Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

docs: improved security notes #151

Merged
merged 4 commits into from
Jun 9, 2021
Merged

docs: improved security notes #151

merged 4 commits into from
Jun 9, 2021

Conversation

lidel
Copy link
Member

@lidel lidel commented Jun 8, 2021
edited
Loading

Adds SECURITY NOTES to README based on changes from #148 + mirrors them at the top of checker, so its hard to ignore:

Screenshot of Public Gateway Checker

cc @autonome @momack2 @ribasushi @gmasgras @mburns @aschmahmann @jessicaschilling @schomatis

lmk SECURITY NOTES section could be improved

jessicaschilling
jessicaschilling approved these changes Jun 8, 2021
View reviewed changes
README.md Show resolved Hide resolved
ribasushi
ribasushi reviewed Jun 8, 2021
View reviewed changes
README.md Outdated Show resolved Hide resolved
schomatis
schomatis approved these changes Jun 8, 2021
View reviewed changes
Copy link

@schomatis schomatis left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, my only question would be why do we list the insecure gateways at all (laying the burden of discriminating between static and dapps on the user might be a bit of a stretch).

ribasushi
ribasushi approved these changes Jun 8, 2021
View reviewed changes
Copy link
Contributor

@ribasushi ribasushi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

❤️

@lidel
Copy link
Member Author

lidel commented Jun 8, 2021

why do we list the insecure gateways at all

@schomatis the "insecurity" depends on use case:

  • When we talk about loading the root HTML document into a web browser, and expecting it to use storage/apis provided by the browser, then only subdomain gateways are "secure".
  • However, if you want to load non-HTML type of content (images, videos, pdf documents) then a path gateway is fine, as it does not require origin isolation.

We most likely will have both, catering to different needs. This disclaimer is a temporary measure: instead of removing path gateways, we will ensure path ones can't be used for use cases where origin isolation matters – see ipfs/in-web-browsers#157

@lidel
Copy link
Member Author

lidel commented Jun 8, 2021

@jessicaschilling mind taking another look? (SECURITY NOTES were added to the checker itself)

@jessicaschilling
Copy link
Contributor

@jessicaschilling mind taking another look? (SECURITY NOTES were added to the checker itself)

Any chance of stealing the visual formatting from IPFS docs for the tip/warning boxes, for consistency?

lidel and others added 4 commits June 8, 2021 23:54
@lidel
docs: improved security notes
6d16349 
Improved README based on changes from #148
@lidel @ribasushi
style: clarify third-party vs PL
8e4fcfc 
Co-authored-by: Peter Rabbitson <ribasushi@protocol.ai>
@lidel
feat: security disclaimer at the top of checker
c196af1 
This adds the operator disclaimer ifrom README to the top of checker.

License: MIT
Signed-off-by: Marcin Rataj <lidel@lidel.org>
@lidel
style: warning css from docs.ipfs.io
74e93e0 
#151 (comment)

License: MIT
Signed-off-by: Marcin Rataj <lidel@lidel.org>
@lidel
Copy link
Member Author

lidel commented Jun 8, 2021
edited
Loading

@jessicaschilling will this do?

Screen Shot 2021-06-09 at 00 01 46

@jessicaschilling
Copy link
Contributor

Nice! Thanks 😊

@lidel lidel merged commit 5893f35 into master Jun 9, 2021
@lidel lidel deleted the docs/origin-isolation branch June 9, 2021 00:04
github-actions bot pushed a commit that referenced this pull request Apr 17, 2023
@semantic-release-bot
chore(release): 1.0.0 [skip ci]
5f2811b 
## 1.0.0 (2023-04-17)

### Features

* /ipns/ check ([#313](#313)) ([10a5c13](10a5c13))
* add countly metrics ([#309](#309)) ([c727202](c727202))
* add cthd.icu ([#294](#294)) ([a2e0102](a2e0102))
* add https://ipfs.czip.it ([#374](#374)) ([f3dde51](f3dde51))
* add https://ipfs.joaoleitao.org ([#323](#323)) ([787f131](787f131))
* add ipfs.1-2.dev ([#169](#169)) ([c764ad6](c764ad6))
* add ipfs.drink.cafe ([#116](#116)) ([cc84899](cc84899))
* add ipfs.jpu.jp ([#348](#348)) ([b52b8c7](b52b8c7))
* add ipfs.litnet.work ([#222](#222)) ([1fd2e68](1fd2e68))
* add ipfs.pinksheep.whizzzkid.dev ([#326](#326)) ([d40a2c1](d40a2c1))
* add ipfs.soul-network.com ([#389](#389)) ([57fe04d](57fe04d))
* add nftstorage.link gateway ([#204](#204)) ([e588108](e588108))
* add Onion Gateway (TOR)  fzdqwfb5ml56oadins5jpuhe6ki6bk33umri35p5kt2tue4fpws5efid.onion ([#212](#212)) ([01ff12f](01ff12f))
* add w3s.link gateway ([#288](#288)) ([000a26f](000a26f))
* country flags ([#96](#96)) ([84a31fe](84a31fe))
* Create CODEOWNERS ([#283](#283)) ([b62b41c](b62b41c))
* Deleted https://ipfs.czip.it ([#393](#393)) ([77d67a4](77d67a4))
* Implementing Trustless Server Checks ([#310](#310)) ([4a2c926](4a2c926))
* improved Origin detection via img tag ([#117](#117)) ([8407e80](8407e80))
* improved origin isolation check ([#148](#148)) ([abd4c1c](abd4c1c))
* Introducing Service Worker For Cache Busting ([#357](#357)) ([0536782](0536782))
* new gateway https://ipfs.tayfundogdas.me/ipfs ([#321](#321)) ([9d5b552](9d5b552))
* remove ipfs.foxgirl.dev ([#155](#155)) ([15fd028](15fd028))
* remove smartsignature.io ([#146](#146)) ([77b45b6](77b45b6))
* subdomain gateways and Origin isolation check ([#78](#78)) ([afcbffa](afcbffa))
* update geoip dataset (2020-10-13) ([4187738](4187738))
* update geoip dataset (2020-10-13) ([#115](#115)) ([782b66b](782b66b))
* use typescript ([#194](#194)) ([10958e6](10958e6))

