Nathan James

icon location I'm just code that likes to compile.

Results 20 issues of Nathan James

Browser Support: Brave

2 comment

enhancement

Allowing/injecting custom protocol tables

https://github.com/eoscanada/eos-go/blob/cce276ef780e726238fb0a752066f63a5c39866e/snapshot/section.go#L30 When using custom protocol structures this will panic on migrations since they aren't explicitly defined. @abourget mentioned in slack: `Sections could be made pluggable, with a sort of dependency...

Add arbitrary sigs for lynx

``` // Use await to return a promise (async () => { let result; try { result = await window.lynxMobile.requestArbitrarySignature({ data: "the string you wish to sign", whatFor: "The reason...

Socket doesn't fallback to non-SSL when encountering proxy issues

When the error `Establishing a tunnel via proxy server failed` is thrown it seems that scatter-js can't fallback onto regular SSL connections.

Add a way to "ungrab"

Users should be able to claim their RAM back if they like, for extreme purposes this is great such as the sudden death of a project. https://www.reddit.com/r/eos/comments/8zhg6i/scatter_ridl_airgrab_walkthrough/e2jji6d

rimraf needed in the importing project

Because of the `prepare` script which allocates things into usable directories for importing projects, rimraf is needed in the deps instead of devDeps.

Remove images from the spec.

Images are known to be vulnerable - PNGs - [source](https://securelist.com/png-embedded-malicious-payload-hidden-in-a-png-file/74297/) - [source](https://www.theregister.co.uk/2019/02/07/android_january_patches/) - SVGs - [source](https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/svg-files-are-not-as-benign-as-it-may-seem/) - [source](https://www.owasp.org/images/0/03/Mario_Heiderich_OWASP_Sweden_The_image_that_called_me.pdf) - JPG - [source](https://www.f-secure.com/v-descs/exploit_w32_jpg_vulnerability.shtml) - [source](https://security.stackexchange.com/questions/97856/can-simply-decompressing-a-jpeg-image-trigger-an-exploit) - Generic - [source](https://herolab.usd.de/how-to-exploit-a-vulnerable-picture-upload-using-manipulated-pictures/) - [source](https://www.owasp.org/index.php/Test_Upload_of_Malicious_Files_(OTG-BUSLOGIC-009))...

Remove allowing un-escaped HTML.

Even with the best sanitizers in the world allowing un-escaped HTML will become an attack vector. Sanitizers are consistently broken and for wallets it would require that the sanitizer's version...

Validate producers' keys vs bp jsons

Add route to remove nodes for a chain on demand.

It will be common for nodes and chains to go down and they should be remove from the reference. Right now the front-end has to traverse the array of nodes...