pre-populate the whitelist for screensharing in Fx33

RESOLVED FIXED in Firefox 33, Firefox OS v2.1

Status

()

RESOLVED FIXED
4 years ago
4 years ago

People

(Reporter: mreavy, Assigned: ehugg)

Tracking

unspecified
mozilla35
Points:
---
Dependency tree / graph

Firefox Tracking Flags

(firefox33 fixed, firefox34 fixed, firefox35 fixed, b2g-v2.1 fixed, b2g-v2.2 fixed)

Details

(Whiteboard: [screensharing-uplift])

Attachments

(2 attachments)

(Reporter)

Description

4 years ago
For Fx33, we should pre-populate the whitelist with certain domains so that the feature is more useful "out of the box" for users.

The user retains the ability to update the whitelist at any time by going into about:config.
(Reporter)

Updated

4 years ago
Blocks: 1040061
(Reporter)

Updated

4 years ago
See Also: → bug 1049090
(Assignee)

Comment 1

4 years ago
I'd like to point out that the implementation does not support wildcards.  Each domain in the list must be an exact match.  Code is here:
http://mxr.mozilla.org/mozilla-central/source/dom/media/MediaManager.cpp#137
(Assignee)

Comment 2

4 years ago
I don't have a list of domains yet but I'm pretty sure we'll need wildcards for subdomains so we can add "*.webex.com" for example.

This is mentioned on bug 1037424 here as a "possible part 2":
https://bugzilla.mozilla.org/show_bug.cgi?id=1037424#c18
(Assignee)

Updated

4 years ago
Depends on: 1049583

Updated

4 years ago
Assignee: nobody → gpiper
Created attachment 8481304 [details] [diff] [review]
set temporary allowed screensharing domain of mozilla.github.io - replace for release

Updated

4 years ago
OS: Windows 7 → All
Hardware: x86_64 → All
Whiteboard: [sceensharing-uplift] → [sceensharing-uplift][leave-open]
Comment on attachment 8481304 [details] [diff] [review]
set temporary allowed screensharing domain of mozilla.github.io - replace for release

Approval Request Comment
[Feature/regressing bug #]: screensharing

[User impact if declined]: harder for people to test in beta

[Describe test coverage new/current, TBPL]: screensharing tests in tbpl use this

[Risks and why]: Provide a temporary value for the whitelist to allow testers to use http://mozilla.github.io/webrtc-landing/gum_test.html to verify screensharing.  Should be replaced by mid-beta with whatever we decide will be the initial release whitelist.

[String/UUID change made/needed]: none
Attachment #8481304 - Flags: review?(gpascutto)
Attachment #8481304 - Flags: approval-mozilla-aurora?
Comment on attachment 8481304 [details] [diff] [review]
set temporary allowed screensharing domain of mozilla.github.io - replace for release

Review of attachment 8481304 [details] [diff] [review]:
-----------------------------------------------------------------

::: modules/libpref/init/all.js
@@ +371,5 @@
>  #endif
>  
>  pref("media.getusermedia.screensharing.enabled", true);
> + // temporary value, not intended for release - bug 1049087
> +pref("media.getusermedia.screensharing.allowed_domains", "mozilla.github.io");

If it's not meant for release you should protect it with !defined(RELEASE_BUILD).
Attachment #8481304 - Flags: review?(gpascutto) → review+
status-firefox33: --- → affected
status-firefox34: --- → affected
(Reporter)

Updated

4 years ago
Whiteboard: [sceensharing-uplift][leave-open] → [screensharing-uplift][leave-open]
status-firefox34: affected → fixed
Attachment #8481304 - Flags: approval-mozilla-aurora? → approval-mozilla-aurora+
status-firefox33: affected → fixed
(Assignee)

Comment 11

4 years ago
Created attachment 8484458 [details] [diff] [review]
pre-populate the whitelist for screensharing in Fx33
(Assignee)

Updated

4 years ago
Assignee: gpiper → ethanhugg
Status: NEW → ASSIGNED
(Assignee)

Updated

4 years ago
Attachment #8484458 - Flags: review?(rjesup)
Comment on attachment 8484458 [details] [diff] [review]
pre-populate the whitelist for screensharing in Fx33

Review of attachment 8484458 [details] [diff] [review]:
-----------------------------------------------------------------

::: modules/libpref/init/all.js
@@ +380,5 @@
>  #endif
>  
>  pref("media.getusermedia.screensharing.enabled", true);
>  #ifdef RELEASE_BUILD
> +pref("media.getusermedia.screensharing.allowed_domains", "webex.com,*.webex.com,collaborate.com,*.collaborate.com");

I see it as problematic that none of these domains use HTTPS+HSTS, because that means this protection is really trivial to circumvent in many cases.

Updated

4 years ago
Blocks: 1063730
Comment on attachment 8484458 [details] [diff] [review]
pre-populate the whitelist for screensharing in Fx33

Review of attachment 8484458 [details] [diff] [review]:
-----------------------------------------------------------------

Note: we've restricted screen/windowsharing to https: in a different bug
Attachment #8484458 - Flags: review?(rjesup) → review+
https://hg.mozilla.org/integration/mozilla-inbound/rev/efb085f286fd
status-firefox33: fixed → affected
status-firefox34: fixed → affected
status-firefox35: --- → affected
Whiteboard: [screensharing-uplift][leave-open] → [screensharing-uplift]
Target Milestone: --- → mozilla35
https://hg.mozilla.org/mozilla-central/rev/efb085f286fd
Status: ASSIGNED → RESOLVED
Last Resolved: 4 years ago
Resolution: --- → FIXED
status-firefox35: affected → fixed
Comment on attachment 8484458 [details] [diff] [review]
pre-populate the whitelist for screensharing in Fx33

Approval Request Comment
[Feature/regressing bug #]: screensharing

[User impact if declined]: inability to access approved sites

[Describe test coverage new/current, TBPL]: nightly, externally tested by Cisco

[Risks and why]: virtually none

[String/UUID change made/needed]: none
Attachment #8484458 - Flags: approval-mozilla-beta?
Attachment #8484458 - Flags: approval-mozilla-aurora?
Attachment #8484458 - Flags: approval-mozilla-beta?
Attachment #8484458 - Flags: approval-mozilla-beta+
Attachment #8484458 - Flags: approval-mozilla-aurora?
Attachment #8484458 - Flags: approval-mozilla-aurora+
https://hg.mozilla.org/releases/mozilla-aurora/rev/e6bf3fa80963
status-b2g-v2.1: --- → fixed
status-b2g-v2.2: --- → fixed
status-firefox34: affected → fixed
You need to log in before you can comment on or make changes to this bug.