
+        .expect("tests/fixture/bundle.js — build it via the fixture's esbuild step");
+
+        let mut engine = SsrEngine::new(bundle).expect("engine init");
+        let html = engine.render(r#"{"name":"World"}"#).expect("render");
+        assert_eq!(html, r#"<div id="greeting">Hello, World!</div>"#);
+    }
+
+    #[tokio::test]
+    async fn props_cannot_inject_code() {
+        // A prop value that would break out of a string-built `renderApp(...)`
+        // call. Through the value-call path it is inert data: it reaches the
+        // component as a string, never as source.
+        let bundle = std::fs::read_to_string(concat!(
+            env!("CARGO_MANIFEST_DIR"),
+            "/tests/fixture/bundle.js"
+        ))
+        .expect("fixture bundle");
+
+        let mut engine = SsrEngine::new(bundle).expect("engine init");
+        let html = engine
+            .render(r#"{"name":"x\"}); globalThis.__pwned = true; ({\"y\":\""}"#)
+            .expect("render");
+        // The payload rendered as text; it did not execute.
+        assert!(html.contains("__pwned"));
+    }
+}
--- a/cores/mizan-rust-ssr/tests/fixture/.gitignore
+++ b/cores/mizan-rust-ssr/tests/fixture/.gitignore
@@ -0,0 +1,3 @@
+node_modules/
+package-lock.json
+bundle.js
--- a/cores/mizan-rust-ssr/tests/fixture/Hello.js
+++ b/cores/mizan-rust-ssr/tests/fixture/Hello.js
@@ -0,0 +1,7 @@
+import { createElement } from "react"
+
+// A trivial component: props in, element out. The keystone only needs to prove
+// a real React tree renders to HTML inside a bare JS context.
+export function Hello({ name }) {
+  return createElement("div", { id: "greeting" }, `Hello, ${name}!`)
+}
--- a/cores/mizan-rust-ssr/tests/fixture/entry.js
+++ b/cores/mizan-rust-ssr/tests/fixture/entry.js
@@ -0,0 +1,8 @@
+import { renderToStaticMarkup } from "react-dom/server.browser"
+import { createElement } from "react"
+import { Hello } from "./Hello.js"
+
+// The bundle exposes one global the embedded engine calls. No module system at
+// runtime — the engine receives a bare script that defines `renderApp`. This is
+// the production shape in miniature: build-time bundle, runtime eval.
+globalThis.renderApp = (props) => renderToStaticMarkup(createElement(Hello, props))
--- a/cores/mizan-rust-ssr/tests/fixture/package.json
+++ b/cores/mizan-rust-ssr/tests/fixture/package.json
@@ -0,0 +1,7 @@
+{
+  "dependencies": {
+    "esbuild": "^0.28.0",
+    "react": "^19.2.7",
+    "react-dom": "^19.2.7"
+  }
+}
--- a/cores/mizan-rust-ssr/tests/fixture/runner.cjs
+++ b/cores/mizan-rust-ssr/tests/fixture/runner.cjs
@@ -0,0 +1,29 @@
+// Proxy for the embedded-V8 runtime: a bare global context with no Node
+// builtins. Load the IIFE bundle (which assigns globalThis.renderApp) and call
+// it. What renders here renders in rusty_v8 — the engine swaps, the contract
+// (bundle defines a global render fn over a bare context) does not.
+const fs = require("fs")
+const vm = require("vm")
+
+const code = fs.readFileSync(__dirname + "/bundle.js", "utf8")
+
+// The minimal host globals React's bundle touches at init / sync render. The
+// rusty_v8 engine must provide the same set — this list is the spec for it.
+const sandbox = {
+  console, setTimeout, clearTimeout, queueMicrotask, MessageChannel, performance,
+  TextEncoder, TextDecoder,
+}
+sandbox.globalThis = sandbox
+
+vm.createContext(sandbox)
+vm.runInContext(code, sandbox)
+
+const html = sandbox.renderApp({ name: "World" })
+console.log("RENDERED:", html)
+
+const expected = '<div id="greeting">Hello, World!</div>'
+if (html !== expected) {
+  console.error("MISMATCH — expected:", expected)
+  process.exit(1)
+}
+console.log("OK — React bundle renders in a bare JS context (V8 proxy)")
--- a/cores/mizan-rust-ssr/tests/no_rsc.rs
+++ b/cores/mizan-rust-ssr/tests/no_rsc.rs
@@ -0,0 +1,54 @@
+//! Guard — Mizan SSR is hand-rolled (bare renderer + AFI data injection +
+//! injected kernel). No frontend adapter imports an SSR runtime / meta-framework
+//! (Next, Nuxt, SvelteKit) or a server-functions layer (RSC / Flight).
+//!
+//! React Server Components and the Flight serialization protocol carry
+//! CVE-2025-55182 ("React2Shell" — unauthenticated remote code execution,
+//! CVSS 10.0): the server deserializes a client-supplied Flight payload and an
+//! attacker reaches prototype-pollution → RCE.
+//!
+//! Mizan renders **synchronously from props** — data is fetched server-side
+//! through the AFI and passed in, never deserialized from a client payload — so
+//! it sits structurally outside that attack surface. This test keeps it there:
+//! it goes red the instant any RSC / Flight / streaming surface enters the
+//! authored SSR source or its dependencies. Absence is not enough; this is the
+//! forcing function that makes re-entry loud.
+
+/// Tokens that only appear when RSC / Flight / streaming rendering is in play.
+const FORBIDDEN: &[&str] = &[
+    // React Server Components / Flight — CVE-2025-55182 (pre-auth RCE, CVSS 10.0)
+    "react-server-dom",
+    "renderToReadableStream",
+    "renderToPipeableStream",
+    "createFromReadableStream",
+    "createFromFetch",
+    "use server",
+    // SSR runtimes / meta-frameworks — forbidden across every frontend adapter
+    "next/",
+    "nuxt",
+    "@sveltejs/kit",
+    "sveltekit",
+];
+
+const SCANNED: &[&str] = &[
+    concat!(env!("CARGO_MANIFEST_DIR"), "/tests/fixture/entry.js"),
+    concat!(env!("CARGO_MANIFEST_DIR"), "/tests/fixture/Hello.js"),
+    concat!(env!("CARGO_MANIFEST_DIR"), "/tests/fixture/package.json"),
+];
+
+#[test]
+fn ssr_has_no_rsc_or_flight_surface() {
+    for path in SCANNED {
+        let Ok(src) = std::fs::read_to_string(path) else {
+            continue; // a generated/optional file absent is fine; authored source is the point
+        };
+        for needle in FORBIDDEN {
+            assert!(
+                !src.contains(needle),
+                "RSC/Flight surface {needle:?} found in {path} — forbidden. \
+                 RSC carries CVE-2025-55182 (unauth RCE, CVSS 10.0); Mizan SSR is \
+                 classic renderToString-family only, rendered synchronously from props.",
+            );
+        }
+    }
+}