Clarify that WASM bootstrap uses ws, not wss or DNS

This fixes the logic error of "bootstrapping via TXT record also will
work."

This also adds a clarification that, because DNS is unavailable, the
only option today is ws:// (Veilid currently does not allow wss://
with an IP address. Specifically, try_wss will fail with
apibail_parse_error! and then RPCError::map_protocol.) This
clarification saves time for any users who would otherwise be tempted
to get a certificate for an IP address (at least one free Certificate
Authority supports this, and the resulting certificate can be added
to a veilid-server configuration.)

try_wss failure:
bd4b4233bf/veilid-core/src/network_manager/types/dial_info/mod.rs (L199-L202)
bd4b4233bf/veilid-core/src/rpc_processor/coders/dial_info.rs (L52-L56)

see also:
bd4b4233bf/veilid-core/src/network_manager/types/dial_info/mod.rs (L58-L59)

In addition, several spelling errors are fixed.
This commit is contained in:
Rivka Segan 2023-09-27 05:46:22 +00:00
parent bd4b4233bf
commit 7c0a06b630

View File

@ -6,22 +6,23 @@ This package is a Rust cargo crate the generates WebAssembly (WASM) bindings for
Running Veilid in the browser via WebAssembly has some limitations: Running Veilid in the browser via WebAssembly has some limitations:
### Browser-based limitaions ### Browser-based limitations
1. TCP/UDP sockets are unavilable in the browser. This limits WASM nodes to communicating using WebSockets. 1. TCP/UDP sockets are unavailable in the browser. This limits WASM nodes to communicating using WebSockets.
1. Lookup of DNS records is unavaible in the browser, which means bootstrapping via TXT record also will work. WASM nodes will need to connect to the bootstrap server directly via WebSockets, using this URL format: `ws://bootstrap.veilid.net:5150/ws` in the `network.routing_table.bootstrap[]` section of the veilid config. 1. Lookup of DNS records is unavailable in the browser, which means bootstrapping via TXT record also will not work. WASM nodes will need to connect to the bootstrap server directly via WebSockets, using this URL format: `ws://bootstrap.veilid.net:5150/ws` in the `network.routing_table.bootstrap[]` section of the veilid config.
1. Since a WASM node running in the browser can't open ports, WASM nodes select another node to act as it's Inbound Relay, so other nodes can react out to it and open a WS connection. 1. Do not set up any nodes with a core.network.protocol.wss.url IP address such as wss://12.34.56.78:5150/ws to support SSL. Even though a Certificate Authority (trusted by browsers) will give you an SSL certificate for an IP address, this is unsupported by Veilid as of v0.2.3. Any wss:// URL containing an IP address causes an RPC error in veilid-core and your node will lose communication with other nodes.
1. Since a WASM node running in the browser can't open ports, WASM nodes select another node to act as its Inbound Relay, so other nodes can react out to it and open a WS connection.
1. Because of browser security policy regarding WebSockets: 1. Because of browser security policy regarding WebSockets:
1. `ws://` only works on `http://` sites 1. `ws://` only works on `http://` sites
1. `wss://` only works on `https://` site with SSL certificates. 1. `wss://` only works on `https://` site with SSL certificates.
### Running WASM on HTTPS sites [Not currently implemented] ### Running WASM on HTTPS sites [Not currently implemented]
Since WSS connections require WSS peers with valid SSL certificates, `veilid-core` plans to implment a feature called Outbound Relays. Outbound Relays will likely be hosted by the same host of the WASM web-app, and must run have valid SSL certificates that are signed by a Certificate Authority that's trusted by browsers. Outbound Relays will allow WASM nodes to communicate to other nodes over TCP/UDP/WS/WSS through the Outbound Relay's connection. Since WSS connections require WSS peers with valid SSL certificates, `veilid-core` plans to implement a feature called Outbound Relays. Outbound Relays will likely be hosted by the same host of the WASM web-app, and must run have valid SSL certificates that are signed by a Certificate Authority that's trusted by browsers. Outbound Relays will allow WASM nodes to communicate to other nodes over TCP/UDP/WS/WSS through the Outbound Relay's connection.
## Running unit tests ## Running unit tests
Prerequsites: Prerequisites:
- NodeJS - ensure `node` and `npm` are installed. - NodeJS - ensure `node` and `npm` are installed.
- Firefox browser installed, and available as `firefox`. - Firefox browser installed, and available as `firefox`.