Merge pull request #386 from suicide/ipip/gateway-interop-redirects

lidel · web-flow · commit 6134bf085637 · 2023-09-14T17:29:14.000+02:00
IPIP-0386: Subdomain Gateway Interop with _redirects
diff --git a/src/http-gateways/subdomain-gateway.md b/src/http-gateways/subdomain-gateway.md
@@ -147,22 +147,33 @@ Below MUST be implemented **in addition** to `Location` requirements defined in
 
 #### Use in interop with Path Gateway
 
-Returned with `301` Moved Permanently (:cite[path-gateway]) when `Host` header does
+The `Location` HTTP header is returned with `301` Moved Permanently
+(:cite[path-gateway]) when `Host` header does
 not follow the subdomain naming convention, but the requested URL path happens
-to be a valid `/ipfs/{cid}` or `/ipfs/{name}` content path.
-
-This redirect allows subdomain gateway to be used as a drop-in
-replacement compatible with regular path gateways.
-
-NOTE: the content root identifier must be converted to case-insensitive/inlined
-form if necessary. For example:
-
-- `https://dweb.link/ipfs/QmbWqxBEKC3P8tqsKc98xmWNzrzDtRLMiMPL8wBuTGsMnR`
-  returns HTTP 301 redirect to the same CID but in case-insensitive base32:
-  - `Location: https://bafybeigdyrzt5sfp7udm7hu76uh7y26nf3efuylqabf3oclgtqy55fbzdi.ipfs.dweb.link/`
-- `https://dweb.link/ipns/en.wikipedia-on-ipfs.org` returns HTTP 301 redirect
-  to subdomain with DNSLink name correctly inlined:
-  - `Location: https://en-wikipedia--on--ipfs-org.ipns.dweb.link/`
+to be a valid `/ipfs/{cid}[/{path}][?{query}]` or `/ipfs/..` content path.
+
+This redirect allows a subdomain gateway to be used as a drop-in replacement
+compatible with regular path gateways, as long as the rules below are followed:
+
+- Redirect from a path gateway URL to the corresponding subdomain URL MUST
+  preserve the originally requested `{path}` and `{query}` parameters, if
+  present.
+  - Content path validation before the redirect SHOULD be limited to the
+    correctness of the root CID. If the content path includes any subpath or
+    query parameters, they SHOULD be preserved and processed after the redirect
+    to a subdomain is completed.
+    - Namely, additional logic, such as IPLD path traversal or processing the
+      `_redirects` file, SHOULD only be executed by the subdomain gateway after
+      the redirect.
+- Before redirecting, the content root identifier MUST be converted to
+  case-insensitive/inlined form if necessary. For example:
+  - `https://dweb.link/ipfs/QmbWqxBEKC3P8tqsKc98xmWNzrzDtRLMiMPL8wBuTGsMnR`
+    returns HTTP 301 redirect to the same CID but in case-insensitive base32:
+    - `Location:
+      https://bafybeigdyrzt5sfp7udm7hu76uh7y26nf3efuylqabf3oclgtqy55fbzdi.ipfs.dweb.link/`
+  - `https://dweb.link/ipns/en.wikipedia-on-ipfs.org` returns HTTP 301 redirect
+    to subdomain with DNSLink name correctly inlined:
+    - `Location: https://en-wikipedia--on--ipfs-org.ipns.dweb.link/`
 
 See also: [Migrate from Path to Subdomain Gateway](#migrating-from-path-to-subdomain-gateway).
 
