getAlby
feat: secure allowance creationby including protocol information
Describe the changes you have made in this PR
Include the fully qualified origin for allowances Migrate existing allowances (prefix with https) Potentially display a warning on the enable screen when connecting to non-ssl domains (MITM)
Link this PR to an issue [optional]
Fixes #2437
Type of change
(Remove other not matching type)
-
feat: New feature (non-breaking change which adds functionality)
Screenshots of the changes [optional]
How has this been tested?
create allowance on http site
Checklist
- [X] Self-review of changed code
- [X] Manual testing
- [X] Added automated tests where applicable
- [X] Update Docs & Guides
- For UI-related changes
- [X] Darkmode
- [X] Responsive layout
when we save new allowances, don't we there also need a change to save it with the protocol?
is there any other way we can create allowances? if we use providers to create one. we already store allowance host along with https prefix
what do we use in here? https://github.com/getAlby/lightning-browser-extension/blob/master/src/extension/background-script/actions/allowances/add.ts#L5
what do we use in here?
master/src/extension/background-script/actions/allowances/add.ts#L5
aah! yes you are right, we add allowances while confirmPayment + doing keysends as well. fixed
This currently breaks the links on the connected sites pages.
I think we should only add the warning and not change the allowance and the host usage for now. We can do this in a follow-up
e change in the allowance has some issues like for example the links to the site a broken.
resolved! + for existing connected sites when we have migrations running. they will not cause the problem