| description |
|---|
IPFS Gateways and Browsers |
This is an annotated version of this doc
Gateways are provided strictly for convenience: in other words, they help tools that speak HTTP but do not speak distributed protocols (such as IPFS) to communicate. They are the first stage of the upgrade path for the web. More information about IPFS Gateways.
When origin-based security is needed, CIDv1 in case-insensitive encoding such as Base32 or Base36 should be used in the subdomain:
https://<cidv1b32>.ipfs.<gateway-host>.tld/path/to/resource
Example:
https://bafybeiemxf5abjwjbikoz4mc3a3dla6ual3jsgpdr4cjr3oz3evfyavhwq.ipfs.dweb.link/wiki/
https://bafybeiemxf5abjwjbikoz4mc3a3dla6ual3jsgpdr4cjr3oz3evfyavhwq.ipfs.cf-ipfs.com/wiki/Vincent_van_Gogh.html
https://bafybeiemxf5abjwjbikoz4mc3a3dla6ual3jsgpdr4cjr3oz3evfyavhwq.ipfs.localhost:8080/wiki/
Subdomain convention can be replaced with a native handler. The IPFS URL protocol scheme follows the same requirement of case-insensitive CIDv1 in Base32 as subdomains:
ipfs://{cidv1b32}/path/to/resource
An IPFS URL does not retain the original path, but instead requires a conversion step to/from URI representation:
ipfs://{immutable-root}/path/to/resourceA→/ipfs/{immutable-root}/path/to/resourceA
ipns://{mutable-root}/path/to/resourceB→/ipns/{mutable-root}/path/to/resourceB
The first element after the double slash is an opaque identifier representing the content root. It is interpreted as an authority component used for origin calculation, which provides necessary isolation between security contexts of different content trees.
Example:
ipfs://bafybeiemxf5abjwjbikoz4mc3a3dla6ual3jsgpdr4cjr3oz3evfyavhwq/wiki/Vincent_van_Gogh.html
Native URI require CID to be case-insensitive. Use of CIDv1 in Base32 is advised.
HTTP gateways have worked well since 2015, but they come with a significant set of limitations related both to the centralized nature of HTTP and some of HTTP's semantics. Location-based addressing of a gateway depends on both DNS and HTTPS/TLS, which relies on a trust in certificate authorities (opens new window)(CAs) and public key infrastructure (opens new window)(PKI). In the long term, these issues should be mitigated by use of opportunistic protocol upgrade schemes.
Tools and browser extensions should detect IPFS content paths and resolve them directly over IPFS protocol. They should use HTTP gateway only as a fallback when no native implementation is available in order to ensure a smooth, backward-compatible transition.
In the most basic scheme, a URL path used for content addressing is effectively a resource name without a canonical location. The HTTP server provides the location part, which makes it possible for browsers to interpret an IPFS content path as relative to the current server and just work without a need for any conversion:
https://<gateway-host>.tld/ipfs/<cid>/path/to/resource
https://<gateway-host>.tld/ipns/<ipnsid_or_dnslink>/path/to/resource
Gateway Recipes
Read about Gateway Recipes
This is an annotated version of content from the ipfs/in-web-browsers repo
Informal group working on improving IPFS presence in web browsers
Our goal is to facilitate native support for IPFS and other decentralized protocols in web browsers in order to benefit ....
- Browser users: Browser extensions and native-included IPFS alike expose IPFS features in a robust and intuitive way
- Web developers: Web developers can enjoy a smooth experience working with IPFS in browser contexts
- Browser vendors: Browser developers are empowered to meet the requirements of the distributed web
IPFS Companion is a browser extension that simplifies access to IPFS resources and adds browser support for the IPFS protocol. It runs in 
- Mozilla hosted a community effort called
libdwebto implement experimental APIs for Firefox WebExtensions, with a goal of enabling dweb protocols in Firefox through browser add-ons: - IPFS libdweb experiments, including a native protocol handler, local DNS-SD discovery and TCP transport
- The long-term goal of this project was to integrate these APIs into the WebExtensions ecosystem, but as of Q3 2020 it is not yet in Firefox Nightly
- Exposing the IPFS API via
window.ipfs(experiment ended in 2020) - Support for
chrome.sockets.*APIs in Chromium browsers (deprioritized due to EOL 2022)
At present, in order to interact with IPFS in a web browser, you must either bundle js-ipfs-core (a full IPFS node in JavaScript) with your client-side application, or use the js-ipfs-http-client HTTP RPC API client library to connect to an external daemon running on a local or remote machine.
- To learn more, make sure to check the
browser-*examples atipfs-examples/js-ipfs-examples - Highlight: an advanced, end-to-end example of using js-ipfs node in
SharedWorkerfromServiceWorkercan be found atjs-ipfs-examples/browser-service-worker
- For regular users, see this guide to how to address IPFS content paths on the web
- For browser vendors and user agent developers, see this memo for the current set of URL conventions for the IPFS community; we invite everyone to submit questions and suggestions for improvements via issues/PRs
Use the latest go-ipfs daemon and follow gateway recipes.
DNSLink enables you to map a domain name to an IPFS address (CID or IPNS libp2p-key) by means of a DNS TXT record.
- Read the DNSLink guide for details, including how to set it up on your own website
- See details on DNSLink in IPFS Companion to see additional benefits of using IPFS Companion with DNSLink support
Protocol Labs is a W3C Member. Current focus is to watch, learn, and participate in WebExtensions Community Group.
In 2020 IPFS and Igalia started a collaboration that continues to this day. Read more: https://blog.ipfs.io/2021-01-15-ipfs-and-igalia-collaborate-on-dweb-in-browsers/
The most notable highlights:
- IPFS and Igalia started a collaboration that will continue during 2021.
- Distributed web schemes have been safelisted in Chrome 86’s implementation of custom handlers and registered at IANA.
- Chrome 89 will allow browser extensions to register cross-origin handlers or handlers for schemes with prefix
ext+. Refinement is pending for the permission UI. - Firefox 84 marks
http://*.localhost/URLs as secure context, which means websites loaded from local subdomain gateway will have access to the same Web APIs as HTTPS version. - Firefox 84 has improved support for loading locally delivered mixed-resources. Patches have also been submitted to WebKit but are pending on reviews and discussions.
- Work is in progress to improve Chromium’s consistency and specification compliance regarding the notion of secure contexts, including removing non-standard localhost names.
- Miscellaneous other fixes have landed for the Firefox and Chromium’s implementations of custom handlers.
- WIP refactor to make it easier to register custom protocol handlers (example, related talk: Integrating New Protocol Handlers into Chrome [BlinkOn 15])
Brave v1.19 has integrated IPFS into their desktop web browser for Windows, macOS and Linux. When Brave detects an address which is an HTTP gateway URL to IPFS content or a native IPFS address such as ipfs:// or ipns:// it will prompt the user to install and enable the native IPFS node, or to use an HTTP gateway.
Diagnostic UI can be found at brave://ipfs, we suggest enabling IPFS Companion for the best experience
TLDR integration status:
- Initial release (v1.19) is focused on daemon orchestration and on URI support (read blogs and press)
- Demo: Opening
ipfs://{cid}will trigger install prompt for go-ipfs managed by Brave itself. - For the best experience enable IPFS Companion and switch it to IPFS Node Type "Provided by Brave". When Companion is enabled all IPFS resources will be resolved by the local node.
Opera for Android 57 introduced support for resolving ipfs:// or ipns:// via a customizable gateway.
Read more