ipfs-postmsg-proxy icon indicating copy to clipboard operation
ipfs-postmsg-proxy copied to clipboard

Published 20 hours ago verified publisher icon ipfs-inactive

Support explicit whitelist of exposed APIs

Open lidel opened this issue 7 years ago • 0 comments
trafficstars

Originated from https://github.com/ipfs-shipyard/ipfs-companion/issues/478

Summary

There are contexts in which we don't want to expose sensitive APIs such as name.publish or config.

TODO

  • For now we can throw an error in pre hook provided to createProxyServer , but ideally only whitelisted APIs should be exposed via window.ipfs.
  • (optional, nice to have) We should add a method window.ipfs.availableApis which just exposes a list of available function names.

lidel avatar May 23 '18 16:05 lidel