Whitelist MyEtherWallet for file:// origin #7
Comments
|
It is supposed to work if you use |
|
I just opened the |
|
I'll try that and see if there is a way to whitelist this way of running
MEW.
…On Mon, Apr 13, 2020, 20:02 Sebastian C. Bürgel ***@***.***> wrote:
I just opened the index.html which is probably stupid and can't work due
to permissions (?). The reason I was trying is that it's hard to host the
web app by running a local web server on TailsOS
<https://tor.stackexchange.com/questions/21097/how-to-run-a-local-webserver-on-tails>.
It's not only resilience and security by air-gapping but I want to do also
do that because MyEtherWallet does not seem to load in the TOR browser
<MyEtherWallet/MyEtherWallet#2242>.
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
<#7 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AADYJUICYZHF2OCQJ7YYQKDRMNHTHANCNFSM4MG6A3OQ>
.
|
|
btw, if you have python you can run |
From https://github.com/MyEtherWallet/MyEtherWallet#developers, the last step:
Alternatively, use a static file server like what @NickeZ suggested in #7 (comment) |
|
You'll want to bind to loopback only though. I would recommend something like: |
|
More static file servers: https://gist.github.com/willurd/5720255 |
|
To summarize: opening an HTML file like MEW's index.html directly with a browser is no more secure than Though, I made a feature request out of this. See details in #9. |
x1ddos
changed the title
(I'm not sure if this is an issue for MyEtherWallet or this bridge)
When loading MyEtherWallet not via their website but instead from their static build locally (local HTML file) then I get the error
Trying to connect from a non-whitelilsted origin. If possible, it would be very useful to interface a static, local and offline copy of MyEtherWallet to reduce attack vectors further.The text was updated successfully, but these errors were encountered: