Skip to content

Add log.v3.json endpoint and clean up handler, fixes #41 #54

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
lukevalenta merged 1 commit into from
Jun 24, 2025
Merged

Add log.v3.json endpoint and clean up handler, fixes #41 #54

lukevalenta merged 1 commit into from
Jun 24, 2025

Conversation

@lukevalenta
Copy link
Contributor

@lukevalenta lukevalenta commented Jun 24, 2025

  • Add an outer Router in the fetch handler to check the log parameter, instead of requiring each handler to check that the requested log path is in the allowlist
  • Change /metadata endpoint to /log.v3.json, dropping the witness_key field. The witness is just used to exercise the code path, and it's not expected that any clients would actually use the endpoint.
  • Disable bucket access via the Worker if monitoring_url is specified so clients must use the intended monitoring API endpoint.
  • Update MMD to 60 as that's the max allowed in Chrome's CT program for static CT logs. (Note that this is effectively zero in the current implementation.)

@lukevalenta lukevalenta self-assigned this Jun 24, 2025
bwesterb
bwesterb reviewed Jun 24, 2025
View reviewed changes
@lukevalenta
Add log.v3.json endpoint and clean up handler, fixes #41
d6ec811 
- Add an outer Router in the fetch handler to check the log parameter, instead of requiring each handler to check that the requested log path is in the allowlist
- Change /metadata endpoint to /log.v3.json, dropping the witness_key field. The witness is just used to exercise the code path, and it's not expected that any clients would actually use the endpoint.
- Disable bucket access via the Worker if monitoring_url is specified so clients must use the intended monitoring API endpoint.
- Update MMD to 60 as that's the max allowed in Chrome's CT program for
  static CT logs. (Note that this is effectively zero in the current
  implementation.)
@lukevalenta lukevalenta force-pushed the lvalenta/log-v3-endpoint branch from fd8fcce to d6ec811 Compare June 24, 2025 12:22
@lukevalenta lukevalenta merged commit f0905b9 into main Jun 24, 2025
1 check passed
@lukevalenta lukevalenta deleted the lvalenta/log-v3-endpoint branch June 24, 2025 12:27
@lukevalenta lukevalenta mentioned this pull request Jul 29, 2025
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@bwesterb bwesterb bwesterb approved these changes

Assignees

@lukevalenta lukevalenta

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@lukevalenta @bwesterb