[Security] Even more strict on address bar for IPNS
See original GitHub issueThis issue #13872 makes it so we only use ipns:// and ipfs:// for configured gateways.
This issue https://github.com/brave/brave-browser/issues/13873 is for being more strict for ipfs://
.
For IPNS, once we have DNSLink, we should only replace when there’s a valid CID and when DNSLink has no information for the name being used.
Issue Analytics
- State:
- Created 3 years ago
- Comments:5
Top Results From Across the Web
Unpatched address bar spoofing vulnerability impacts major ...
Attackers able to spoof the URL address bar could lure online users into surfing a dangerous website, stealing account credentials and credit ...
Read more >HTTP security headers: An easy way to harden your web ...
Strict -Transport-Security The purpose of preloading is to speed up page loads and eliminate the risk of man-in-the-middle (MITM) attacks when a ......
Read more >HTTP security headers - Blog Michael Boeynaems
Strict -Transport-Security. Users browse to websites in several ways: * by typing the url (e.g. “infosecmike.com”) directly in the address bar * by ......
Read more >HTTP Security Headers - Octopus Deploy
The Strict-Transport-Security header is used to instruct browsers that all future requests (for a specified amount of time) are sent over HTTPS, ...
Read more >Web Security
HTTP Strict Transport Security (HSTS) is an HTTP header that notifies user ... users do not get connection errors when typing a URL...
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
Verified
PASSED
withSteps:
http://en.wikipedia-on-ipfs.org.ipns.localhost:48081/
and redirected tohttp://en.wikipedia-on-ipfs.org.ipns.localhost:48081/wiki
; clicked onOpen using IPFS
and gotipns://en.wikipedia-on-ipfs.org/wiki
http://google.com.ipns.localhost:48081
and got expectedipfs resolve -r /ipns/google.com/: could not resolve name
errorVerification passed on
Verified the above test plan
Verified
PASSED
withSteps:
http://en.wikipedia-on-ipfs.org.ipns.localhost:48084/
and redirected tohttp://en.wikipedia-on-ipfs.org.ipns.localhost:48084/wiki
; clicked onOpen using IPFS
and gotipns://en.wikipedia-on-ipfs.org/wiki
http://google.com.ipns.localhost:48084
and got expectedipfs resolve -r /ipns/google.com/: could not resolve name
error@stephendonner you mean for DNSLink names other than
brantly.eth
from https://github.com/brave/brave-browser/issues/13873#issuecomment-808141079?http://en.wikipedia-on-ipfs.org.ipns.localhost:[gw port]/#/
http://google.com.ipns.localhost:[gw port]/#/