fix: support base16 CIDs and IPNS names (#913)

Adds support for decoding base16 keys from path gateway requests and normalizng them to base32 (for CIDs) or base36 (for IPNS names).

Also fixes a bug whereby we'd treat anything that didn't parse as a CID/PeerId as a DNSLink name, even `/ipfs/random-garbage`.

Fixes #745

Author: achingbrain

package.json

@@ -52,6 +52,7 @@
     }
   },
   "dependencies": {
+    "@chainsafe/is-ip": "^2.1.0",
     "@chainsafe/libp2p-noise": "^17.0.0",
     "@chainsafe/libp2p-yamux": "^8.0.1",
     "@helia/block-brokers": "^5.0.7",

src/lib/path-or-subdomain.ts

@@ -1,11 +1,16 @@
+import { isIP } from '@chainsafe/is-ip'
+import { InvalidParametersError } from '@libp2p/interface'
 import { peerIdFromString } from '@libp2p/peer-id'
+import { base16, base16upper } from 'multiformats/bases/base16'
 import { base32 } from 'multiformats/bases/base32'
 import { base36 } from 'multiformats/bases/base36'
+import { base58btc } from 'multiformats/bases/base58'
 import { CID } from 'multiformats/cid'
 import { dnsLinkLabelEncoder } from './dns-link-labels.js'
 import { getHeliaSwRedirectUrl } from './first-hit-helpers.js'
 import { pathRegex, subdomainRegex } from './regex.js'
 import type { Logger } from '@libp2p/interface'
+import type { MultibaseDecoder } from 'multiformats/cid'
 
 export const isPathOrSubdomainRequest = (location: Pick<Location, 'host' | 'pathname'>): boolean => {
   return isPathGatewayRequest(location) || isSubdomainGatewayRequest(location)
@@ -28,25 +33,40 @@ export const isPathGatewayRequest = (location: Pick<Location, 'host' | 'pathname
 export const findOriginIsolationRedirect = (location: Pick<Location, 'protocol' | 'host' | 'pathname' | 'search' | 'hash' | 'href' | 'origin'>, logger: Logger, supportsSubdomains: boolean | null): string | null => {
   const log = logger?.newScope('find-origin-isolation-redirect')
 
-  if (isSubdomainGatewayRequest(location)) {
-    // already on an isolated origin
-    return null
-  }
+  try {
+    if (isSubdomainGatewayRequest(location)) {
+      // already on an isolated origin
+      return null
+    }
 
-  if (isPathGatewayRequest(location)) {
-    log?.trace('checking for subdomain support')
+    if (isPathGatewayRequest(location)) {
+      log?.trace('checking for subdomain support')
 
-    if (supportsSubdomains === true) {
-      log?.trace('subdomain support is enabled')
-      return toSubdomainRequest(location)
+      if (supportsSubdomains === true) {
+        log?.trace('subdomain support is enabled')
+        return toSubdomainRequest(location)
+      }
     }
+  } catch (err) {
+    log.error('could not parse gateway request from URL - %e', err)
   }
 
   // not path/subdomain request - we are showing UI
   return null
 }
 
+/**
+ * Turns a path gateway url into a subdomain gateway url.
+ *
+ * Throws an `InvalidParametersError` if the user supplied a bad CID or path
+ * or `Error` if subdomains are unsupported because (for example) the gateway
+ * is accessed via an IP address instead of a domain.
+ */
 export const toSubdomainRequest = (location: Pick<Location, 'protocol' | 'host' | 'pathname' | 'search' | 'hash' | 'href' | 'origin'>): string => {
+  if (isIP(location.host)) {
+    throw new Error('Host was an IP address so subdomains are unsupported')
+  }
+
   const segments = location.pathname
     .split('/')
     .filter(segment => segment !== '')
@@ -57,7 +77,7 @@ export const toSubdomainRequest = (location: Pick<Location, 'protocol' | 'host'
   }
 
   if (segments.length < 2) {
-    throw new Error(`Invalid location ${location}`)
+    throw new InvalidParametersError(`Invalid location ${location}`)
   }
 
