[Security] Even more strict on address bar for IPFS
See original GitHub issueThis issue https://github.com/brave/brave-browser/issues/13872 makes it so we only use ipns://
and ipfs://
for configured gateways.
This issue is to track being even more strict and only replacing ipfs://
when there is a valid CID.
This is about the reverse lookup code which will show ipfs:// We only want to do that when it’s a valid CID. For <cid>.ipfs.localhost:<port>
If <cid> is not in the right format, we shouldn’t show ipfs:// reverse mapping
Issue Analytics
- State:
- Created 3 years ago
- Comments:8 (1 by maintainers)
Top Results From Across the Web
1000s of Phishing Attacks Blast Off From InterPlanetary File ...
For once, IPFS is designed to be resistant to censorship by making content available in multiple places — meaning that even if a...
Read more >Kubo command-line
IPFS can run in either online or offline mode. Online mode is when you have IPFS running separately as a daemon process.
Read more >IPFS is the Distributed Web
There are challenges for security in distributing services and monetization. However, the key is that content would be distributed. YouTube ...
Read more >The forgotten IPFS vulnerabilities | ConsenSys Diligence
Instead of addressing data by content, an IPFS CID can be 'pinned' to a public key under the /ipns/<your-pubkey> path. The pin can...
Read more >IPFS: What it is, How it works, and Why it's needed
This is accomplished because every file has a unique hash which can be compared to a fingerprint. When you want to download a...
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
@stephendonner FYSA
http://Qm..
fail becauseQm..
CIDv0 are case-sensitive, and the authority part of URL is case-insensitive in some web contexts (eg. DNS / Firefox force-lowercase) This is not an issue with Brave, but a quirk of representing CIDs on the web. That is why we are moving towards case-insensitive base32 CIDv1 (bafy...
) identifiers (and why there is a redirect returned by go-ipfs, that does it automatically under the hood).Test Plan: