Extract Gateway Code From Kubo #65
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This commit was moved from ipfs/kubo@a53d480
We've deprecated this system and have yet to move to a new system. We might as well remove everything, switch to a new system, then deliberately trace the entire system. This commit was moved from ipfs/kubo@906f45e
chore(dep): update deps This commit was moved from ipfs/kubo@37e0a60
Release v0.4.23 This commit was moved from ipfs/kubo@5b1687d
(we're implementing an _actual_ proxy) License: MIT Signed-off-by: Steven Allen <steven@stebalien.com> This commit was moved from ipfs/kubo@11c229b
Instead of adding a new fake header (that could be spoofed by the client...), just read the original request URI from the request object. This also removes support for suborigins. They have never been implemented in browsers and it looks like efforts have stalled. We can add support back if we need it but, well, maintaining support was going to be more trouble than it was worth. License: MIT Signed-off-by: Steven Allen <steven@stebalien.com> This commit was moved from ipfs/kubo@72490f7
License: MIT Signed-off-by: Marcin Rataj <lidel@lidel.org> This commit was moved from ipfs/kubo@3ecccd6
When request is sent to http://localhost:8080/ipfs/$cid response has HTTP 301 status code and "Location" header with redirect destination at $cid.ipfs.localhost:8080 Redirect is followed by browsersi, but not by commandline tools. Status 301 is ignored by curl in default mode: it will print response and won't follow redirect, user needs to add -L for that. To fix curl, we return correct payload in body of HTTP 301 response, but set Clear-Site-Data header to ensure Origin sandbox can't be abused. This requires a surgical workaround: If Location header is present in ResponseWriter's Header map, we ensure http.ServeContent() returns HTTP 301 Context: ipfs/kubo#6982 License: MIT Signed-off-by: Marcin Rataj <lidel@lidel.org> This commit was moved from ipfs/kubo@f9567a0
feat: gateway subdomains + http proxy mode This commit was moved from ipfs/kubo@0114869
This commit upgrades go-ipfs-cmds and configures the commands HTTP API Handler to only allow POST/OPTIONS, disallowing GET and others in the handling of command requests in the IPFS HTTP API (where before every type of request method was handled, with GET/POST/PUT/PATCH being equivalent). The Read-Only commands that the HTTP API attaches to the gateway endpoint will additional handled GET as they did before (but stop handling PUT,DELETEs). By limiting the request types we address the possibility that a website accessed by a browser abuses the IPFS API by issuing GET requests to it which have no Origin or Referrer set, and are thus bypass CORS and CSRF protections. This is a breaking change for clients that relay on GET requests against the HTTP endpoint (usually :5001). Applications integrating on top of the gateway-read-only API should still work (including cross-domain access). Co-Authored-By: Steven Allen <steven@stebalien.com> Co-Authored-By: Marcin Rataj <lidel@lidel.org> This commit was moved from ipfs/kubo@1b49047
…Allowed Spec says that response with 405 must set Allow headers. This commit was moved from ipfs/kubo@7340543
HTTP API: Only allow POST requests (plus OPTIONS) This commit was moved from ipfs/kubo@3304c28
(supersedes v2.7.3) License: MIT Signed-off-by: Marcin Rataj <lidel@lidel.org> This commit was moved from ipfs/kubo@7d397ac
feat: webui v2.7.4 This commit was moved from ipfs/kubo@4fdc3ad
Closes #7164 License: MIT Signed-off-by: Marcin Rataj <lidel@lidel.org> This commit was moved from ipfs/kubo@8290ec1
fix: subdomain redirect for dir CIDs This commit was moved from ipfs/kubo@6f4608b
This commit was moved from ipfs/kubo@135c451
feat: webui 2.7.5 This commit was moved from ipfs/kubo@28b7c3a
This commit was moved from ipfs/kubo@1e437c7
Previously, we only showed this /ipns paths. However, knowing the hash of the current directory is useful regardless. This commit was moved from ipfs/kubo@d8bc5c9
Even for dnslink websites. fixes ipfs/kubo#7205 This commit was moved from ipfs/kubo@46ae021
