-
Notifications
You must be signed in to change notification settings - Fork 9
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Origin isolation warnings, tests and enforcement #30
Comments
FYI that helia-service-worker-gateway works if built with BASE_URL env var. no hardcoding required anymore. However, we could probably infer domain fairly easily if we reduce the flexibility of deployment domains (e.g. deploying on subdomain such as |
Yes, existence of BASE_URL means hostname needs to be hardcoded at build time, which means we can't have single trusted build which can then be deployed/cached on multiple gateways, people need to manually build to use it. I've took a stab at removing this limitation in #53 |
* fix: enforce origin isolation on subdomain gws Towards #30 * chore: undo ts fixup * refactor: apply suggestions from code review Co-authored-by: Russell Dempsey <[email protected]> * fix: config page redirect * chore: empty out redirects * chore: config page check supports hash routing * chore: html title * Revert "chore: empty out redirects" This reverts commit 1a6d25c. * Revert "fix: config page redirect" This reverts commit 2fee3ce. * fix: redirects file doesnt bork config requests --------- Co-authored-by: Russell Dempsey <[email protected]>
Needs
For
inbrowser.link
The goal is to provide a subdomain gateway for loading websites in web browser.
Lack of isolation is a security bug. Subdomain mode MUST be enforced.
For General Availability
Good security is like water, if things are right, fishes should not even notice it.
For end users:
For gateway Operators:
Initial design
*.ipfs.example.com
works)fetch
API, as noted in feat: add explicit support for subdomain gateways helia#439 (review)window.location.replace
may be even better as it removes path URL from browser history.Tasks
Before ETH Denver:
inbrowser.link
. we have subdomain setup, so we should detect being on path, confirm subdomain works, convert to subdomain, and redirect to that.For general availability:
example.com/ip[nf]s
and either redirect to working subdomain at*.ip[nf]s.example.com
or produce error page which requires user to accept the risk before they to continue browsing in path gateway modeisSubdomainIsolationSupported
(should be executed only once)The text was updated successfully, but these errors were encountered: