CSP for IPFS Integration (can be used for other Brave extensions)

[daviddias]

IPFS needs to be able to dial out to WSS endpoints in order to establish connections with the Bootstrapper nodes (the railing points to the network) or other nodes that it finds through Peer Discovery and Peer Routing.

In the integration I'm developing, I listed every single known endpoint so that IPFS couldn't dial freely -- ipfs-inactive#1 (comment) --, however, this solution won't sustain in the long term as more publicly accessible nodes appear) unless we settle for a solution where any other dial (relaying connections) needs to happen through a set of known of public nodes.

Another option is to skip CSP completely, but this introduces the basic concerns for Apps with no CSP.

Also found the strict-dynamic for loading trusted scripts. This allows for an app to load a script and trust it plus all the other scripts that it loads. This is designed for the loading of scripts and not for enabling dialing of WebSockets connections.

I'm going to skip CSP for now for prototyping purposes and with the expectation, we find a solution before the merge.

[daviddias]

This got solved. I completely missed that CSP supports wildcards for hosts such as wss://*. Thanks for the tip @bridiver :)