-
Notifications
You must be signed in to change notification settings - Fork 43
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add a POST /txs bulk query-by-txid endpoint #33
Conversation
src/rest.rs
Outdated
@@ -1005,6 +1005,32 @@ fn handle_request( | |||
|
|||
json_response(tx.remove(0), ttl) | |||
} | |||
(&Method::POST, Some(&"txs"), None, None, None, None) => { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is this only going to be exposed to the backend?
If so, we should have the first path be the same for all internal endpoints...
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
/mempool
is fine, then we can just whitelist the backend to access /mempool/*
Whatever it is, endpoints we don't want to expose need to be protected somehow.
protected
or internal
might be better (but require changes on the backend as well)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think we use /mempool/recent
in the frontend, so we can't block /mempool/*
completely.
But a common prefix for all of the non-public endpoints seems like a good idea.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yeah, let's grow the scope of this PR (and the corresponding backend PR) to unify all the endpoints we want to block publicly under one root.
internal
seems fine.
Maybe we should feature gate them, and update the production deployment instructions etc. to use that feature flag... that way if someone wants to use ONLY electrs, they don't default to exposing the internal endpoints.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We should do something about the path naming convention and implement whitelisting in nginx conf
e303bf7
to
6f898d6
Compare
Rebased on PR #38, and added the new |
6f898d6
to
d3509c4
Compare
d3509c4
to
59be248
Compare
re-rebased on #38 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Tested ACK @ mempool-electrs 3.0.0-dev-9ee9a5d
internal API naming convention has been addressed
Add a POST /txs bulk query-by-txid endpoint
(builds on #38)
Similar to #31, this PR adds a new /txs POST endpoint which accepts an array of txids and returns a list of matching transactions from both the mempool and the chain.
Used by mempool/mempool#4101