[tahoe-dev] [tahoe-lafs] #995: It's way too easy to give away write directory caps

tahoe-lafs trac at allmydata.org
Sun Mar 14 10:35:37 PDT 2010 

#995: It's way too easy to give away write directory caps
------------------------------------------------+---------------------------
 Reporter:  jsgf                                |           Owner:  nobody   
     Type:  defect                              |          Status:  new      
 Priority:  major                               |       Milestone:  undecided
Component:  unknown                             |         Version:  1.6.0    
 Keywords:  wui jsui usability confidentiality  |   Launchpad_bug:           
------------------------------------------------+---------------------------
Changes (by davidsarah):

  * keywords:  wui usability confidentiality => wui jsui usability
               confidentiality


Comment:

 Replying to [comment:5 toby.murray]:
 > What about when navigating to a RW directory cap, the WUI sets a cookie
 containing the RW directory cap, then navigates the user to a generic URI
 on the web node whose job it is to read the value of this cookie and then
 display its contents as usual. This would allow one to view RW directories
 but would prevent the RW cap appearing in the addresss bar.

 Cookies are problematic because they get sent to all pages within that
 origin (which is all WUI pages for that gateway). A JavaScript-based UI,
 OTOH, could fix both this bug and #615 at the same time, if it avoided
 cookies and used XMLHttpRequest to get the directory contents. (It might
 be desirable to use the technique suggested in ticket:615#comment:8 to
 completely fix #615 and #821.)

 > One could then add 'share RW' and 'share RO' buttons to the WUI which
 would then display the relevant URI for the user to copy-paste. The 'share
 RO' button could be made more prominent, perhaps, than the RO button, so
 that 'sharing RO' is easier to perform than 'sharing RW'.

 I don't see any reason not to put a RO-shareable URI in the address bar.
 That's easy to do in a JavaScript UI, for example by putting the cap in a
 fragment so that it doesn't cause a page reload (http://maps.yahoo.com
 uses this approach). Putting the cap in a fragment also fixes #127 and
 #907, without any loss of usability.

-- 
Ticket URL: <http://allmydata.org/trac/tahoe/ticket/995#comment:6>
tahoe-lafs <http://allmydata.org>
secure decentralized file storage grid

More information about the tahoe-dev mailing list