fix(gateways): Removing Offending Gateways #443
Conversation
| 'https://ipfs.soul-network.com/ipfs/:hash', | ||
| 'https://ipfs.twdragon.net/ipfs/:hash', | ||
| 'https://getipfs.com/ipfs/:hash', | ||
| 'https://storage.web3ph.dev/gw/:hash', |
There was a problem hiding this comment.
| @@ -80,8 +79,5 @@ export default [ | |||
| 'https://cthd.icu/ipfs/:hash', | |||
| 'https://ipfs.tayfundogdas.me/ipfs/:hash', | |||
| 'https://ipfs.jpu.jp/ipfs/:hash', | |||
| 'https://ipfs.soul-network.com/ipfs/:hash', | |||
| 'https://ipfs.twdragon.net/ipfs/:hash', | |||
| 'https://getipfs.com/ipfs/:hash', | |||
| @@ -80,8 +79,5 @@ export default [ | |||
| 'https://cthd.icu/ipfs/:hash', | |||
| 'https://ipfs.tayfundogdas.me/ipfs/:hash', | |||
| 'https://ipfs.jpu.jp/ipfs/:hash', | |||
| 'https://ipfs.soul-network.com/ipfs/:hash', | |||
| 'https://ipfs.twdragon.net/ipfs/:hash', | |||
| @@ -46,7 +46,6 @@ export default [ | |||
| 'https://ipfs.xoqq.ch/ipfs/:hash', | |||
| 'http://natoboram.mynetgear.com:8080/ipfs/:hash', | |||
| 'https://video.oneloveipfs.com/ipfs/:hash', | |||
| 'http://ipfs.anonymize.com/ipfs/:hash', | |||
whizzzkid
force-pushed
the
fix/deceptive-site-warnings
branch
from
3ab4aed
to
562f8f8
Compare
|
@whizzzkid I blocked programmatically case-sensitive CIDs on the gateway, and passed the exclusion request to Google. Hope now the gateway will be considered safe, cause it will support only subdomains. Please wait around 3 days to let Google check the domain |
|
@whizzzkid it would be nice if we could check a gateway's support of the badbits list |
|
@aschmahmann @lidel do you have any recommendations here? |
|
Agreed that more badbits usage is a good thing (but obviously each user should choose what is right for them). In 2023 Kuibo will get a primitive in place making it more self-service to consume and use such lists: ipfs/kubo#8492 In terms of determining whether a gateway supports badbits, I think the easiest way to do that is to grab some random CIDs from the list and check what happens when you request them from the gateway. That said, this browser red screen of death will go away when gateway stats (besides ping) are handled in CI (rather than from each browser). There were plans discussed this week of moving in that direction: https://pl-strflt.notion.site/Gateway-Conformance-Dashboards-10490048436e456d99d40016586a6937#cf9d867edd2043619894e5eab4c36bfc |
|
@whizzzkid @SgtPooki @BigLep the gateway domain passed the Google checkup, so we can use it, but it is now supporting only the subdomain addressing schema |
|
@twdragon the gateway still results in 403, can you create a separate PR for adding it back? |
|
@whizzzkid yes, I will do. Please note that the gateway do not support anymore CID v0 and requires only subdomain-based requests. Is it a problem? |
That should be fine, subdomain-based requests are more secure |
## [1.6.1](v1.6.0...v1.6.1) (2023-08-07) ### Bug Fixes * **gateways:** Removing Offending Gateways ([#443](#443)) ([7bf97f5](7bf97f5))
|
🎉 This PR is included in version 1.6.1 🎉 The release is available on GitHub release Your semantic-release bot 📦🚀 |
Closes: #433
CC: @SgtPooki @BigLep
This doesn't feel sustainable, maybe the need is to evangelize https://badbits.dwebops.pub/ more.