Opened at 2009-04-03T15:56:16Z
Last modified at 2021-03-30T18:40:19Z
#674 new enhancement
controlled access to your WUI — at Initial Version
Reported by: | zooko | Owned by: | nobody |
---|---|---|---|
Priority: | major | Milestone: | soon |
Component: | code-frontend-web | Version: | 1.3.0 |
Keywords: | wui confidentiality privacy anti-censorship websec | Cc: | |
Launchpad Bug: |
Description
Currently the Welcome Page of the WUI is reachable without knowing any secret, for example, this one: http://testgrid.allmydata.org:3567 . (If you configure your WUI to listen for connections only from localhost then that prevents people from connecting to it from other hosts, but it doesn't prevent CSRF attacks in which someone posts a web page to Tahoe, and when you view that page with JavaScript enabled, or click on a button on that page, then it accesses your WUI.)
It would be good to have a page which is access-controlled by use of a secret capability even though it isn't specific to a file or directory. The entire Welcome Page might belong no that Access Controlled Welcome Page, or maybe only the sensitive pieces would go onto the Access Controlled Welcome Page.
As an example (this might or might not be a good idea), the Access Controlled Welcome Page could have a log of the caps of all of your recent uploads/downloads.