Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Share Link incorrectly gives path routed instead of subdomain routed URL. #2740

Open
MicahZoltu opened this issue Jan 25, 2024 · 1 comment
Open

Share Link incorrectly gives path routed instead of subdomain routed URL. #2740

MicahZoltu opened this issue Jan 25, 2024 · 1 comment
Labels
effort/days Estimated to take multiple days, but less than a week exp/beginner Can be confidently tackled by newcomers good first issue Good issue for new contributors help wanted Seeking public contribution on this issue kind/enhancement A net-new feature or improvement to an existing feature P3 Low: Not priority right now

Comments

@MicahZoltu
Copy link

  • OS: Windows
  • Version of IPFS Desktop: 0.32.0

Describe the bug
When you right click on a file in Files and choose "Share Link" you are given a URL like https://<host>/ipfs/<cid>. This should be of the form https://<cid>.ipfs.<host> for security reasons.

To Reproduce
Steps to reproduce the behavior:

  1. Go to Files tab.
  2. Right click on any file.
  3. Choose "Share Link"
  4. Notice the link provided uses path routing.

Expected behavior
Subdomain routing is always used.

Additional context
Path routing is known to be insecure for websites that use cookies, local storage, etc. This is well documented in the IPFS documentation and the documentation and security experts all recommend using subdomain routing whenever possible (which is almost always possible). These share links are encouraging people to share URLs that are insecure by default, and we should instead be using subdomain by default.
@MicahZoltu MicahZoltu added kind/bug A bug in existing code (including security flaws) need/triage Needs initial labeling and prioritization labels Jan 25, 2024
@whizzzkid
Copy link
Contributor

Thanks @milahu this sounds like a good feature to have, the reason it doesn't have it today is because not all gateways support subdomain gateways. The default gateway does, but that's not the norm. I think we can implement a simple check to validate if the server supports subdomain gatways and then generate those links.

I'll mark this as a backlog item.

@whizzzkid whizzzkid added help wanted Seeking public contribution on this issue P3 Low: Not priority right now kind/enhancement A net-new feature or improvement to an existing feature good first issue Good issue for new contributors exp/beginner Can be confidently tackled by newcomers effort/days Estimated to take multiple days, but less than a week and removed kind/bug A bug in existing code (including security flaws) need/triage Needs initial labeling and prioritization labels Feb 2, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
effort/days Estimated to take multiple days, but less than a week exp/beginner Can be confidently tackled by newcomers good first issue Good issue for new contributors help wanted Seeking public contribution on this issue kind/enhancement A net-new feature or improvement to an existing feature P3 Low: Not priority right now
Projects
No open projects
IPFS Shipyard Team
Status: 🥞 Todo
Milestone
No milestone
Development

No branches or pull requests
2 participants
@MicahZoltu @whizzzkid