How is the IPFS webui secure?

Like, if any content you access through the IPFS local proxy can run Javascript ... and browsers permit same-origin requests ... and the daemon responds to those requests by changing / revealing configuration information ...

Does that mean that any content you access over IPFS can do whatever it wants with your local configuration?

Or am I missing something here?

Sign in to participate in the conversation
Plural Café

Plural Café is a community for plural systems and plural-friendly singlets alike, that hopes to foster a safe place for finding and interacting with other systems in the Mastodon fediverse.