Skip to content

Instantly share code, notes, and snippets.

@tomusdrw

tomusdrw/parity.servers.md

Last active March 14, 2017 15:45
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save tomusdrw/8eff1875a8d4a4a0a81a1a828dbbfcd6 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save tomusdrw/8eff1875a8d4a4a0a81a1a828dbbfcd6 to your computer and use it in GitHub Desktop.
Download ZIP
New (web) servers proposal for Parity
Raw
parity.servers.md

Servers summary:

Port: 8545

RPC server & Dapps server

  1. RPC exposed as POST request to any path (except for /api/*)
  2. Validates Host headers and returns proper CORS headers (doesn't process request if CORS is invalid)
  3. When Dapps enabled, additionally: a) Serves network and builtin dapps b) Exposes /api/ and /parity-utils c) Main page redirects to UI (if enabled)

CLI options:

--jsonrpc-interface IFACE=localhost Interface to listen on

--jsonrpc-port PORT=8545 Port to listen on

--jsonrpc-cors CORS=None CORS headers validation

--jsonrpc-hosts HOSTS=<jsonrpc-interface>:<jsonrpc-port> Host headers

--jsonrpc-apis APIS=safeapis List of APIs exposed on this server.

--jsonrpc-threads THREADS=1 Enables fast multi-threaded RPC server. Implies --no-dapps

--no-dapps=false Disables dapps support, enables fast JSONRPC-HTTP server.

--no-jsonrpc=false Disables JSON-RPC server entirely.

--dapps-path=$BASE/dapps Local dapps path

Port 8546

WebSockets server

  1. Connecting with token gives you all APIs
  2. Connecting without token gives you standard (public) APIs available for Dapps
  3. Validates Origin and Host headers.
  4. GET / request redirects to UI (if enabled)

CLI options:

--ws-interface IFACE=localhost Interface to listen on

--ws-port PORT=8546 Port to listen on

--ws-origins ORIGINS=<jsonrpc-interface>:<jsonrpc-port>,<ui-interface>:<ui-port> Origins allowed to connect

--ws-hosts HOSTS=<ws-interface>:<ws-port> Valid host headers

--ws-apis APIs=safeapis,pubsub List of exposed APIs

--ws-tokens-path PATH Directory where tokens to access full API set are stored.

--no-ws Disables WebSockets server entirely. Implies --no-ui

Port 8180 (or 8080)

Trusted UI server

  1. Serves main UI stuff
  2. Validates Host header
  3. Exposes /api, but without any CORS (only accessible by UI)

CLI options:

--ui-interface IFACE=localhost Interface to listen on (displays a warning if not localhost)

--ui-port PORT=8180 (or 8080) Port to listen on

--ui-hosts HOSTS=<ui-interface>:<ui-port> Valid host header values

--no-ui Disables UI server entirely

--force-ui Enables UI even when in --geth and --unlock mode.

Additional CLI options:

--port-shift=0 Shift all ports Parity listens to, eg: ui-port = <ui-port>+<port-shift>

Affected options: --ui-port, --jsonrpc-port, --ws-port, --port, --ipfs-api-port, --secretstore-port,

Deprecated/Removed CLI options:

--ui-path now called --ws-tokens-path) --ui-no-validation equivalent of --ui-hosts all --dapps-* non-applicable, dapps server merged with JSON-RPC

Special values:

Interface options

local | localhost = 0.0.0.0

all = 0.0.0.0

CORS options:

null - Null origin

* | any | all - All origins (except for null)

Host options:

* | all | any - All hosts

APIs options:

all - All APIs exposed (warning should be printed)

readonly - Read only APIs exposed (safe APIs)

Other changes:

  • remove /api/dapps, replace with unsafe RPC call.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment