Skip to content
This repository has been archived by the owner on Aug 12, 2020. It is now read-only.

start a quick intro guide to making ipfs webapps #25

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
40 changes: 40 additions & 0 deletions webapps/webapps.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,40 @@
# WebApps on IPFS

This is a short guide on how to start making your own web applications on top of
ipfs.

Ipfs provides an http api to interact with the daemon through, but by
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

"provides an HTTP API for interacting with the daemon"

default it has a few security features enabled that make it difficult for people
to use the api in their own apps. There are two different routes you could take
to use the API, first, is to run your own webserver, and make http requests to
localhost:5001. This is in my opinion the easier route for development. For this
to work, you'll need to disable cross origin check by running the daemon with
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

cross origin checks

the environment variable `API_ORIGIN` set to `*`:

```
$ export API_ORIGIN="*"
$ ipfs daemon
```

Now all of the requests you make to the api will work just fine.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

  • API_ORIGIN is deprecated. use the config var (see ipfs daemon).
  • we should not encourage *. it's a pretty big security hole. i can give you a single link that will delete all your pin set, gc, and then download a bunch of crap. So instead encourage to say:
ipfs config --json API.HTTPHeaders.Access-Control-Allow-Origin \
  '["http://localhost:<port>", "http://127.0.0.1:<port>", "http://127.0.0.1:$desired-port"]'

<port> is for the local api port. and $desired-port is for user's port.


The second route is to publish your app to ipfs (via `ipfs add -r`) and load
it through the http server at `localhost:5001/ipfs/<hash of your app>`. This
does not require you to change the `API_ORIGIN` variable (as you'll be loading
the app from the correct origin) but you will need to tell the daemon that
you want it to allow you to load different apps through the server on the API port.
By default you can only load the ipfs webui through the API port, this is a
security measure to prevent random web pages from making api calls on your daemon.
To disable this for testing your app, run the daemon like:

```
$ ipfs daemon --unrestricted-api
```

So now that youre able to load your app, you probably want to start making
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

youre >> you're

those api calls I mentioned (you *are* writing an ipfs app, after all). We
recommend everyone use the
[browserified node-ipfs-api](https://github.com/ipfs/node-ipfs-api).

By
[whyrusleeping](https://github.com/whyrusleeping)