Dmail NIL issues

[uonuon]

1 - App Redirection: I saw the dry run last month and found out that Dmails No Redirect score is 0, meanwhile the app has no redirection, i wonder if New internet labs identify the landing page as a part of the app or not, for example dmail's Links:
Landing page: https://dmail.online/
App: https://app.dmail.online/
The user can only authenticate through the app, i wonder how can i reprodauce the issue of redirection, since i tried the NIL Extensions and i found that Preventing Evil and Reporting Evil are active.

2 - The Third Parties: I am also having a problem with third parties it always gets red using the blockstack gaia, for example here in dmail i am trying to get users images from the gaia and it always gets red!

3 - Cookies: Somehow when getting another users images from user's gaia blockstack sets a cookies into the app how to prevent that?

4 - I need to know what are preventing evil and reporting evil flags refers to?
@larrysalibra

[larrysalibra]

@uonuon In general, questions about Blockstack app mining should be on the Blockstack App mining github https://github.com/blockstack/app-mining/issues

I'll try answer the extension-related portions of your questions below:

1. This extension doesn't do anything with regards to redirects in the currently shipping version. In the future we may add this functionality.

2. Your app origin is first party, any other origin is 3rd party. If you want to load something from Blockstack Gaia, you can should be able to using the getFile api (which I believe uses fetch under the hood).

3. This shouldn't happen if you use the getFile api to retrieve files stored in a user's gaia hub.

4. "Preventing evil" means that the browser extension is enforcing the sandbox rules. "Reporting evil" means that the browser extension is reporting any violations or attempted violations of the sandbox rules.

Hope this helps!