@ -88,6 +88,9 @@ type Config struct {
// scrypt KDF at the expense of security.
UseLightweightKDF bool ` toml:",omitempty" `
// InsecureUnlockAllowed allows user to unlock accounts in unsafe http environment.
InsecureUnlockAllowed bool ` toml:",omitempty" `
// NoUSB disables hardware wallet monitoring and connectivity.
NoUSB bool ` toml:",omitempty" `
@ -106,29 +109,6 @@ type Config struct {
// for ephemeral nodes).
HTTPPort int ` toml:",omitempty" `
// GraphQLHost is the host interface on which to start the GraphQL server. If this
// field is empty, no GraphQL API endpoint will be started.
GraphQLHost string ` toml:",omitempty" `
// GraphQLPort is the TCP port number on which to start the GraphQL server. The
// default zero value is/ valid and will pick a port number randomly (useful
// for ephemeral nodes).
GraphQLPort int ` toml:",omitempty" `
// GraphQLCors is the Cross-Origin Resource Sharing header to send to requesting
// clients. Please be aware that CORS is a browser enforced security, it's fully
// useless for custom HTTP clients.
GraphQLCors [ ] string ` toml:",omitempty" `
// GraphQLVirtualHosts is the list of virtual hostnames which are allowed on incoming requests.
// This is by default {'localhost'}. Using this prevents attacks like
// DNS rebinding, which bypasses SOP by simply masquerading as being within the same
// origin. These attacks do not utilize CORS, since they are not cross-domain.
// By explicitly checking the Host-header, the server will not allow requests
// made against the server with a malicious host domain.
// Requests using ip address directly are not affected
GraphQLVirtualHosts [ ] string ` toml:",omitempty" `
// HTTPCors is the Cross-Origin Resource Sharing header to send to requesting
// clients. Please be aware that CORS is a browser enforced security, it's fully
// useless for custom HTTP clients.
@ -178,6 +158,29 @@ type Config struct {
// private APIs to untrusted users is a major security risk.
WSExposeAll bool ` toml:",omitempty" `
// GraphQLHost is the host interface on which to start the GraphQL server. If this
// field is empty, no GraphQL API endpoint will be started.
GraphQLHost string ` toml:",omitempty" `
// GraphQLPort is the TCP port number on which to start the GraphQL server. The
// default zero value is/ valid and will pick a port number randomly (useful
// for ephemeral nodes).
GraphQLPort int ` toml:",omitempty" `
// GraphQLCors is the Cross-Origin Resource Sharing header to send to requesting
// clients. Please be aware that CORS is a browser enforced security, it's fully
// useless for custom HTTP clients.
GraphQLCors [ ] string ` toml:",omitempty" `
// GraphQLVirtualHosts is the list of virtual hostnames which are allowed on incoming requests.
// This is by default {'localhost'}. Using this prevents attacks like
// DNS rebinding, which bypasses SOP by simply masquerading as being within the same
// origin. These attacks do not utilize CORS, since they are not cross-domain.
// By explicitly checking the Host-header, the server will not allow requests
// made against the server with a malicious host domain.
// Requests using ip address directly are not affected
GraphQLVirtualHosts [ ] string ` toml:",omitempty" `
// Logger is a custom logger to use with the p2p.Server.
Logger log . Logger ` toml:",omitempty" `
@ -270,6 +273,12 @@ func DefaultWSEndpoint() string {
return config . WSEndpoint ( )
}
// ExtRPCEnabled returns the indicator whether node enables the external
// RPC(http, ws or graphql).
func ( c * Config ) ExtRPCEnabled ( ) bool {
return c . HTTPHost != "" || c . WSHost != "" || c . GraphQLHost != ""
}
// NodeName returns the devp2p node identifier.
func ( c * Config ) NodeName ( ) string {
name := c . name ( )
@ -497,7 +506,7 @@ func makeAccountManager(conf *Config) (*accounts.Manager, string, error) {
}
}
return accounts . NewManager ( backends ... ) , ephemeral , nil
return accounts . NewManager ( & accounts . Config { InsecureUnlockAllowed : conf . InsecureUnlockAllowed } , backends ... ) , ephemeral , nil
}
var warnLock sync . Mutex