This commit upgrades go-ipfs-cmds and configures the commands HTTP API Handler
to only allow POST/OPTIONS, disallowing GET and others in the handling of
command requests in the IPFS HTTP API (where before every type of request
method was handled, with GET/POST/PUT/PATCH being equivalent).
The Read-Only commands that the HTTP API attaches to the gateway endpoint will
additional handled GET as they did before (but stop handling PUT,DELETEs).
By limiting the request types we address the possibility that a website
accessed by a browser abuses the IPFS API by issuing GET requests to it which
have no Origin or Referrer set, and are thus bypass CORS and CSRF protections.
This is a breaking change for clients that relay on GET requests against the
HTTP endpoint (usually :5001). Applications integrating on top of the
gateway-read-only API should still work (including cross-domain access).
Co-Authored-By: Steven Allen <steven@stebalien.com>
Co-Authored-By: Marcin Rataj <lidel@lidel.org>
This logic collects a list of known relays by testing every new connection.
It exists so we can dial /p2p-circuit/p2p/QmFoobar addresses (circuit addresses
that don't specify the relay). However, this kind of address is useless outside
of basic demos as a random relay is practically guaranteed to not be connected
to the target peer. Picking a random relay to connect to some peer is almost
_never_ the desired behavior.
When request is sent to http://localhost:8080/ipfs/$cid response has
HTTP 301 status code and "Location" header with redirect destination at
$cid.ipfs.localhost:8080
Redirect is followed by browsersi, but not by commandline tools.
Status 301 is ignored by curl in default mode: it will print response
and won't follow redirect, user needs to add -L for that.
To fix curl, we return correct payload in body of HTTP 301 response,
but set Clear-Site-Data header to ensure Origin sandbox can't be abused.
This requires a surgical workaround:
If Location header is present in ResponseWriter's Header map,
we ensure http.ServeContent() returns HTTP 301
Context: https://github.com/ipfs/go-ipfs/pull/6982
License: MIT
Signed-off-by: Marcin Rataj <lidel@lidel.org>
Go-ipfs user agents usually look like go-ipfs/VERSION/COMMIT_or_EMPTY. However,
we changed this to /go-ipfs/VERSION(/COMMIT)? on master for a while. This change
reverts this to make parsing the user agent simpler.
Co-Authored-By: Oli Evans <oli@tableflip.io>
This will be useful when testing `refs local, `repo gc`, and `repo verify`
commands once we store blocks by multihash instead of by CID. At that point,
these commands will return raw v1 CIDs as the blockstore won't actually remember
the codec used to store the block.
Flags choice:
* Ideally, we'd use the `-f, --format` flags like every other command but we're
already using `-f` (format) for the format string.
* Alternatively, I'd like to use `-c`. However, we're using _that_ for a global
`--config` flag (bit of a waste given that it doesn't work...).
`--codec` will have to do for now.
Docker on a mac might be available, but may not be runnng. The
way the original test was written is linux-specific anyway, so
just hoist the check into the DOCKER declaration
54b1969c4b correctly switched from nc to socat, but did not account for it
not being as widely available. Adjust tests that depend on it with the
correct message.
There are also a number of comments pertaining to nc - they were not
adjusted.
- Make `ipfs files rm --force /nonexistant` succeed when the path does not exist.
- Add shaness test for removing nonexistant paths
- Refactor duplicated code to find a parent dir into a function
I've been writing scripts against the files api, and having to stat things before removing them is a pain. So this PR aims to make --force do what I'd expect it to.
License: MIT
Signed-off-by: Oli Evans <oli@tableflip.io>
The patches that required the replace directives have been merged upstream.
Unfortunately, those branches have now been deleted, breaking the build.
GAH!
1. This means those deps don't get pulled in unless we actually need to test.
2. It means we can cordon all the golangci-lint module replace hacks off into a
separate package.
For now, configs specified in `daemon --init-config` and `init CONFIG` are not
available. We should fix this eventually but isn't necessary for now (and
supporting this will be annoying).
We can no longer test this with bad keys. Unfortunately, good keys will likely
contain a newline and we have no way to send such keys to the server due to how
API requests are formatted.
