The files in mounted folders always return as text/plain instead of html

[lumenpink]

So the browser show the source code and doesn't render the page.
Is this the expected behaviour?

[pfrazee]

Yeah this is intended behavior. There's a security risk involved with executing HTML/JS under a mount and we need to make sure that the Hyperdrive opts into doing it.

(That risk is that the HTML/JS runs under the origin of the parent drive and inherits its permissions.)

What we need to do is add a way to configure mounts to allow HTML/JS to run, almost like an execution bit.

[da2x]

Shouldn’t treating them as different origins give the same security grantees as you get with the web platform at large? So drive hyper://hash111 would see resources from a mounted drive as hyper://hash222.

[pfrazee]

Yes but we can’t actually treat subpaths as separate origins. Chromium has a ton of logic baked into the origin definition which doesn’t allow that.

[brechtcs]

Would it be an option to treat navigating into a mounted drive as a redirection?

Say you have mounted hyper://aaa..a to the mount directory of hyper://bbb..b. Then if a visitor tries to navigate to hyper://bbb..b/mount/path/to/page, Beaker detects it's inside a mount and will automatically redirect to hyper://aaa..a/path/to/page.

This strikes me as the most straightforward solution technically, though I haven't fully thought through any possible UX implications.

[pfrazee]

I don't totally love this because then it's like, what's the point of the mount? It's not that we don't want mounts to work as sub-resources, it's just that we need some security controls around HTML/JS execution.

FWIW .goto files do redirect on visit (see https://docs.beakerbrowser.com/developers/goto-files)

[da2x]

Would it be an option to treat navigating into a mounted drive as a redirection?

That's what I was thinking but failing to communicate.

[da2x]

There are other suitable security mechanisms like Content-Security-Policy or Cross-Origin-Resource-Policies that could be adopted. Beaker could have a strict CSP on mount-points unless an CSP override policy is stored in metadata on the mount-point. A CSP can be applied to everything on a subpath. It would require Beaker to walk the directory tree to find the highest mounted directory policy, though.

[pfrazee]

Yeah we could do this via CSPs. The default policy for mounts would be very locked-down but still render the HTML.