This commit was moved from ipfs/kubo@fd6b59b
Merge release into master This commit was moved from ipfs/kubo@dae6c03
feat(gateway): show the absolute path and CID every time This commit was moved from ipfs/kubo@ffe35df
…ent types This commit was moved from ipfs/kubo@2e87ac8
This commit was moved from ipfs/kubo@9201b1d
This commit was moved from ipfs/kubo@214d29e
This commit was moved from ipfs/kubo@e93f200
Fixes #7252 - Uses gabriel-vasile/mimetype to support additional content types This commit was moved from ipfs/kubo@01e27f9
In the same way that an `index.html` file is rendered, if one is present, when the requested path is a directory, now an `ipfs-404.html` file is rendered if the requested file is not present within the specified IPFS object. `ipfs-404.html` files are looked for in the directory of the requested path and each parent until one is found, falling back on the well-known 404 error message. License: MIT Signed-off-by: JP Hastings-Spital <jphastings@gmail.com> This commit was moved from ipfs/kubo@dfceafd
Merge Kubo: v0.18 This commit was moved from ipfs/kubo@644f0ae
Includes changes from: - ipfs/go-block-format#37 - #58 This commit was moved from ipfs/kubo@f20c980
* fix: honour --ttl flag in 'ipfs name publish' * docs(cli): ipfs name inspect --help Co-authored-by: Marcin Rataj <lidel@lidel.org> This commit was moved from ipfs/kubo@94e7f79
* feat(gateway): IPNS record response format * docs(rpc): mark as experimental: routing provide, get, put Co-authored-by: Marcin Rataj <lidel@lidel.org> This commit was moved from ipfs/kubo@a3c70a1
This commit was moved from ipfs/kubo@5908bbc
Codecov Report
@@ Coverage Diff @@
## main #65 +/- ##
==========================================
- Coverage 20.60% 17.69% -2.92%
==========================================
Files 81 91 +10
Lines 8609 10297 +1688
==========================================
+ Hits 1774 1822 +48
- Misses 6584 8220 +1636
- Partials 251 255 +4
|
hacdias
force-pushed
the
migrate-gateway
branch
4 times, most recently
from
1c9fb49
to
538a8a8
Compare
9 tasks
hacdias
force-pushed
the
migrate-gateway
branch
from
538a8a8
to
acff5bf
Compare
This comment was marked as outdated.
This comment was marked as outdated.
|
UPDATE: I have removed the version bump from this PR. I think it's best to bump the version after this PR is merged instead, so I can still easily work on possible improvements, such as the CI sharness tests I am adding now. @lidel this PR is ready for review. I don't understand why gorelease is giving that output, I run it locally and got the same. However, all tests pass and importing this package from ipfs/kubo#9588 works and everything is working properly. I will write an update if I find what the problem is (go mod tidy and go get -d ./... all return status 0 and no changes). As far as I understand, per the gorelease command above, it is downloading go-libipfs v0.3.0 and then trying to import the new gateway module. And it of course fails because the new gateway module is... new. AFAIK, it should instead say that there is a new module called gateway but I can't understand why it doesn't. I even manually did what
And it gave no errors. So I don't really know what's going on here. |
hacdias
force-pushed
the
migrate-gateway
branch
from
37a5606
to
ff9edec
Compare
hacdias
force-pushed
the
migrate-gateway
branch
from
ff9edec
to
d06f4a9
Compare
hacdias
commented
Jan 30, 2023
This comment was marked as outdated.
This comment was marked as outdated.
hacdias
force-pushed
the
migrate-gateway
branch
from
2739084
to
eaea27b
Compare
lidel
approved these changes
Jan 30, 2023
Comment on lines
+37
to
+41
| - name: Replace go-libipfs in Kubo go.mod | ||
| run: | | ||
| go mod edit -replace=github.com/ipfs/go-libipfs=../go-libipfs | ||
| go mod tidy | ||
| cat go.mod |
There was a problem hiding this comment.
💭 this will probably break when we work on #61 but after we stabilize GO API, it will be ok
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The gateway has arrived 🚀.
This extracts the gateway from Kubo, as per tracked in ipfs/kubo#8524. This PR is based on the history and code from ipfs/kubo#9588.