Open
Conversation
|
This pull request is being automatically deployed with Vercel (learn more). 🔍 Inspect: https://vercel.com/ethlibrary/eips/4k1iAVTWpY8NkTBA5aNLbxjEn2Yc |
izayl
reviewed
Dec 29, 2021
| --- | ||
| eip: 107 | ||
| title: safe "eth_sendTransaction" authorization via html popup | ||
| title: 通过 `html` 弹出窗口安全的 `eth_sendTransaction` 授权 |
Member
There was a problem hiding this comment.
-通过 `html` 弹出窗口安全的 `eth_sendTransaction` 授权
+通过 `html` 弹出窗口安全地进行 `eth_sendTransaction` 授权
izayl
reviewed
Dec 29, 2021
Comment on lines
+6
to
+8
| status: 停滞 | ||
| type: 标准追踪 | ||
| category: 接口 |
Member
There was a problem hiding this comment.
后面不需要翻译 status/type/category 了,只需要翻译 title 和 description(如果有的话),其他 meta 信息不需要翻译,脚本会统一进行专业名词翻译
izayl
reviewed
Dec 29, 2021
| `dapp` 想要执行的每个只读 `rpc` 调用都从节点域重定向到一个不可见的 `iframe`,并且对于 `dapp` 希望执行的每个交易,都会向用户显示一个 `html` 弹出窗口,以允许他/她取消或确认交易.这允许 `dapp` 连接到节点的 `rpc api` 而无需被授予任何类型的权限。这允许用户在他们的帐户解锁时安全地与在日常网络浏览器中运行的 `dapp` 进行交互。如果账户没有解锁,并且节点允许通过 `rpc` 的“个人” `api`,`html` 页面也允许用户输入他们的密码来解锁交易范围内的账户。 | ||
|
|
||
| Motivation | ||
| 动力 |
izayl
reviewed
Dec 29, 2021
|
|
||
|
|
||
| Specification | ||
| 规格 |
izayl
reviewed
Dec 29, 2021
| 该提案的设计因其简单性和安全性而被选中。以前的想法是使用类似 `oauth` 的协议,以便用户接受或拒绝交易请求。这将需要在节点中进行更深入的代码更改,一些 `geth` 贡献者认为这种更改不适合 `geth` 代码库,因为它需要 `dapp` 感知代码。当前的设计有一个非常简单的实现(自包含的 `html` 文件,可以跨节点的实现共享),其安全性由浏览器的跨域策略保证。 | ||
|
|
||
| The use of iframe/ window was required to have both security and user friendliness. The invisible iframe allows the dapp to execute read only calls without the need for user input, and the window ensures user approval before making a call. While we could have made it without the window mode by making the iframe confirmation use the native browser `window.confirm` dialog, this would have prevented the use of a more elegant confirmation popup that the current design allows. It also happens to be that the `window.confirm` is not safe in some browsers, as it gives focus to the accept option and can be triggered automatically (https://bugs.chromium.org/p/chromium/issues/detail?id=260653). | ||
| 使用 `iframe/window` 需要同时具有安全性和用户友好性。不可见的 `iframe` 允许 `dapp` 在不需要用户输入的情况下执行只读调用,并且窗口确保在调用之前得到用户的批准。虽然我们可以在没有窗口模式的情况下通过使用原生浏览器的 `window.confirm` 对话框进行 `iframe` 确认来实现它,但这会阻止使用当前设计允许的更优雅的确认弹出窗口。也恰好是 `window.confirm` 在某些浏览器中不安全,因为它把焦点放在接受选项上并且可以自动触发 (https://bugs.chromium.org/p/chromium/issues/detail?id=260653). |
izayl
reviewed
Dec 29, 2021
| 实现 | ||
| =============== | ||
| In order to implement this design, the following html file or an equivalent one needs to be served at the url \<node url\>/authorization.html | ||
| 为了实现这种设计,需要在 `url` \<node url\>/authorization.html 提供以下 `html` 文件或等效的文件 |
izayl
reviewed
Dec 29, 2021
| 为了实现这种设计,需要在 `url` \<node url\>/authorization.html 提供以下 `html` 文件或等效的文件 | ||
|
|
||
| That's it. | ||
| 那就是全部了。 |
Member
|
@Xia-Sam 后面可以直接通过 preview 链接来预览你的翻译成果 比如这次的: https://eips-git-fork-xia-sam-zh-eip107-ethlibrary.vercel.app/zh/eip-107.html |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
翻译:EIP-107
翻译参考链接: