b7b1382ea9bd -- 4mo What stops a rogue extension from accessing the OPFS using navigator.storage.getDirectory() by injecting a <script>? Wouldn't any ext have access in that manor? reply [1 reply]What stops a rogue extension from accessing the OPFS using navigator.storage.getDirectory() by injecting a <script>? Wouldn't any ext have access in that manor?
thread · root 6b4bdc7b…6045 · depth 2 · · selected 2736a3b3…13a7
thread
root 6b4bdc7b…6045 · depth 2 · · selected 2736a3b3…13a7
#AskNostr #Nostr 👀 WebWorkers and iFrame isolation with window.nostr.signEvent(), as if it were using any NIP-07extension, represent a great move in the right direction. I recommend that Nostr developers pay attention toOPFS capabilities versus IndexedDB where possible. OPFS avoids metadata leakage and is now part of the Baselinein all browsers. 🔏https://primal.net/e/nevent1qqs8tqf99ddes0jh4lngxaaxjm3r39kc3xvqeh2xjxg7pjmwd87q68qnrcn50nostr:naddr1qqsxummnw3e8qctnwvkkgetrv4h8gunpd35h5ety945kgetww35hg7gpzemhxue69uhhyetvv9ujuurjd9kkzmpwdejhgq3qk7cnst4fh4ajgg8w6ndcmqen4fnyc7ahhm3zpp255vdxqarrtekqxpqqqp65wuvt8qe
What stops a rogue extension from accessing the OPFS using navigator.storage.getDirectory() by injecting a<script>? Wouldn't any ext have access in that manor?
#AskNostr #Nostr 👀 WebWorkers and iFrame isolation with window.nostr.signEvent(), as if it were using any NIP-07 extension, represent a great move in the right direction. I recommend that Nostr developers pay attention to OPFS capabilities versus IndexedDB where possible. OPFS avoids metadata leakage and is now part of the Baseline in all browsers. 🔏
https://primal.net/e/nevent1qqs8tqf99ddes0jh4lngxaaxjm3r39kc3xvqeh2xjxg7pjmwd87q68qnrcn50
nostr:naddr1qqsxummnw3e8qctnwvkkgetrv4h8gunpd35h5ety945kgetww35hg7gpzemhxue69uhhyetvv9ujuurjd9kkzmpwdejhgq3qk7cnst4fh4ajgg8w6ndcmqen4fnyc7ahhm3zpp255vdxqarrtekqxpqqqp65wuvt8qe
That is a good question, It is bound to the origin binding: OPFS storage is origin-private. Even if an extension injects code, the storage it accesses is scoped to that origin. It cannot cross into another site’s OPFS. So if you’re on NostrVault.tld, injected code can only touch NostrVault.tld OPFS, not NostrClient.com’s or a rogue extension.
The rogue extension would have to have host permission to access the Origin Private File System (OPFS) and eventually our goal goal is to encrypt the data at rest with OPFS with an OpenPGP cert from the NFC card so a rogue extension wouldn’t know how to interpret it or what to do with it, if it got access to it.
