Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

[Security] Even more strict on address bar for IPNS

See original GitHub issue

This issue #13872 makes it so we only use ipns:// and ipfs:// for configured gateways.

This issue https://github.com/brave/brave-browser/issues/13873 is for being more strict for ipfs://.

For IPNS, once we have DNSLink, we should only replace when there’s a valid CID and when DNSLink has no information for the name being used.

Issue Analytics

State:
Created 3 years ago
Comments:5

Top GitHub Comments

1reaction

stephendonnercommented, May 4, 2021

Verified PASSED with

Brave	1.24.50 Chromium: 90.0.4430.51 (Official Build) nightly (x86_64)
Revision	32e5fa33a31641bded70a90e60121060691e7125-refs/branch-heads/4430@{#927}
OS	macOS Version 11.2.3 (Build 20D91)

Steps:

loaded http://en.wikipedia-on-ipfs.org.ipns.localhost:48081/ and redirected to http://en.wikipedia-on-ipfs.org.ipns.localhost:48081/wiki; clicked on Open using IPFS and got ipns://en.wikipedia-on-ipfs.org/wiki
loaded http://google.com.ipns.localhost:48081 and got expected ipfs resolve -r /ipns/google.com/: could not resolve name error

Verification passed on

Brave	1.24.70 Chromium: 90.0.4430.72 (Official Build) beta (64-bit)
Revision	b6172ef8d07ef486489a4b11b66b2eaeed50d132-refs/branch-heads/4430@{#1233}
OS	Ubuntu 20

Verified the above test plan

Verified PASSED with

Brave	1.24.82 Chromium: 90.0.4430.93 (Official Build) (64-bit)
Revision	4df112c29cfe9a2c69b14195c0275faed4e997a7-refs/branch-heads/4430@{#1348}
OS	Windows 10 OS Version 2009 (Build 21370.1)

Steps:

loaded http://en.wikipedia-on-ipfs.org.ipns.localhost:48084/ and redirected to http://en.wikipedia-on-ipfs.org.ipns.localhost:48084/wiki; clicked on Open using IPFS and got ipns://en.wikipedia-on-ipfs.org/wiki
loaded http://google.com.ipns.localhost:48084 and got expected ipfs resolve -r /ipns/google.com/: could not resolve name error

example	example	example

1reaction

lidelcommented, Apr 6, 2021

@stephendonner you mean for DNSLink names other than brantly.eth from https://github.com/brave/brave-browser/issues/13873#issuecomment-808141079?

This should succeed and redirect to ipns:// (has DNSLink) http://en.wikipedia-on-ipfs.org.ipns.localhost:[gw port]/#/
This should fail and not redirect to ipns:// (no DNSLink) http://google.com.ipns.localhost:[gw port]/#/

Top Results From Across the Web

Unpatched address bar spoofing vulnerability impacts major ...

Attackers able to spoof the URL address bar could lure online users into surfing a dangerous website, stealing account credentials and credit ...

HTTP security headers: An easy way to harden your web ...

Strict -Transport-Security The purpose of preloading is to speed up page loads and eliminate the risk of man-in-the-middle (MITM) attacks when a ......

HTTP security headers - Blog Michael Boeynaems

Strict -Transport-Security. Users browse to websites in several ways: * by typing the url (e.g. “infosecmike.com”) directly in the address bar * by ......

HTTP Security Headers - Octopus Deploy

The Strict-Transport-Security header is used to instruct browsers that all future requests (for a specified amount of time) are sent over HTTPS, ...

Web Security

HTTP Strict Transport Security (HSTS) is an HTTP header that notifies user ... users do not get connection errors when typing a URL...