Closed
Bug 1306422
Opened 8 years ago
Closed 8 years ago
[webvr] VRDisplay.exitPresent must only be allowed by content that started VR Presentation
Categories
(Core :: Graphics, defect)
Core
Graphics
Tracking
()
RESOLVED
FIXED
mozilla52
Tracking | Status | |
---|---|---|
firefox52 | --- | fixed |
People
(Reporter: kip, Assigned: kip)
References
()
Details
Attachments
(1 file)
In our current WebVR implementation, VRDisplay.exitPresent can be called by any Javascript, even if it is in a different tab or window that did not start the VR Presentation. This could enable erroneous or malicious scripts to interrupt a VR Session and replace the VR session with their own, taking over the user's headset. VRDisplay.exitPresent should not succeed unless it is called from the same Javascript context that successfully created a VR session with VRDisplay.requestPresent
Assignee | ||
Comment 1•8 years ago
|
||
The VRDisplay.exitPresent was correctly preventing other content from exiting VR presentation; however, in this case, the returned promise was still resolving successful.
Assignee | ||
Comment 2•8 years ago
|
||
While fixing the VRDisplay.exitPresent to resolve fail its returned promise, I noticed that VRDisplay.isPresenting is returning the global state of the VRDisplay. I have updated this as well in the patch so that the isPresenting attribute only returns true for VR presentations started within the same Javascript context.
Comment hidden (mozreview-request) |
Assignee | ||
Updated•8 years ago
|
Attachment #8796356 -
Flags: review?(gwright)
Comment 4•8 years ago
|
||
mozreview-review |
Comment on attachment 8796356 [details] Bug 1306422 - VRDisplay.exitPresent must only be allowed by content that started VR Presentation https://reviewboard.mozilla.org/r/82232/#review83478 ::: dom/vr/VRDisplay.cpp:652 (Diff revision 1) > > bool > VRDisplay::IsPresenting() const > { > - return mClient->GetIsPresenting(); > + // IsPresenting returns true only if this Javascript context is presenting > + // and will return false if another context is presenting. I would rather have method behaviour docs like this in the header file, where the method is declared.
Comment 5•8 years ago
|
||
mozreview-review |
Comment on attachment 8796356 [details] Bug 1306422 - VRDisplay.exitPresent must only be allowed by content that started VR Presentation https://reviewboard.mozilla.org/r/82232/#review83482
Attachment #8796356 -
Flags: review?(gwright) → review+
Assignee | ||
Comment 6•8 years ago
|
||
https://hg.mozilla.org/integration/mozilla-inbound/rev/2a503541609be3dffe938480a256117690d90222 Bug 1306422 - VRDisplay.exitPresent must only be allowed by content that started VR Presentation,r=gwright
Comment 7•8 years ago
|
||
bugherder |
https://hg.mozilla.org/mozilla-central/rev/2a503541609b
Status: NEW → RESOLVED
Closed: 8 years ago
status-firefox52:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla52
You need to log in
before you can comment on or make changes to this bug.
Description
•