sesam
commented
3 years ago This could be a security issue. Images as foot-in-door towards fully compromising the user's device is reoccurring every year.
Open hsjoberg opened 3 years ago
sesam
commented
3 years ago This could be a security issue. Images as foot-in-door towards fully compromising the user's device is reoccurring every year.
hsjoberg
commented
3 years ago @sesam That is a very good point.
hsjoberg
commented
2 years ago
When paying with lnurl-pay or withdrawing with lnurl-withdraw, we should make a GET request to the domain site, parse the HTML and look for a
favicon,apple-touch-iconor amanifest.jsonfor showing an icon in the transaction list. For normal lightning payments, we could also crawl if paying through the WebLN browser.We need to store the image somehow, there are a couple of libs available. We probably need to do this manually as we need to be careful regarding with the Tor integration. https://github.com/tradle/react-native-image-store https://github.com/itinance/react-native-fs
Parsing HTML https://www.npmjs.com/package/fast-html-parser https://www.npmjs.com/package/react-native-html-parser