   const ns = segments[0]
@@ -66,40 +86,38 @@ export const toSubdomainRequest = (location: Pick<Location, 'protocol' | 'host'
   // DNS labels are case-insensitive, and the length limit is 63.
   // We ensure base32 if CID, base36 if ipns,
   // or inlined according to https://specs.ipfs.tech/http-gateways/subdomain-gateway/#host-request-header if DNSLink name
-  try {
-    switch (ns) {
-      case 'ipfs':
-        // Base32 is case-insensitive and allows CID with popular hashes like
-        // sha2-256 to fit in a single DNS label
-        id = CID.parse(id).toV1().toString(base32)
-        break
-      case 'ipns':
-        if (id.startsWith('Q') || id.startsWith('1')) {
-          // possibly a PeerId - non-standard but try converting to a CID
-          try {
-            const peerId = peerIdFromString(id)
-            id = peerId.toCID().toString()
-          } catch {}
-        }
-
+  switch (ns) {
+    case 'ipfs':
+      // Base32 is case-insensitive and allows CID with popular hashes like
+      // sha2-256 to fit in a single DNS label
+      id = parseCid(id).toString(base32)
+      break
+    case 'ipns':
+      if (id.startsWith('Q') || id.startsWith('1')) {
+        // possibly a PeerId - non-standard but try converting to a CID
+        try {
+          const peerId = peerIdFromString(id)
+          id = peerId.toCID().toString()
+        } catch {}
+      }
+
+      try {
         // IPNS Names are represented as Base36 CIDv1 with libp2p-key codec
         // https://specs.ipfs.tech/ipns/ipns-record/#ipns-name
-        // eslint-disable-next-line no-case-declarations
-        const ipnsName = CID.parse(id).toV1()
+
         // /ipns/ namespace uses Base36 instead of 32 because ED25519 keys need
         // to fit in DNS label of max length 63
-        id = ipnsName.toString(base36)
-        break
-      default:
-        throw new Error('Unknown namespace: ' + ns)
-    }
-  } catch {
-    // not a CID, so we assume a DNSLink name and inline it according to
-    // https://specs.ipfs.tech/http-gateways/subdomain-gateway/#host-request-header
-    if (id?.includes('.') === true) {
-      id = dnsLinkLabelEncoder(id)
-    }
+        id = parseCid(id).toString(base36)
+      } catch {
+        // not a CID, so we assume a DNSLink name and inline it according to
+        // https://specs.ipfs.tech/http-gateways/subdomain-gateway/#host-request-header
+        id = dnsLinkLabelEncoder(id)
+      }
+      break
+    default:
+      throw new InvalidParametersError('Unknown namespace: "' + ns + '"')
   }
+
   const remainingPath = `/${segments.slice(2).join('/')}`
 
   // create new URL with the subdomain but without the path
@@ -108,10 +126,40 @@ export const toSubdomainRequest = (location: Pick<Location, 'protocol' | 'host'
   const modifiedOriginalUrl = new URL(location.href)
   modifiedOriginalUrl.pathname = remainingPath
   modifiedOriginalUrl.hash = location.hash
+
   const originalSearchParams = new URLSearchParams(location.search)
   originalSearchParams.forEach((value, key) => {
     modifiedOriginalUrl.searchParams.set(key, value)
   })
 
   return getHeliaSwRedirectUrl(modifiedOriginalUrl, newLocation).href
 }
+
+/**
+ * Parses the string as a CID and converts it to v1. Translates any thrown error
+ * to an `InvalidParametersError` so we can show a 400 screen to the user.
+ */
+function parseCid (str: string): CID<any, any, any, 1> {
+  try {
+    return CID.parse(str, findMultibaseDecoder(str)).toV1()
+  } catch (err: any) {
+    throw new InvalidParametersError(`Could not parse CID from string "${str}" - ${err.message}`)
+  }
+}
+
+function findMultibaseDecoder (str: string): MultibaseDecoder<string> | undefined {
+  const prefix = str.substring(0, 1)
+
+  switch (prefix) {
+    case 'b':
+      return base32
+    case 'f':
+      return base16
+    case 'F':
+      return base16upper
+    case 'z':
+      return base58btc
+    default:
+      // do nothing
+  }
+}

