ExternalVendorCode/tahoe-lafs
1
0
Fork 0
mirror of https://github.com/tahoe-lafs/tahoe-lafs.git synced 2025-04-08 03:14:21 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

docs: use "127.0.0.1" instead of "localhost"

Browse Source 
Unfortunately there are occasionally configurations in the real world where "localhost" does not resolve to 127.0.0.1, and if a user has such a configuration then using 'localhost' could lead to an authority leak.
This commit is contained in:
Zooko O'Whielacronx 2008-04-17 20:45:34 -07:00
parent 229e29e81b
commit 7b2ca46b35
1 changed files with 9 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
docs/webapi.txt
View File

@ -12,18 +12,16 @@ This document has six sections:
a. connecting to the tahoe node
Writing "8123" into $NODEDIR/webport causes the node to run a webserver on port
8123. Writing "tcp:8123:interface=127.0.0.1" into $NODEDIR/webport does the same
but binds to the loopback interface, ensuring that only the programs on the
local host can connect. This is the value that gets written into
$NODEDIR/webport when a Tahoe node is created.
Using "ssl:8123:privateKey=mykey.pem:certKey=cert.pem" would run an SSL
server. See twisted.application.strports for more details.
Writing "8123" into $NODEDIR/webport causes the node to run a webserver on
port 8123. Writing "tcp:8123:interface=127.0.0.1" into $NODEDIR/webport does
the same but binds to the loopback interface, ensuring that only the programs
on the local host can connect. Using
"ssl:8123:privateKey=mykey.pem:certKey=cert.pem" would run an SSL server. See
twisted.application.strports for more details.
This webport can be set when the node is created by passing a --webport
option to the 'tahoe create-client' command. By default, the node listens on
port 8123, on the loopback (127.0.0.1) interface.
port 8123, on the loopback (localhost) interface.
b. file names
@ -514,7 +512,7 @@ GET $URL?t=download&localdir=$LOCALPATH
localdir= is used with a $URL that refers to a file.
This request will only be accepted from an HTTP client connection
originating at 127.0.0.1 . This request is most useful when the client node
originating at localhost . This request is most useful when the client node
and the HTTP client are operated by the same user. $LOCALPATH should be an
absolute pathname.
@ -529,7 +527,7 @@ PUT $NEWURL?t=upload&localdir=$LOCALPATH
This uploads a file or directory from the node's local filesystem to the
vdrive. As with "GET $URL?t=download&localfile=$LOCALPATH", this request
will only be accepted from an HTTP connection originating from 127.0.0.1 .
will only be accepted from an HTTP connection originating from localhost .
The localfile= form expects that $LOCALPATH will point to a file on the
node's local filesystem, and causes the node to upload that one file into