Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

IPFS URI should be loaded over localhost, not 127.0.0.1 #14499

Closed
stephendonner opened this issue Mar 5, 2021 · 3 comments · Fixed by brave/brave-core#8263
Closed

IPFS URI should be loaded over localhost, not 127.0.0.1 #14499

stephendonner opened this issue Mar 5, 2021 · 3 comments · Fixed by brave/brave-core#8263
Assignees
@spylogsster
Labels
feature/web3/ipfs OS/Desktop QA Pass-macOS QA/Yes release-notes/include
Milestone
1.23.x - Release

Comments

@stephendonner
Copy link

stephendonner commented Mar 5, 2021
edited
Loading

Description

IPFS URI should be loaded over localhost, not 127.0.0.1

Steps to Reproduce

  1. Install IPFS Desktop and it should be started on port 8080
  2. Load http://127.0.0.1:8080/ipfs/QmV4FVfWRG4hJJKUsS1aU9MK85HYFJtuCmYAj8HetS8qMS. It should load the content but retain the https://localhost/ipfs/QmV4FVfWRG4hJJKUsS1aU9MK85HYFJtuCmYAj8HetS8qMS URI in the address bar.

Actual result:

The URI is http://127.0.0.1:8080/ipfs/QmV4FVfWRG4hJJKUsS1aU9MK85HYFJtuCmYAj8HetS8qMS

Screen Shot 2021-03-05 at 8 23 36 AM

Expected result:

According to #13872 (comment), the URI should be https://localhost/ipfs/QmV4FVfWRG4hJJKUsS1aU9MK85HYFJtuCmYAj8HetS8qMS, with localhost rather than 127.0.0.1

Reproduces how often:

Brave version (brave://version info)

Brave 1.23.19 Chromium: 89.0.4389.72 (Official Build) nightly (x86_64)
Revision 3f345f156bfd157bd1bea06310e55f3fb2490359-refs/branch-heads/4389@{#1393}
OS macOS Version 11.2.2 (Build 20D80)

Version/Channel Information:

  • Can you reproduce this issue with the current release? no
  • Can you reproduce this issue with the beta channel? yes
  • Can you reproduce this issue with the nightly channel? yes

cc: @spylogsster @lidel
@spylogsster spylogsster self-assigned this Mar 5, 2021
@stephendonner stephendonner mentioned this issue Mar 5, 2021
Closed
@lidel
Copy link

lidel commented Mar 8, 2021
edited
Loading

This is a sensible request and a security fix (raw IP can't have subdomains, so it won't provide origin isolation).
IPFS Companion enforces use of localhost by default, because that is the only way to provide origin isolation per CID (gateway will redirect to proper subdomain, so nothing else needs to be done).

The fix here is to detect requests to 127.0.0.1 and port of local gateway, and redirect them to localhost name

@spylogsster spylogsster mentioned this issue Mar 16, 2021
Merged
24 tasks
@spylogsster
Copy link

spylogsster commented Mar 16, 2021
edited
Loading

Added replacement 127.0.0.1 to localhost for default gateway. If we setup the public gateway to http://127.0.0.1:8080/, the url will be converted to localhost, but the address bar finally will retain ipfs://bafybeiddzzce2l4stkz6fotj7hugeyehtv3kobcku2jvrakgpiqgx4j6fe/ cc @lidel

@spylogsster spylogsster added this to the 1.23.x - Nightly milestone Mar 16, 2021
@stephendonner
Copy link
Author

stephendonner commented Mar 17, 2021
edited
Loading

Verified FIXED using beta build with the testplan from brave/brave-core#8263

Brave 1.23.43 Chromium: 89.0.4389.90 (Official Build) beta (x86_64)
Revision 62eb262cdaae9ef819aadd778193781455ec7a49-refs/branch-heads/4389@{#1534}
OS macOS Version 11.2.3 (Build 20D91)

Steps:

  1. Install IPFS Desktop and it should be started on port 8080
  2. Set public gateway to http://127.0.0.1:8080/
  3. Load http://127.0.0.1:8080/ipfs/QmV4FVfWRG4hJJKUsS1aU9MK85HYFJtuCmYAj8HetS8qMS
  4. It should load the content but retain the ipfs://bafybeiddzzce2l4stkz6fotj7hugeyehtv3kobcku2jvrakgpiqgx4j6fe/

Verified when I loaded http://127.0.0.1:8080/ipfs/QmV4FVfWRG4hJJKUsS1aU9MK85HYFJtuCmYAj8HetS8qMS that it redirected to/retained ipfs://bafybeiddzzce2l4stkz6fotj7hugeyehtv3kobcku2jvrakgpiqgx4j6fe/ in the URL bar.

ipfs-gateway

@LaurenWags LaurenWags mentioned this issue Apr 13, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@spylogsster spylogsster

Labels
feature/web3/ipfs OS/Desktop QA Pass-macOS QA/Yes release-notes/include
Projects
None yet
Milestone
1.23.x - Release
Development

Successfully merging a pull request may close this issue.

Convert 127.0.0.1 to localhost for default ipfs gateways brave/brave-core
3 participants
@lidel @stephendonner @spylogsster