在线时间:8:00-16:00
迪恩网络APP
随时随地掌握行业动态
扫描二维码
关注迪恩网络微信公众号
开源软件名称:cloudflarearchive/ipfs-ext开源软件地址:https://github.com/cloudflarearchive/ipfs-ext开源编程语言:JavaScript 94.8%开源软件介绍:IPFS Gateway Validator
This repo contains the source code for a browser extension that intercepts requests to IPFS gateways and distinguished domain names, and cryptographically verifies that the server's response is valid. It currently only works in Firefox because Firefox is the only browser that supports the webRequest.filterResponseData() API. Currently, it intercepts any request to:
What are ipfs-sec domains for?ipfs-sec domains have several security and usability properties that make them ideal for building trust-minimizing web apps. Unlike requests served by a communal or local gateway, ipfs-sec domains are considered by the browser as a distinct origin. This means they have a safe place to store cookies and local data, can request special permissions from the user, and can run service workers free from manipulation by malicious third-party documents. Web apps with an ipfs-sec domain can be served by a CDN to reduce their operational cost and load time through caching, as well as provide protection from DDoS attacks. However, unlike with a traditional web app, the website owner is assured that the CDN cannot maliciously modify his content. The user could also be assured that the website owner hasn't maliciously modified their own web app through the use of a Certificate Transparency-like system for DNS, though this is not currently implemented. Finally, ipfs-sec domains are backwards-compatible. Users that don't want to install the extension will be served the same content as users that do have the extension, they just won't get the security benefits. You can read more about ipfs-sec, including how to create an ipfs-sec website, in our blog post about end-to-end integrity. How do I build the extension?
Notes
|
2023-10-27
2022-08-15
2022-08-17
2022-09-23
2022-08-13
请发表评论