-
Notifications
You must be signed in to change notification settings - Fork 2.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support DNSLink resolution #13609
Comments
Sweet! This will be fantastic onboarding experience and I feel we should do this as soon as we can. tip: if you find it too expensive to run additional
|
I think the DDoS use-case is very important. In parallel, onboarding of website should be made as easy as possible (but i'm a bit off-topic here). |
Love it! Small nit: would |
@jessicaschilling good call |
Would be nice if opt-in in here would be persisted in some way, so that next navigation would go straight to ipfs:// as opposed to prompting user once again. Otherwise I fear user needs to be highly motivated to reload already loaded page. |
as decided in slack chat
|
@bbondy does this only show up for users who already have |
It would show up any time the x-ipfs-path header is present in a response body of the main frame. |
i don't think this should be running for users who've already set IPFS to disabled. suggested that in the code review and it was added here: https://github.com/brave/brave-core/pull/8068/files#diff-b2b99579204c3baf1314de0455a345809f2fee17c392a9a8b612dd839e99be9dR147 for users whose setting is 'ask' (the default), i confirmed it shows the interstitial page when 'open in IPFS' is clicked. 👍 |
I agree on the disabled state, good catch. Thanks! |
it looks like the current implementation will initiate 2 dnslink lookups for every status code from 500-504 (https://github.com/brave/brave-core/pull/8068/files#diff-b2b99579204c3baf1314de0455a345809f2fee17c392a9a8b612dd839e99be9dR182-R185) given the extra scrutiny on brave network requests lately, perhaps we should ask the user for consent to do these lookups if they aren't already opted into IPFS? for instance show a prompt similar to the one for the wayback machine. |
@diracdeltas @spylogsster @lidel how about so we can make progress here we limit to only when an IPFS selection is made away from Ask and not Disable. I.e. only for Gateway and Local options. We can discuss what to do with Ask in a different issue. |
@bbondy sgtm.
|
sgtm! |
as discussed in slack with @lidel we should ignore dnslink value and the button should navigate to ipns://[domain], for example: |
Updated description to meet new conditions after some discussions in slack |
Verified
Verified:
I also verified that when both: 1) |
I think, your current algorithm:
is not good, because of:
I think, more nice and correct idea - to use IP-address 0.0.0.0 (INADDR_ANY) as a flag of "there is no server, use dnslink".
As an alternative: instead of A=0.0.0.0 we can use 127.0.0.127. This address included into loopback netmask /8, and actually don't used widely. We can reuse it as a flag for "No site, search DNSLink" |
There is no need for special convention around IPFS Companion explicitly listens for specific error events and triggers DNSLink lookup for recovery:
Brave could do the same (if it does not already). Sidenote about threat model: if block occurs at DNS level, all bets are off, because the same entity that censored |
or use a Real decentralized DNS Server and there's only one at the moment that's RFC-1035 compliant: EmerDNS. The rest are glorified bookmark managers. no offense intended. |
I tried this after creating a DNSLink domain for a page, and it didn't work. If I activate "Automatically redirect to IPFS pages via DNSLink when possible," it would lead to a "could not resolve name" error. If I deactivated it, everything would work as normal, but then Brave had basically the same behavior as all other browsers, which makes its IPFS features kinda moot. |
I assume, soemthing wrong on Brave side. Or, you do not use OpenNIC (or another emerDNS) resolver. I tested it with Mozilla IPFS plugin, everything works perfect, see the screenshot: http://olegh.ftp.sh/emercoin/ipfs-emerdns.png |
All of this works only when IPFS Resolve Method is not Disabled and not Ask.
x-ipfs-path
header and according to the IPFS Resolve Method settings aboveHow DNSLink lookup works:
TXT
record of next formatdnslink=[value]
for_dnslink.[hostname]
domain. It should meet current dns preferences and use DoH and Secure DNS according to the settings. DNS requests should be cached and work without sending second requests to DNS servers for same hostname.ipns://[hostname]
For pages with other response codes we check for
x-ipfs-path
header in response and according to the IPFS Resolve Method settings we show the Open in IPFS button in location bar without lookups, the button navigates toipns://[hostname]
We should not show the botton for IPFS Gateway urls.
Example
TXT
record:dnslink=/ipfs/<CID for your content here>
The text was updated successfully, but these errors were encountered: