-
Notifications
You must be signed in to change notification settings - Fork 316
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Enable DNSLink by default #558
Conversation
This change ignores most of errors and attempts to recover via dnslink only if error is in a safe set. - browser vendors use different error codes and need to be added to the safe set - dnslink recovery ignores non-whitelisted error codes
I gathered some initial feedback and I feel this needs more UX polish:
My current plan is to simplify language around this and rename three states for DNSLink Support:
Note: if "Detect X-Ipfs-Path header" is enabled (and it will be enabled by default) it will trigger blocking lookup even if best-effort is picked. Are those terms clear enough, or could we improve language even further? |
Update: simplified options: "best-effort" executes |
This is a good idea. I think the names could be used to inform people of the trade off.
If you reframe this as the user facing idea of "Load IPFS hosted sites over IPFS where possible" rather than "Enable DNSLink" then it's a no-brainer to enable it by default. |
1c62253
to
ab72d12
Compare
@olizilla thank you, those are serious improvements! I feel now most of technical users won't need to "read more" to understand what is what: We can make it less technical after the dust settles down and we move it from Experiments to a regular Preferences section. I'm gonna fast-track this to Beta to smoke-test it in the wild. |
Let's make web more robust by making DNSLink ready for mainstream use!
This PR enables efficient DNSLink support by implementing additional lookup strategy from #548.
It also makes it the default for new installs of IPFS Companion.
Iteration 2
Applied changes from #558 (comment):
Key Changes
The
dnslink
(boolean flag) is replaced bydnslinkPolicy
(select list)My current plan is to simplify language around this and rename three states for DNSLink Support:
Note: if "Detect X-Ipfs-Path header" is enabled (and it will be enabled by default) it will trigger blocking lookup even if best-effort is picked.
To ensure DNSLink adoption all old users will be migrated from
dnslink
todnslinkPolicy=best-effort
(it can be later changed it in Preferences)See /docs/dnslink.md for "Read more" explanation of each policy.
DNS TXT Lookup Result Cache
Switched to in-memory lru-cache with size 1000 and max-age 12h.
Detect
X-Ipfs-Path
(HTTP Header)Detect
X-Ipfs-Path
and redirect to a valid/ipfs/
path(or
/ipns/
ifdnslinkPolicy=best-effort
is enabled as well).See /docs/x-ipfs-path.md for why this is useful.
Recover from HTTP Errors
Let's talk about the worst case scenario for
dnslinkPolicy=best-effort
X-Ipfs-Path
is presentCompanion will detect connection error via
onErrorOccurred
and check if website can be loaded from IPFS (forced DNSLink lookup using FQDN from HTTP URL).If DNSLink is present in DNS it is cached (to make all following requests instant by removing HTTP transport for FQDN) and website will be opened from IPFS in a new tab (We can't redirect from
onErrorOccurred
).Demo: recovering from HTTP connection timeout (httpd is offline):
Other
dnslink.js
cleanupipfs-request.test.js
as it grew too much.Known Issues
go-ipfs fails to find DNSLink forSolved in 4be3504ipfs.io
due tocould not resolve name (recursion limit exceeded)
Iteration 1
[Collapsed outdated notes]
Key Changes
The
dnslink
(boolean flag) is replaced bydnslinkPolicy
(select list)It accepts three states described in /docs/dnslink.md:
false
– same role as olddnslink=false
(no DNSLink redirects)detectIpfsPathHeader
– the new default, performs DNS TXT lookup only ifX-Ipfs-Path
is found inonHeadersReceived
of initial requesteagerDnsTxtLookup
-true
– same role as olddnslink=true
(DNS TXT lookup for every new hostname)DNS TXT Lookup Result Cache
Switched to in-memory lru-cache with size 1000 and max-age 12h.
Detect
X-Ipfs-Path
(HTTP Header)Detect
X-Ipfs-Path
and redirect to a valid/ipfs/
path(or
/ipns/
ifdnslinkPolicy=detectIpfsPathHeader
is enabled as well).See /docs/x-ipfs-path.md for why this is useful.
Recover from HTTP Errors
Let's talk about the worst case scenario for
dnslinkPolicy=detectIpfsPathHeader
X-Ipfs-Path
is presentCompanion will detect connection error via
onErrorOccurred
and check if website can be loaded from IPFS (forced DNSLink lookup using FQDN from HTTP URL).If DNSLink is present in DNS it is cached (to make all following requests instant by removing HTTP transport for FQDN) and website will be opened from IPFS in a new tab (We can't redirect from
onErrorOccurred
).Demo: recovering from HTTP connection timeout (httpd is offline):
Other
dnslink.js
cleanupipfs-request.test.js
as it grew too much.Known Issues
go-ipfs fails to find DNSLink forSolved in 4be3504ipfs.io
due tocould not resolve name (recursion limit exceeded)
cc @alanshaw @olizilla @lgierth @diasdavid @kyledrake – any thoughts before merging?
(I want to merge & ship to beta channel for initial feedback and community testing)