ExternalVendorCode/tahoe-lafs
1
0
Fork 0
mirror of https://github.com/tahoe-lafs/tahoe-lafs.git synced 2025-06-21 08:29:41 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

docs: use "127.0.0.1" instead of "localhost"

Browse Source 
Unfortunately there are occasionally configurations in the real world where "localhost" does not resolve to 127.0.0.1, and if a user has such a configuration then using 'localhost' could lead to an authority leak.
This commit is contained in:
Zooko O'Whielacronx
2008-04-17 20:45:34 -07:00
parent 229e29e81b
commit 7b2ca46b35
1 changed files with 9 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
docs/webapi.txt
View File

@ -12,18 +12,16 @@ This document has six sections:
a. connecting to the tahoe node a. connecting to the tahoe node
Writing "8123" into $NODEDIR/webport causes the node to run a webserver on port Writing "8123" into $NODEDIR/webport causes the node to run a webserver on
8123. Writing "tcp:8123:interface=127.0.0.1" into $NODEDIR/webport does the same port 8123. Writing "tcp:8123:interface=127.0.0.1" into $NODEDIR/webport does
but binds to the loopback interface, ensuring that only the programs on the the same but binds to the loopback interface, ensuring that only the programs
local host can connect. This is the value that gets written into on the local host can connect. Using
$NODEDIR/webport when a Tahoe node is created. "ssl:8123:privateKey=mykey.pem:certKey=cert.pem" would run an SSL server. See
twisted.application.strports for more details.
Using "ssl:8123:privateKey=mykey.pem:certKey=cert.pem" would run an SSL
server. See twisted.application.strports for more details.
This webport can be set when the node is created by passing a --webport This webport can be set when the node is created by passing a --webport
option to the 'tahoe create-client' command. By default, the node listens on option to the 'tahoe create-client' command. By default, the node listens on
port 8123, on the loopback (127.0.0.1) interface. port 8123, on the loopback (localhost) interface.
b. file names b. file names
@ -514,7 +512,7 @@ GET $URL?t=download&localdir=$LOCALPATH
localdir= is used with a $URL that refers to a file. localdir= is used with a $URL that refers to a file.
This request will only be accepted from an HTTP client connection This request will only be accepted from an HTTP client connection
originating at 127.0.0.1 . This request is most useful when the client node originating at localhost . This request is most useful when the client node
and the HTTP client are operated by the same user. $LOCALPATH should be an and the HTTP client are operated by the same user. $LOCALPATH should be an
absolute pathname. absolute pathname.
@ -529,7 +527,7 @@ PUT $NEWURL?t=upload&localdir=$LOCALPATH
This uploads a file or directory from the node's local filesystem to the This uploads a file or directory from the node's local filesystem to the
vdrive. As with "GET $URL?t=download&localfile=$LOCALPATH", this request vdrive. As with "GET $URL?t=download&localfile=$LOCALPATH", this request
will only be accepted from an HTTP connection originating from 127.0.0.1 . will only be accepted from an HTTP connection originating from localhost .
The localfile= form expects that $LOCALPATH will point to a file on the The localfile= form expects that $LOCALPATH will point to a file on the
node's local filesystem, and causes the node to upload that one file into node's local filesystem, and causes the node to upload that one file into