src/sw/handlers/content-request-handler.ts

@@ -13,6 +13,7 @@ import { getInstallTime } from '../lib/install-time.js'
 import { getVerifiedFetch } from '../lib/verified-fetch.js'
 import { fetchErrorPageResponse } from '../pages/fetch-error-page.js'
 import { originIsolationWarningPageResponse } from '../pages/origin-isolation-warning-page.js'
+import { serverErrorPageResponse } from '../pages/server-error-page.js'
 import type { Handler } from './index.js'
 import type { UrlParts } from '../../lib/get-subdomain-parts.js'
 import type { Providers } from '../index.js'
@@ -169,7 +170,15 @@ async function fetchHandler ({ url, event, logs, subdomainGatewayRequest, pathGa
           }
         })
       }
-    } catch {
+    } catch (err: any) {
+      // the user supplied an unparseable/incorrect path or key
+      if (err.name === 'InvalidParametersError') {
+        return serverErrorPageResponse(url, err, logs, {
+          title: '400 Bad Request',
+          status: 400
+        })
+      }
+
       // URL was invalid (may have been an IP address which can't be translated
       // to a subdomain gateway URL)
     }

src/sw/pages/server-error-page.ts

@@ -17,10 +17,26 @@ function toErrorObject (error: any): any {
   }
 }
 
+export interface ServerErrorPageResponseOptions {
+  /**
+   * HTTP status code
+   *
+   * @default 500
+   */
+  status?: number
+
+  /**
+   * Error title to show on page
+   *
+   * @default '500 Internal Server Error'
+   */
+  title?: string
+}
+
 /**
  * Shows an error page to the user
  */
-export function serverErrorPageResponse (url: URL, error: Error, logs: string[]): Response {
+export function serverErrorPageResponse (url: URL, error: Error, logs: string[], opts?: ServerErrorPageResponseOptions): Response {
   const headers = new Headers()
   headers.set('content-type', 'text/html')
   headers.set('x-debug-request-uri', url.toString())
@@ -29,14 +45,14 @@ export function serverErrorPageResponse (url: URL, error: Error, logs: string[])
   const props = {
     url: url.toString(),
     error: toErrorObject(error),
-    title: '500 Internal Server Error',
+    title: opts?.title ?? '500 Internal Server Error',
     logs
   }
 
   const page = htmlPage(props.title, 'serverError', props)
 
   return new Response(page, {
-    status: 500,
+    status: opts?.status ?? 500,
     headers
   })
 }

test-e2e/fixtures/load-with-service-worker.ts

@@ -46,7 +46,7 @@ export async function loadWithServiceWorker (page: Page, resource: string, optio
       }
 
       // ignore redirects by status
-      if (response.status() > 299 || response.status() < 200) {
+      if (response.status() > 299 && response.status() < 399) {
         return false
       }
 

test-e2e/smoke-test.test.ts

@@ -1,3 +1,6 @@
+import { peerIdFromString } from '@libp2p/peer-id'
+import { base16 } from 'multiformats/bases/base16'
+import { CID } from 'multiformats/cid'
 import { CURRENT_CACHES } from '../src/constants.js'
 import { HASH_FRAGMENTS } from '../src/lib/constants.js'
 import { testSubdomainRouting as test, expect } from './fixtures/config-test-fixtures.js'
@@ -166,4 +169,34 @@ test.describe('smoke test', () => {
 
     expect(noServiceWorkerRegistration).toBe(true)
   })
+
+  test('normalizes base16 CIDs to base32', async ({ page, protocol, rootDomain }) => {
+    const cid = 'bafkqablimvwgy3y'
+    const asBase16 = CID.parse(cid).toString(base16)
+
+    const response = await loadWithServiceWorker(page, `${protocol}//${rootDomain}/ipfs/${asBase16}`, {
+      redirect: `${protocol}//${cid}.ipfs.${rootDomain}/`
+    })
+    expect(response.status()).toBe(200)
+    expect(await response.text()).toContain('hello')
+  })
+
+  test('normalizes base16 IPNS names to base36', async ({ page, protocol, rootDomain }) => {
+    const key = 'k51qzi5uqu5dk3v4rmjber23h16xnr23bsggmqqil9z2gduiis5se8dht36dam'
+    const asBase16 = peerIdFromString(key).toCID().toString(base16)
+
+    const response = await loadWithServiceWorker(page, `${protocol}//${rootDomain}/ipns/${asBase16}`, {
+      redirect: `${protocol}//${key}.ipns.${rootDomain}/`
+    })
+    expect(response.status()).toBe(200)
+    expect(await response.text()).toContain('hello')
+  })
+
+  test('errors on invalid CIDs', async ({ page, protocol, rootDomain }) => {
+    const cid = '!bafkqablimvwgy3y'
+
+    const response = await loadWithServiceWorker(page, `${protocol}//${rootDomain}/ipfs/${cid}`)
+    expect(response.status()).toBe(400)
+    expect(await response.text()).toContain('Could not parse CID')
+  })
 })