Skip to content
This repository was archived by the owner on Feb 8, 2023. It is now read-only.

MIME sniffing could be potentially dangerous on the gateway #222

Open
mitar opened this issue Feb 24, 2017 · 6 comments
Open

MIME sniffing could be potentially dangerous on the gateway #222

mitar opened this issue Feb 24, 2017 · 6 comments

Comments

@mitar
Copy link

mitar commented Feb 24, 2017
edited
Loading

Web history is full of security issues when browsers did MIME sniffing to "fix" broken MIME types returning by servers.

Now if seems that IPFS is doing the same. I think this is very problematic if we want to host whole web applications on top of IPFS. I think there should be a way to at least set a fixed MIME type, or even add headers like X-Content-Type-Options: nosniff.

One other option could be that MIME type would be resolved at the adding the file to the IPFS. Not at the gateway sending time. So user could check and verify what is the MIME type detected, and then override that if necessary.

See also:
@jbenet
Copy link
Member

jbenet commented Feb 26, 2017

I think there should be a way to at least set a fixed MIME type, or even add headers like X-Content-Type-Options: nosniff.

very much agreed.

Ideally the MIME can be on the unixfs file and read from there

@jbenet
Copy link
Member

jbenet commented Feb 26, 2017

One other option could be that MIME type would be resolved at the adding the file to the IPFS. Not at the gateway sending time. So user could check and verify what is the MIME type detected, and then override that if necessary.

yeah exactly

@mitar
Copy link
Author

mitar commented Feb 27, 2017

Probably MIME should then also be part of metadata which gets hashed together with content. So the same content but different MIME would be a different address.

@raslyon
Copy link

raslyon commented Apr 6, 2017

@mitar saving the data with MIME in the metadata and does giving it a new hash will lead to unnecessary overhead for the same data with different MIME headers. That is: a node will have to save multiple copies of the same data just to serve the different MIME headers of the file. It is cheaper not to put the MIME header as part of the hash. Does a node will have to save only one set of data but be able to serve it for files with different MIME headers.

@mitar
Copy link
Author

mitar commented Apr 6, 2017
edited
Loading

@raslyon? What? First, why would you serve the same data as multiple MIME types I do not understand. What would be the use case here? But in any case, IPFS is build around DAGs, content blocks can be separate from metadata data, so there is no reason why content would have to be stored as multiple copies.

To really address your use case, I think the best solution is that you can also store the file using metadata which lists all potential MIME types under which the file can be served. Again, the issue is not that a file should not have different MIME types, but that we should not try to be smart and guess the MIME type, especially not in a way that it is not controllable. (So better to guess it add adding time, then serving time.)

@raslyon
Copy link

raslyon commented Apr 6, 2017

@mitar thanks i now understand your point. I think my former understanding of your point was incorrect.

@Atavic Atavic mentioned this issue Apr 13, 2017
Closed
@jcaesar jcaesar mentioned this issue Jan 3, 2018
Open
@lidel lidel mentioned this issue Mar 7, 2018
Closed
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@jbenet @mitar @raslyon