Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Switch blinded token requests to use new mywallet endpoint
See original GitHub issueDescription
In order to better specify the privacy properties of the various ads endpoints, we want to change the hostnames to explicitly reflect the specific use according to our privacy policy:
The following endpoints should be reconfigured to go to mywallet.ads.brave.com, with the same path as current
- /v1/getstate
- /v2/confirmation/token/{paymentId}
- /v2/confirmation/payment/{paymentId}
All other endpoints on ads-serve.brave.com should instead go to anonymous.ads.brave.com
Anonymous (anonymous.ads.*):
GET /v1/issuers/
POST /v2/confirmation/{confirmation_id}/{credential}
GET /v2/confirmation/{confirmation_id}/paymentToken
Non anonymous (mywallet.ads.*):
PUT /v2/confirmation/payment/{payment_id}
GET /v2/confirmation/token/{payment_id}?nonce={nonce}
POST /v2/confirmation/token/{payment_id}
GET /v{n}/catalog falls back to ads-static for production environment
GET /v1/getstate falls back to ads-static for production environment
Issue Analytics
- State:
- Created 2 years ago
- Comments:11 (3 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
see here for where ads-serve is currently pinned: https://github.com/brave/brave-core/blob/c215ec61bd7632a1235be014606361d4e2b32fac/chromium_src/net/tools/transport_security_state_generator/input_file_parsers.cc#L460
@jsecretan can we make sure that the new endpoints are cert-pinned? @diracdeltas