Closed
Bug 1101304
Opened 10 years ago
Closed 9 years ago
[EME] MediaKeys::CheckPrincipal needs to take into account CORS
Categories
(Core :: Audio/Video, defect)
Core
Audio/Video
Tracking
()
RESOLVED
FIXED
mozilla38
People
(Reporter: cpearce, Assigned: eflores)
References
(Blocks 1 open bug)
Details
Attachments
(4 files, 1 obsolete file)
|
8.21 KB,
patch
|
cpearce
:
review+
|
Details | Diff | Splinter Review |
|
10.15 KB,
patch
|
cpearce
:
review+
|
Details | Diff | Splinter Review |
|
8.38 KB,
patch
|
lmandel
:
approval-mozilla-beta+
|
Details | Diff | Splinter Review |
|
10.19 KB,
patch
|
lmandel
:
approval-mozilla-beta+
|
Details | Diff | Splinter Review |
The MedaaKeys' CheckPrincipal() function needs to take into account CORS, otherwise it can't play an EME media file that is allowed to be played on its origin.
|
Assignee | |
Updated•10 years ago
|
Assignee: nobody → edwin
|
|
Assignee | |
Comment 1•9 years ago
|
||
From my reading of the spec, CheckPrincipals isn't necessary. We just need to null the |initData| field of the encrypted event if the media and page are CORS cross-origin.
Attachment #8554778 -
Flags: review?(cpearce)
|
|
Assignee | |
Comment 2•9 years ago
|
||
Attachment #8554779 -
Flags: review?(cpearce)
|
Reporter | |
Comment 4•9 years ago
|
||
Comment on attachment 8554779 [details] [diff] [review] 1101304-test.patch Review of attachment 8554779 [details] [diff] [review]: ----------------------------------------------------------------- ::: dom/media/test/test_eme_access_control.html @@ +28,5 @@ > + manager.finished(token); > + }); > + > + v.src = uri; > + v.play(); Do you need to play() the video? I'd have thought not. @@ +40,5 @@ > + manager.started(token); > + > + var v = document.createElement("video"); > + v.crossOrigin = true; > + Add an encrypted event listener and assert it doesn't fire. @@ +53,5 @@ > + > +function startTest(test, token) > +{ > + TestNoCORS(test, token); > + TestWithCORS(test, token); You should also have a CORS same-origin case, which should successfully load and in which the initData is visible. This case should call allowed.sjs?short-cenc.mp4 or somesuch, to ensure that the access control headers are set on the resource load. Also, we need to ensure that MSE behaves correctly cross origin too. Can you please test all these cases in MSE too?
Attachment #8554779 -
Flags: review?(cpearce) → review-
|
|
Reporter | |
Comment 5•9 years ago
|
||
Comment on attachment 8554778 [details] [diff] [review] 1101304.patch Review of attachment 8554778 [details] [diff] [review]: ----------------------------------------------------------------- I will refrain from reviewing this until the test has cross origin XHR+MSE cases.
Attachment #8554778 -
Flags: review?(cpearce)
|
|
Assignee | |
Comment 6•9 years ago
|
||
Addressed review comments. test_eme_playback now loads eme.js from |test1.m.t| origin, and has a test case for loading MSE data from |test2.m.t| origin.
Attachment #8554779 -
Attachment is obsolete: true
Attachment #8555668 -
Flags: review?(cpearce)
|
|
Reporter | |
Comment 7•9 years ago
|
||
Comment on attachment 8555668 [details] [diff] [review] 1101304-test.patch v2 Review of attachment 8555668 [details] [diff] [review]: ----------------------------------------------------------------- Thanks!
Attachment #8555668 -
Flags: review?(cpearce) → review+
|
|
Reporter | |
Updated•9 years ago
|
Attachment #8554778 -
Flags: review?(cpearce)
|
|
Reporter | |
Updated•9 years ago
|
Attachment #8554778 -
Flags: review?(cpearce) → review+
|
|
Assignee | |
Comment 8•9 years ago
|
||
https://hg.mozilla.org/integration/mozilla-inbound/rev/470dc6922fa2 https://hg.mozilla.org/integration/mozilla-inbound/rev/9dcf0be77eab
|
||
Comment 9•9 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/470dc6922fa2 https://hg.mozilla.org/mozilla-central/rev/9dcf0be77eab
Status: NEW → RESOLVED
Closed: 9 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla38
|
|
Reporter | |
Updated•9 years ago
|
Blocks: eme-platform-uplift
|
|
Reporter | |
Comment 10•9 years ago
|
||
https://hg.mozilla.org/releases/mozilla-beta/rev/7503ad43a7fd https://hg.mozilla.org/releases/mozilla-beta/rev/7bc573c193ea
status-firefox37:
--- → fixed
|
|
Reporter | |
Comment 11•9 years ago
|
||
Patch for beta branch as part of EME platform uplift.
|
|
Reporter | |
Comment 12•9 years ago
|
||
Comment on attachment 8572324 [details] [diff] [review] Beta patch Requesting retroactive approval for Beta landing as part of EME platform uplift.
Attachment #8572324 -
Flags: approval-mozilla-beta?
|
|
Reporter | |
Updated•9 years ago
|
status-firefox38:
--- → fixed
|
|
Reporter | |
Comment 13•9 years ago
|
||
Patch for beta branch as part of EME platform uplift.
|
|
Reporter | |
Comment 14•9 years ago
|
||
Comment on attachment 8572327 [details] [diff] [review] Beta patch Requesting retroactive approval for Beta landing as part of EME platform uplift.
Attachment #8572327 -
Flags: approval-mozilla-beta?
|
||
Comment 15•9 years ago
|
||
Comment on attachment 8572324 [details] [diff] [review] Beta patch Previously approved as part of the EME platform landing on Beta.
Attachment #8572324 -
Flags: approval-mozilla-beta? → approval-mozilla-beta+
|
|
||
Updated•9 years ago
|
Attachment #8572327 -
Flags: approval-mozilla-beta? → approval-mozilla-beta+
You need to log in
before you can comment on or make changes to this bug.
Description
•