### Bug Fixes

* ⏪ Reverting [#323](#323): ipfs.joaoleitao.org ([#394](#394)) ([b5bb34c](b5bb34c))
* **ci:** add empty commit to fix lint checks on master ([3ae6aa0](3ae6aa0))
* **ci:** skip test if no code changed ([#210](#210)) ([7d6d628](7d6d628))
* cleanup entries missing DNS A record ([#180](#180)) ([2b7ad30](2b7ad30))
* do not redirect IPNS checks ([#325](#325)) ([79bb51d](79bb51d))
* flag column and new ipfs-geoip dataset ([#319](#319)) ([f5fc723](f5fc723))
* metrics consent prompt location and styling ([#353](#353)) ([e709f2b](e709f2b))
* npm start should work without prior cmds ([#307](#307)) ([7ebe2e5](7ebe2e5))
* opt-out from redirects done by browser extension ([6dd5f51](6dd5f51))
* origin typo ([#200](#200)) ([d198abb](d198abb))
* **origin:** confirm paths redirect to subdomain ([#156](#156)) ([b837a35](b837a35))
* remove heart ([#332](#332)) ([f61ec84](f61ec84))
* update ipfs.ivoputzer.xyz gateway entry ([#152](#152)) ([4b760d9](4b760d9))
* update metrics collection banner to modal with management toggle settings ([#373](#373)) ([d925b36](d925b36))
* update redirect opt-out symbol to final version ([efd5dbf](efd5dbf))

### Trivial Changes

* **deps-dev:** bump aegir from 36.2.3 to 37.5.5 ([#305](#305)) ([1d62fc3](1d62fc3))
* **deps-dev:** bump aegir from 37.5.5 to 37.5.6 ([#316](#316)) ([d3cd9bd](d3cd9bd))
* **deps-dev:** bump browserslist from 4.19.3 to 4.21.4 ([#295](#295)) ([7850071](7850071))
* **deps-dev:** bump eslint-config-ipfs from 2.1.0 to 3.1.1 ([#300](#300)) ([f1bce91](f1bce91))
* **deps-dev:** bump eslint-config-ipfs from 3.1.1 to 3.1.2 ([#315](#315)) ([0506c19](0506c19))
* **deps-dev:** bump ipfs from 0.62.1 to 0.64.2 ([#296](#296)) ([d47e503](d47e503))
* **deps-dev:** bump ipfs from 0.64.2 to 0.65.0 ([#322](#322)) ([b400349](b400349))
* **deps-dev:** bump typescript from 4.6.2 to 4.8.3 ([#293](#293)) ([c56afa1](c56afa1))
* **deps-dev:** bump typescript from 4.8.3 to 4.8.4 ([#304](#304)) ([899b4fc](899b4fc))
* **deps:** bump @dutu/rate-limiter from v1.3.0 to v1.3.1 ([#299](#299)) ([5e598e8](5e598e8))
* **deps:** bump aegir from 36.1.3 to 36.2.3 ([#202](#202)) ([8fa5851](8fa5851))
* **deps:** bump jpeg-js from 0.4.3 to 0.4.4 ([#253](#253)) ([65f99f3](65f99f3))
* **deps:** ipfs-http-client@58.0.1 ([#308](#308)) ([1bcda7c](1bcda7c))
* improve submission/PR info ([#119](#119)) ([a238f3f](a238f3f))
* improved security notes ([#151](#151)) ([5893f35](5893f35)), closes [#148](#148) [/github.com//pull/151#issuecomment-857193370](https://github.com/ipfs//github.com/ipfs/public-gateway-checker/pull/151/issues/issuecomment-857193370)
* ipfs-geoip v5 ([0d8091e](0d8091e))
* ipfs-geoip@8.0.0 ([c4e8180](c4e8180))
* readme cleanup ([798777e](798777e))
* remove dead hostnames ([#280](#280)) ([e861280](e861280))
* remove expired domains ([#179](#179)) ([16c9985](16c9985))
* remove ipfs-zod.tv ([#234](#234)) ([6f79a80](6f79a80))
* removed birds-are-nice.me ([#173](#173)) ([ff2e05c](ff2e05c)), closes [#172](#172)
* removing my gateway for now ([#335](#335)) ([cf61e68](cf61e68))
* style formatting and linting fixes ([#366](#366)) ([a81d48b](a81d48b))
* Update .github/workflows/stale.yml [skip ci] ([5fc4a68](5fc4a68))
* update readme with link to fleek ([#337](#337)) ([3dc5dbe](3dc5dbe))
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ribasushi ribasushi ribasushi approved these changes

@schomatis schomatis schomatis approved these changes

@autonome autonome Awaiting requested review from autonome

@momack2 momack2 Awaiting requested review from momack2

@aschmahmann aschmahmann Awaiting requested review from aschmahmann

@jessicaschilling jessicaschilling Awaiting requested review from jessicaschilling

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@lidel @jessicaschilling @ribasushi @schomatis