Lock down content served #8
Loading…
Reference in New Issue
No description provided.
Delete Branch "%!s(<nil>)"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
As a dev or content publisher, I only want my own content or applications to be hosted on my own domain name, so that I can control what content my name or brand is associated with.
Not everyone wants to run a full gateway. So, as part of this ticket, allow a dev to optionally restrict the IPFS hashes served by their instance of this gateway software. Note that this restriction would be client-side, so it would be more advisory than a hard rule. But it would prevent someone from maliciously linking users to:
yourdomain.com/ipfs/QmHashOfSomethingObjectionable
This isn't censorship, because it allows devs or content publishers to carve out their own little corner of the IPFS hash space for their own use. There can still be "full" gateways elsewhere.
One way to do this would be a config point that says: All content served must be from the following list of base IPFS hashes. Then, every request would have to match against that whitelist or get denied.