Do not require HTTPS on Tailscale VPN subnet 100.64.0.0/10

MetaMask / metamask-mobile

Mobile web browser providing access to websites that use the Ethereum blockchain

https://metamask.io

Other

2.11k stars 1.09k forks source link

Do not require HTTPS on Tailscale VPN subnet 100.64.0.0/10 #4842

Open ThomasDalla opened 2 years ago

ThomasDalla commented 2 years ago

Describe the bug When trying to add my own RPC node that I connect to via Wireguard (using Tailscale) on HTTP, MetaMask mobile refuses to do so and wrongly requires HTTPS.

Screenshots

To Reproduce

Add a network
Set your own RPC node URL

Expected behavior Being able to add the network. MetaMask should not require HTTPS in the 100.64.0.0/10 subnet as it’s a private Tailscale VPN the same way it doesn’t require HTTPS on 192.168.0.0/16. More details on https://tailscale.com/kb/1015/100.x-addresses/

Smartphone (please complete the following information):

Device: Pixel 6 Pro
OS: Android 12
App Version: 5.5.0 (939)

to be added after bug submission by internal support / PM Severity

How critical is the impact of this bug on a user?
Add stats if available on % of customers impacted
Is this visible to all users?
Is this tech debt?

gantunesr commented 2 years ago

Hi @ThomasDalla, thanks for opening the issue. We're going to take a look at this issue and design a solution thats clearly indicates that the user is using the HTTP protocol and make sure they're aware of the risks of it.

In the meanwhile, you can disable this requirement in the code and compile the mobile app so it doesn't block HTTP URLs

ThomasDalla commented 2 years ago

I don't think we need a warning for local networks and private VPNs.

On Tue, 16 Aug 2022, 17:09 Gustavo Antunes, @.***> wrote:

Hi @ThomasDalla https://github.com/ThomasDalla, thanks for opening the issue. We're going to take a look at this issue and design a solution thats clearly indicates that the user is using the HTTP protocol and make sure they're aware of the risks of it.

In the meanwhile, you can disable this requirement in the code and compile the mobile app so it doesn't block HTTP URLs

— Reply to this email directly, view it on GitHub https://github.com/MetaMask/metamask-mobile/issues/4842#issuecomment-1216849403, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAEU5GPVFEI256L3HDDOMADVZO4MZANCNFSM56JJRJAA . You are receiving this because you were mentioned.Message ID: @.***>

taokayan commented 1 year ago

Any updates on this? I am having the same issue when trying on connect my local test network (http://192.168.56.101:8545). metamask didn't even initiate the connection if the RPC URL is using HTTP.