IPFS badge broken on public gateways #14657

lidel · 2021-03-11T23:40:54Z

Found this in brave-browser-nightly-1.23.32-linux-amd64 cc ipfs/in-web-browsers#64

People visiting a random public gateway should be able to open resources via their own node to ensure the integrity of downloaded data. Unfortunately it does not work yet: the badge is broken on gateways in 1.23.32 (nightly).

How to Reproduce

https://bafybeigdyrzt5sfp7udm7hu76uh7y26nf3efuylqabf3oclgtqy55fbzdi.ipfs.cf-ipfs.com/ shows:

Clicking on a badge opens an invalid URI:

(expected behavior in this case is to open ipfs://bafybeigdyrzt5sfp7udm7hu76uh7y26nf3efuylqabf3oclgtqy55fbzdi)

Underlying problem

I know we have a simple situation for DNSLink websites: when x-ipfs-path is present we swap the protocol from https to ipns and call it a day.

Unfortunately this does not work for non-DNSLink resources such as gateways.
I think we focused on DNSLink pages so much that we never discussed how non-DNSLink contexts like public gateways should be handled.

We need to ensure a reverse transformation to what is described in addressing guideline happens when the user clicks on the badge.

Proposed fix

For the sake of reducing complexity and future-proofing, Brave could tweak the badge logic to make things work on all types of gateways (path, subdomain, dnslink):

read content path value from x-ipfs-path header
remove first slash and replace second one with ://
append any ?queries or #fragments present in the original URL

To illustrate, assuming URL in address bar is https://{something}?query#fragment and HTTP response has x-ipfs-path header, the x-ipfs-path value → URI of tab to open after clicking on the badge mapping could look like this:

/ipfs/{cid}/path → ipfs://{cid}/path?query#fragment
/ipns/{libp2p-key}/path → ipns://{libp2p-key}/path?query#fragment
/ipns/{dnslink-fqdn}/path → ipns://{dnslink-name}/path?query#fragment
- This is especially nice: removes the need for Brave to do any conversion of {dns-safe-fqdn} because {dnslink-fqdn} in the header is already correct.
- Test with this edge case: https://en-wikipedia--on--ipfs-org.ipns.dweb.link/wiki/

@spylogsster does this sound feasible?

The text was updated successfully, but these errors were encountered:

spylogsster · 2021-03-12T08:47:23Z

@lidel yes, looks good, thanks for detailed clarification

spylogsster · 2021-03-15T11:41:32Z

@lidel what about 5xx when we resolve dnslink record?
for https://en.wikipedia-on-ipfs.org/wiki/Tokyo_National_Museum.html we have dnslink=/ipfs/QmXoypizjW3WknFiJnKLwHCnL72vedxjQkDDP1mXWo6uco
should it be ipfs://QmXoypizjW3WknFiJnKLwHCnL72vedxjQkDDP1mXWo6uco/wiki/Tokyo_National_Museum.html as a result?
It will be redirected to after navigation ipfs://bafybeiemxf5abjwjbikoz4mc3a3dla6ual3jsgpdr4cjr3oz3evfyavhwq/wiki/Tokyo_National_Museum.html

lidel · 2021-03-15T19:09:46Z

@spylogsster for DNSLink websites we always want human-readable ipns://en.wikipedia-on-ipfs.org/wiki/Tokyo_National_Museum.html in address bar, including the recovery logic for 5xx.

stephendonner · 2021-03-22T23:51:32Z

Verified PASSED using modified steps from the testplan in brave/brave-core#8254

Brave	1.24.12 Chromium: 89.0.4389.90 (Official Build) nightly (x86_64)
Revision	62eb262cdaae9ef819aadd778193781455ec7a49-refs/branch-heads/4389@{#1534}
OS	macOS Version 11.2.3 (Build 20D91)