mirror of
https://github.com/status-im/EIPs.git
synced 2025-01-14 17:04:11 +00:00
add more images
This commit is contained in:
parent
30fa6b371e
commit
50ce9f45e4
@ -16,9 +16,15 @@ Motivation
|
|||||||
Currently, if a user navigate to a dapp running on a website using her/his everyday browser, the dapp will have by default no access to the rpc node for security reason. The user will have to enable CORS for the website's domain in order for the dapp to work. Unfortunately if the user do so, the dapp will be able to send transaction from any unlocked account without the need for any user consent. In other word not only the user need to change its node default setting but the user is also forced to trust the dapp in order to use it. This is of course not acceptable and force existing dapps to rely on the use of workarround like:
|
Currently, if a user navigate to a dapp running on a website using her/his everyday browser, the dapp will have by default no access to the rpc node for security reason. The user will have to enable CORS for the website's domain in order for the dapp to work. Unfortunately if the user do so, the dapp will be able to send transaction from any unlocked account without the need for any user consent. In other word not only the user need to change its node default setting but the user is also forced to trust the dapp in order to use it. This is of course not acceptable and force existing dapps to rely on the use of workarround like:
|
||||||
- if the transaction is a plain ether transfer the user is asked to enter it in a dedicated trusted wallet like "Mist"
|
- if the transaction is a plain ether transfer the user is asked to enter it in a dedicated trusted wallet like "Mist"
|
||||||
- For more complex case, the user is asked to enter the transaction manually via the node command line interface.
|
- For more complex case, the user is asked to enter the transaction manually via the node command line interface.
|
||||||
|
|
||||||
|
|
||||||
This proposal aims to provide a safe and user friendly alternative.
|
This proposal aims to provide a safe and user friendly alternative.
|
||||||
<img src="./draft-dapp-html-authorization/authorization.png">
|
<img src="./draft-dapp-html-authorization/authorization.png">
|
||||||
|
|
||||||
|
<img src="./draft-dapp-html-authorization/authorization-password.png">
|
||||||
|
|
||||||
|
<img src="./draft-dapp-html-authorization/authorization-locked.png">
|
||||||
|
|
||||||
Specification
|
Specification
|
||||||
=============
|
=============
|
||||||
In order for the mechanism to work, the node need to serve an html file via http at the url <node url>/authorization.html
|
In order for the mechanism to work, the node need to serve an html file via http at the url <node url>/authorization.html
|
||||||
|
BIN
EIPS/draft-dapp-html-authorization/authorization-locked.png
Normal file
BIN
EIPS/draft-dapp-html-authorization/authorization-locked.png
Normal file
Binary file not shown.
After Width: | Height: | Size: 23 KiB |
BIN
EIPS/draft-dapp-html-authorization/authorization-password.png
Normal file
BIN
EIPS/draft-dapp-html-authorization/authorization-password.png
Normal file
Binary file not shown.
After Width: | Height: | Size: 22 KiB |
Loading…
x
Reference in New Issue
Block a user