Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Make using insecure connections opt-in #1309

Merged
merged 20 commits into from
Jan 9, 2024
Merged

Make using insecure connections opt-in #1309

merged 20 commits into from
Jan 9, 2024

Conversation

tadeohepperle
Copy link
Contributor

Fixes #1239

To use insecure (no SSL, ws:// or http:// connections) one now has to:

  • use OnlineClient::from_insecure_url when constructing an online client
  • use LightClientBuilder::build_from_insecure_url when creating a light client
  • add the --allow-insecure flag to most commands in the CLI tool

Note: localhost is considered secure and does not need this opt in.

@tadeohepperle tadeohepperle requested a review from a team as a code owner December 5, 2023 17:35
lexnv
lexnv reviewed Dec 5, 2023
View reviewed changes
cli/src/utils.rs Outdated Show resolved Hide resolved
niklasad1
niklasad1 reviewed Jan 3, 2024
View reviewed changes
subxt/src/utils/mod.rs Outdated Show resolved Hide resolved
niklasad1
niklasad1 reviewed Jan 4, 2024
View reviewed changes
cli/src/commands/diff.rs Outdated Show resolved Hide resolved
niklasad1
niklasad1 reviewed Jan 4, 2024
View reviewed changes
subxt/src/utils/mod.rs Outdated Show resolved Hide resolved
niklasad1
niklasad1 approved these changes Jan 4, 2024
View reviewed changes
Copy link
Member

@niklasad1 niklasad1 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, added some minor suggestions

@jsdw
Copy link
Collaborator

jsdw commented Jan 4, 2024
edited
Loading

This looks great!

A couple of places left that this should probably also be added to:

  • RpcClient struct: add RpcClient::from_insecure_url and make from_url not allow insecure.
  • #[subxt] macro: rename runtime_metadata_url to runtime_metadata_insecure_url? it's a dev only option, so I don't really care about complicating anything by doing the proper check, but might be worth following the naming convention (and adding the word insecure might put people off using it a bit which would be a good thing anyway :))

@niklasad1 niklasad1 merged commit 7f714cb into master Jan 9, 2024
11 checks passed
@niklasad1 niklasad1 deleted the tadeohepperle/make-insecure-connections-opt-in branch January 9, 2024 17:18
@tadeohepperle tadeohepperle mentioned this pull request Jan 23, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@lexnv lexnv lexnv left review comments

@niklasad1 niklasad1 niklasad1 approved these changes

@jsdw jsdw jsdw approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Make using insecure http/ws connections an explicit opt-in
4 participants
@tadeohepperle @jsdw @niklasad1 @lexnv