Coder Social home page Coder Social logo

Comments (2)

lidel avatar lidel commented on September 13, 2024

I'm moving this back to ipfs-companion, as it does not seem to be actionable from the perspective of Kubo repository
(imo Kubo repo should not have documentation related to companion, just like we don't have anything about ipfs-desktop, ipfsd-ctl, ipfs-cluster or any other project that uses Kubo – such docs belong to repo of respective project)

As for configuring Companion to work with non-localhost node, my suggestion is to be conservative:

  • Companion is a GUI application that should "just work"
  • We should NOT ask people to set CORS headers for ipfs-companion to function correctly
    • Setting CORS to safelist RPC port access is hard for a reason: this is a power user feature that comes with security risk, VERY easy to give admin access to RPC port to every website on the internet.
      • Kubo has no access control mechanism beyond CORS atm, and until some way of guarding it like ipfs/kubo#1532 is resolved, using RPC outside a controlled environment of localhost is considered a power user feature, aka "use at your own risk".

👉 By looking at the reddit post, it sounds like what IPFS Companion could do, is to have more meaningful error message when non-localhost RPC or Gateway is used. It should explain security (CORS giving admin access to RPC API) and/or interop ramifications (non-localhost cleartext http:// gateway causing mixed-content errors IF subresources are redirected).

[..] shows ipfs not running even though I am using a kubo rpc install on the local network. #

This sounds like a bug?

from ipfs-companion.

crotel avatar crotel commented on September 13, 2024

How about add virtual network for API isolation. like through zerotier-like intranet for using api remotely, while local computer at same network, then put the other ports public if one-self wanted, which like gateway, swarm etc,.?
maybe this way should link the cluster together in more safe way?

from ipfs-companion.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.