mirror/archivebox
1
0
Fork 0
mirror of https://github.com/pirate/ArchiveBox.git synced 2025-08-25 23:36:22 +02:00
Code Issues Releases Wiki Activity

Updated Security Overview (markdown)

Nick Sweeting
2019-04-16 20:57:36 -04:00
parent 20234fc54a
commit 3eaa701be5
1 changed files with 8 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
Security-Overview.md

@@ -1,13 +1,19 @@
<img src="https://i.imgur.com/ca1he6I.png" width="50px" align="right"/>
## Security Model
ArchiveBox has three common usage modes outlined below.
<img src="https://i.imgur.com/K3dZcjG.png" width="50px" align="right"/>
#### Public Mode [Default]
This is the default (lax) mode, intended for archiving public (non-secret) URLs without authenticating the headless browser. This is the mode used if you're archiving news articles, audio, video, etc. browser bookmarks to a folder published on your webserver. This allows you to access and link to content on `http://your.archive.com/archive...` after the originals go down.
This mode should not be used for archiving entire browser history or authenticated private content like Google Docs, paywalled content, invite-only subreddits, etc.
<img src="https://i.imgur.com/xg6TxoK.png" width="50px" align="right"/>
#### Private Mode
ArchiveBox is designed to be able to archive content that requires authentication or cookies. This includes paywalled content, private forums, LAN-only content, etc.
@@ -16,6 +22,8 @@ To get started, set [`CHROME_USER_DATA_DIR`](https://github.com/pirate/ArchiveBo
If you're importing private links or authenticated content, you probably don't want to share your archive folder publicly on a webserver, so don't follow the [[Publishing Your Archive]] instructions unless you are only serving it on a trusted LAN or have some sort of authentication in front of it. Make sure to point ArchiveBox to an output folder with conservative permissions, as it may contain archived content with secret session tokens or pieces of your user data. You may also wish to encrypt the archive using an encrypted disk image or filesystem like ZFS as it will contain all requests and response data, including session keys, user data, usernames, etc.
<img src="https://i.imgur.com/DfyQUDV.png" width="50px" align="right"/>
#### Stealth Mode
If you want ArchiveBox to be less noisy and avoid leaking any URLs to 3rd-party APIs during archiving, you can disable the options below. Disabling these are recommended if you plan on archiving any sites that use secret tokens in the URL to grant access to private content without authentication, e.g. Google Docs, CodiDM notepads, etc.