Closed Bug 1215591 Opened 9 years ago Closed 4 years ago

Give add-ons a way to create RTCPeerConnection not tied to untrusted hiddenWindow

Categories

(Core :: WebRTC, defect, P3)

defect

Tracking

()

RESOLVED INACTIVE

People

(Reporter: jib, Unassigned)

References

Details

To use WebRTC, add-ons have to (ab)use:

    new hiddenWindow.RTCPeerConnection();

But as Bug 1207784 comment 30 points out, the hiddenWindow is unprivileged on all platforms except OSX, and that issue adds a workaround to make this use work (always skip PeerConnection permission on hiddenWindow).

As suggested by bz in #content today, the right long-term fix for this is to give add-ons an API to create an RTCPeerConnection not tied to an untrusted window. Add-ons should just be able to write:

    new RTCPeerConnection();

From a brief skim, PeerConnection seems to have no inherent functional need of a window other than to create other objects like DOMException, PeerConnectionObserver, etc.

10:27:20 -  bz:	 So we'd need a bit of binding surgery
10:27:31 -  bz:	 to allow passing through an arbitrary "caller global" there
10:27:33 -  bz:	 not just a window
10:27:43 -  bz:	 And make sure the relevant ctors are exposed on it

And then we could deprecate RTCPeerConnection on hiddenWindow.
backlog: --- → webrtc/webaudio+
Rank: 27
Priority: -- → P2
Depends on: 1217262
Mass change P2->P3 to align with new Mozilla triage process.
Priority: P2 → P3

Is this still an issue in the world of webextension-only addons?

Flags: needinfo?(jib)

I have no idea. Probably not? The issue mentioned on comment 0 (Bug 1207784) was about a regression from hooks added to enable peer connection permissions, which also haven't gone anywhere.

I'm happy to close this until a need arises.

Status: NEW → RESOLVED
Closed: 4 years ago
Flags: needinfo?(jib)
Resolution: --- → INACTIVE

There's still a reference to this bug at https://searchfox.org/mozilla-central/rev/af5cff556a9482d7aa2267a82f2ccfaf18e797e9/browser/actors/WebRTCChild.jsm

Message managers have been otherwise removed from webrtc and moved to JSWindowActors.

Can this code here be removed, or is there still some issue here, and if so, what needs to be done here?

Flags: needinfo?(jib)

The comment says "Remove once there's a better way (1215591)." so since the bug is closed I guess there's no better way, and the code there is still needed? OTOH I haven't kept tabs on what's happened with message managers since I wrote that. Tectonic plates seem to shift often in gecko. ;) So I don't know if this is still needed, is the short answer. Sorry I don't know more about what add-ons rely on here these days.

I guess we could remove the "TODO" part of it, or we can leave it for documentation? Up to you.

Flags: needinfo?(jib)
You need to log in before you can comment on or make changes to this bug.