Share Link incorrectly gives path routed instead of subdomain routed URL. #2740
Labels
effort/days
Estimated to take multiple days, but less than a week
exp/beginner
Can be confidently tackled by newcomers
good first issue
Good issue for new contributors
help wanted
Seeking public contribution on this issue
kind/enhancement
A net-new feature or improvement to an existing feature
P3
Low: Not priority right now
Describe the bug
When you right click on a file in Files and choose "Share Link" you are given a URL like
https://<host>/ipfs/<cid>
. This should be of the formhttps://<cid>.ipfs.<host>
for security reasons.To Reproduce
Steps to reproduce the behavior:
Expected behavior
Subdomain routing is always used.
Additional context
Path routing is known to be insecure for websites that use cookies, local storage, etc. This is well documented in the IPFS documentation and the documentation and security experts all recommend using subdomain routing whenever possible (which is almost always possible). These share links are encouraging people to share URLs that are insecure by default, and we should instead be using subdomain by default.
The text was updated successfully, but these errors were encountered: