UI server refactoring (#5580)

* Full API in Authenticated WS server. * Replacing UI server with Hyper. * Solving CLI, RPCs and tests. * Porting signer tests. * Fixing origin recognition for dapps/rpc. * Fixing tests. Adding parity-rpc-client to test. * Dapps exposed as RPC method. * JS code to support new connection scheme. * Fixing dapps tests. * Updating allowed origins/hosts to support web3.site. * Fixing tests, fixing UI. * Fixing tests. * Removing invalid tests. * Fixing merge. * 404 fallback for UI * Improve ContentFetcher constructor readability. * Naming. * Update .gitlab-ci.yml fix CI lint error * Fixing tests and linting issues. * Fixing new tests. * UI hosts. * Submodules fix.
2017-05-24 12:24:07 +02:00
parent 7499efecf6
commit cbcc369a2d
91 changed files with 2171 additions and 2591 deletions
--- a/parity/cli/mod.rs
+++ b/parity/cli/mod.rs
@@ -124,6 +124,8 @@ usage! {
 			or |c: &Config| otry!(c.ui).port.clone(),
 		flag_ui_interface: String = "local",
 			or |c: &Config| otry!(c.ui).interface.clone(),
+		flag_ui_hosts: String = "none",
+			or |c: &Config| otry!(c.ui).hosts.as_ref().map(|vec| vec.join(",")),
 		flag_ui_path: String = "$BASE/signer",
 			or |c: &Config| otry!(c.ui).path.clone(),
 		// NOTE [todr] For security reasons don't put this to config files
@@ -188,7 +190,7 @@ usage! {
 			or |c: &Config| otry!(c.websockets).interface.clone(),
 		flag_ws_apis: String = "web3,eth,pubsub,net,parity,parity_pubsub,traces,rpc,secretstore",
 			or |c: &Config| otry!(c.websockets).apis.as_ref().map(|vec| vec.join(",")),
-		flag_ws_origins: String = "none",
+		flag_ws_origins: String = "chrome-extension://*",
 			or |c: &Config| otry!(c.websockets).origins.as_ref().map(|vec| vec.join(",")),
 		flag_ws_hosts: String = "none",
 			or |c: &Config| otry!(c.websockets).hosts.as_ref().map(|vec| vec.join(",")),
@@ -430,6 +432,7 @@ struct Ui {
 	disable: Option<bool>,
 	port: Option<u16>,
 	interface: Option<String>,
+	hosts: Option<Vec<String>>,
 	path: Option<String>,
 }

@@ -709,6 +712,7 @@ mod tests {
 			flag_no_ui: false,
 			flag_ui_port: 8180u16,
 			flag_ui_interface: "127.0.0.1".into(),
+			flag_ui_hosts: "none".into(),
 			flag_ui_path: "$HOME/.parity/signer".into(),
 			flag_ui_no_validation: false,

@@ -929,6 +933,7 @@ mod tests {
 				disable: Some(true),
 				port: None,
 				interface: None,
+				hosts: None,
 				path: None,
 			}),
 			network: Some(Network {
--- a/parity/cli/usage.txt
+++ b/parity/cli/usage.txt
@@ -110,6 +110,11 @@ UI Options:
  --ui-interface IP                Specify the hostname portion of the Trusted UI
                                   server, IP should be an interface's IP address,
                                   or local (default: {flag_ui_interface}).
+  --ui-hosts HOSTS                 List of allowed Host header values. This option will
+                                   validate the Host header sent by the browser, it
+                                   is additional security against some attack
+                                   vectors. Special options: "all", "none",
+                                   (default: {flag_ui_hosts}).
  --ui-path PATH                   Specify directory where Trusted UIs tokens should
                                   be stored. (default: {flag_ui_path})
  --ui-no-validation               Disable Origin and Host headers validation for