diff --git a/src/ipips/ipip-0386.md b/src/ipips/ipip-0386.md
@@ -0,0 +1,169 @@
+---
+title: "IPIP-0386: Subdomain Gateway Interop with _redirects"
+date: 2023-03-18
+ipip: ratified
+editors:
+  - name: suicide
+    github: suicide
+relatedIssues:
+  - https://github.com/ipfs/boxo/pull/326
+  - https://github.com/ipfs/boxo/pull/412
+order: 386
+tags: ['ipips']
+---
+
+## Summary
+
+This IPIP provides a detailed clarification on the interoperability between the
+Path and Subdomain Gateway. Specifically, it ensures that features such as
+:cite[web-redirects-file] are executed only AFTER a redirect to a subdomain has
+taken place.
+
+## Motivation
+
+When hosting a modern Single Page Application on IPFS, one wants to use native
+URLs to share the app with other users, e.g. `ipns://example.org/cool/feature`.
+On traditional hosting, deep links are redirected or rewritten to a single
+entry point, e.g. `/index.html`, and the router on the client side evaluates
+the path segments to render the correct content.
+
+The `_redirects` file, defined in :cite[web-redirects-file],
+supports such applications when a Subdomain Gateway is used directly. However,
+the current resolution of native URLs uses a Path Gateway link scheme and
+subsequently fails to resolve the URL correctly.
+
+For example:
+
+- `ipns://example.org/some/path` is resolved as
+- `http://{gateway}/ipns/example.org/some/path`
+- this request fails with 404 as the resource `/some/path` does not exist.
+
+NOTE: The `kubo` (<0.20) gateway returns a 404 including a new `Location` header
+already pointing to the correct subdomain URL. But browsers do not follow the
+header as the status is 404, and the response contains a `text/plain` body
+string.
+
+When using a Subdomain Gateway on the proper host, the path can be resolved
+using the `_redirects` file:
+
+- `http://example-org.ipns.{gateway}/some/path` is redirected (301) to
+- `http://example-org.ipns.{gateway}/correct/path` as defined in
+  `_redirects`file
+
+
+## Detailed design
+
+This IPIP suggests the following resolution steps for DNSLink names, CIDs
+should be resolved similarly:
+
+- `ipns://example.org/some/path` is resolved as
+- `http://{gateway}/ipns/example.org/some/path` is redirected (301) to the
+  Subdomain Gateway
+- `http://example-org.ipns.{gateway}/some/path` is redirected (301) to
+- `http://example-org.ipns.{gateway}/correct/path` as defined in `_redirects`.
+
+A Subdomain Gateway that provides interoperability with Path-Gateway-style URLs
+should redirect to a Subdomain-Gateway-style URL first and then try to resolve
+a given path. This allows the usage of a potential `_redirects` file in the
+root.
+
+This change subsequently fixes the resolution of native URLs in browsers using
+the companion extension and browsers like Brave.
+
+A paragraph is added to the :cite[subdomain-gateway]
+spec that describes the preservation of path segments and query parameters
+during the interop redirect. Furthermore, it specifies that gateway
+implementations should redirect to subdomain URLs if a resource is initially
+not found in the directory identified by the CID or DNSLink name.
+
+## Test fixtures
+
+The example from the :cite[web-redirects-file] can be re-used,
+`QmYBhLYDwVFvxos9h8CGU2ibaY66QNgv8hpfewxaQrPiZj`.
+
+```
+$ ipfs ls /ipfs/QmYBhLYDwVFvxos9h8CGU2ibaY66QNgv8hpfewxaQrPiZj
+Qmd9GD7Bauh6N2ZLfNnYS3b7QVAijbud83b8GE8LPMNBBP 7   404.html
+QmSmR9NShZ89VEBrn9SBy7Xxvjw8Qe6XArD5GqtHvbtBM3 7   410.html
+QmVQqj9oZig9tH3ENHo4bxV5pNgssUwFCXUjAJAVcZVbJG 7   451.html
+QmZU3kboiyi9jV59D8Mw8wzuvsr3HmvskqhYRRhdFA8wRq 317 _redirects
+QmaWDLb4gnJcJbT1Df5X3j91ysiwkkyxw6329NLiC1KMDR -   articles/
+QmS6ZNKE9s8fsHoEnArsZXnzMWijKddhXXDsAev8LdTT5z 9   index.html
+QmNwEgMrExwSsE8DCjZjahYfHUfkSWRhtqSkQUh4Fk3udD 7   one.html
+QmVe2GcTbEPZkMbjVoQ9YieVGKCHmuHMcJ2kbSCzuBKh2s -   redirected-splat/
+QmUGVnZaofnd5nEDvT2bxcFck7rHyJRbpXkh9znjrJNV92 7   two.html
+```
+
+The `_redirects` file is as follows.
+
+```
+$ ipfs cat /ipfs/QmYBhLYDwVFvxos9h8CGU2ibaY66QNgv8hpfewxaQrPiZj/_redirects
+/redirect-one /one.html
+/301-redirect-one /one.html 301
+/302-redirect-two /two.html 302
+/200-index /index.html 200
+/posts/:year/:month/:day/:title /articles/:year/:month/:day/:title 301
+/splat/* /redirected-splat/:splat 301
+/not-found/* /404.html 404
+/gone/* /410.html 410
+/unavail/* /451.html 451
+/* /index.html 200
+```
+
+Following redirects should occur:
+
+```
+$ curl -v http://{gateway}/ipfs/QmYBhLYDwVFvxos9h8CGU2ibaY66QNgv8hpfewxaQrPiZj/redirect-one
+...
+< HTTP/1.1 301 Moved Permanently
+< Location: http://bafybeiesjgoros75o5meijhfvnxmy7kzkynhqijlzmypw3nry6nvsjqkzy.ipfs.{gateway}/redirect-one
+...
+```
+
+Subsequent requests should comply with :cite[ipip-0002].
+
+## Design rationale
+
+Gateways like `kubo` (before v0.20) already support the `_redirect` and
+subdomain redirect, but block the redirect chain by returning a 404 when a
+resource is not found on the Path Gateway. By moving the 404 to occur at the
+subdomain, users get another chance to find the resources they are looking for.
+
+### User benefit
+
+Currently, users are presented with an error message when they request a
+resource on a Path Gateway intended for a Subdomain Gateway. Since a given
+gateway would redirect on a valid resource anyway, redirecting to the subdomain
+URL on a potentially invalid resource would improve usability and
+compatibility.
+
+### Compatibility
+
+This proposal fixes a bug in handling of `_redirects` files.
+
+The current behavior is defined in :cite[path-gateway]. The
+404 return code indicates that a resource does not exist. Changing this to a
+301 redirect that is subsequently answered with a 404 from the subdomain URL
+is a breaking change, but the old behavior should be considered as a bug.
+
+Requesting an existing resource on the Path Gateway URL in `kubo` already
+returns a 301 redirect: client expectation is for the behavior to be the same
+for invalid paths.
+
+
+### Security
+
+Security should not be compromised as the resource is not delivered from the
+Path Gateway URL but from the subsequent subdomain URL that offers improved
+security due to host separation.
+
+### Alternatives
+
+Gateways could continue to return a 404 response for the non-existing resource,
+but also include an HTML body containing a redirect link. This would help users
+to find the requested site, but comes with worse UX than the fix proposed in
+this IPIP.
+
+### Copyright
+
+Copyright and related rights waived via [CC0](https://creativecommons.org/publicdomain/zero/1.0/).
