Closed keeshux closed 4 years ago
Yes, special characters can break the url to your node. It’d be like putting a colon or period in random places in a website url, it wouldn’t work.
Then it's something bound to using QR, but if I enter connection parameters manually this should not be a limitation, correct?
Then it's something bound to using QR, but if I enter connection parameters manually this should not be a limitation, correct?
Incorrect, there is no difference between QR and manual entry other then the means of adding the creds. It always forms an http url which can be broken by characters that invalidate a url.
I see, in fact I found that LightningRPC.swift
uses credentials in a HTTP URL (http://user:pass@host/...
). bitcoin-cli
must be using something else.
It all makes sense, thanks for the clarifications!
I see, in fact I found that
LightningRPC.swift
uses credentials in a HTTP URL (http://user:pass@host/...
).bitcoin-cli
must be using something else.It all makes sense, thanks for the clarifications!
Bitcoin-cli uses the same scheme, over tor of course so everything is encrypted (from FN perspective anyway) it’s really designed for localhost.
It may not be that all special chars invalidate it... i am not sure. All i know is I’ve had users unable to connect bc non alphanumeric chars were in their rpc creds, so i banned them :) obviously : @ . / would all break the url, haven’t taken the time to test every single one.
Having been on the same boat, I agree on the choice. If anything URL encoding/decoding is also very implementation-dependent, better not relying on it.
I know that the Bitcoin Core
rpcauth.py
script can take any custom password as input, yet by default it generates non-alphanumeric passwords, which are not accepted by this app.Is there any particular reason I may be overlooking why you chose to restrict passwords to alphanumeric?
Thank you!