Disallow getUserMedia on nullprincipals (sandboxed iframes, top-level data urls).
Categories
(Core :: WebRTC: Audio/Video, enhancement, P2)
Tracking
()
Tracking | Status | |
---|---|---|
firefox66 | --- | fixed |
People
(Reporter: jib, Assigned: johannh)
References
(Blocks 1 open bug)
Details
(Keywords: dev-doc-complete, site-compat)
Attachments
(3 files, 3 obsolete files)
Comment hidden (mozreview-request) |
Comment 2•7 years ago
|
||
Reporter | ||
Updated•7 years ago
|
Comment hidden (mozreview-request) |
Reporter | ||
Updated•7 years ago
|
Comment 4•7 years ago
|
||
mozreview-review |
Comment 5•7 years ago
|
||
mozreview-review-reply |
Comment 6•7 years ago
|
||
mozreview-review |
Comment 7•7 years ago
|
||
mozreview-review |
Reporter | ||
Comment 8•7 years ago
|
||
Comment 9•7 years ago
|
||
Comment hidden (mozreview-request) |
Comment hidden (mozreview-request) |
Comment hidden (mozreview-request) |
Assignee | ||
Comment 13•7 years ago
|
||
Comment 14•7 years ago
|
||
Assignee | ||
Comment 16•6 years ago
|
||
Reporter | ||
Comment 17•6 years ago
|
||
Assignee | ||
Comment 18•6 years ago
|
||
Comment 19•6 years ago
|
||
Reporter | ||
Comment 21•6 years ago
•
|
||
Let me know when you have a new patch up, or I can take this if you want.
Note that there have been some changes in this area, both in our code and the spec. e.g. the spec no longer mentions throwing SecurityError anywhere.
We should probably reject with NotAllowedError (and the adjacent SecurityErrors should probably either be NotAllowedError or InvalidStateError now according to the spec, not sure which one to pick since they're a bit edge-casy) [1].
Assignee | ||
Comment 22•6 years ago
|
||
Assignee | ||
Comment 23•6 years ago
|
||
Assignee | ||
Updated•6 years ago
|
Assignee | ||
Updated•6 years ago
|
Assignee | ||
Updated•6 years ago
|
Assignee | ||
Comment 24•6 years ago
|
||
(In reply to Jan-Ivar Bruaroey [:jib] (needinfo? me) from comment #21)
Let me know when you have a new patch up, or I can take this if you want.
I submitted the updated patches for your review. The test changes mostly cover that data: iframes are null principals now, afaik and I also had to make the test a little more robust (e.g. stopping tracks) to avoid intermittently thrown AbortErrors in my testing.
Note that there have been some changes in this area, both in our code and the spec. e.g. the spec no longer mentions throwing SecurityError anywhere.
We should probably reject with NotAllowedError (and the adjacent SecurityErrors should probably either be NotAllowedError or InvalidStateError now according to the spec, not sure which one to pick since they're a bit edge-casy) [1].
Let's do that in a new bug. :)
Assignee | ||
Comment 25•6 years ago
|
||
Comment 26•6 years ago
|
||
Comment 27•6 years ago
|
||
bugherder |
https://hg.mozilla.org/mozilla-central/rev/12ad92939684
https://hg.mozilla.org/mozilla-central/rev/10f070a6edc0
https://hg.mozilla.org/mozilla-central/rev/897f95b6d3fc
Assignee | ||
Updated•6 years ago
|
Comment 28•6 years ago
|
||
Do we need a site compat doc for this? Given that Bug 1367805 was not fixed, getUserMedia()
on sandboxed iframes has been broken for a while anyway?
Assignee | ||
Comment 29•6 years ago
|
||
(In reply to Kohei Yoshino [:kohei] (Bugzilla UX) (FxSiteCompat) from comment #28)
Do we need a site compat doc for this? Given that Bug 1367805 was not fixed,
getUserMedia()
on sandboxed iframes has been broken for a while anyway?
Not sure, honestly. Jib, what do you think?
Reporter | ||
Comment 30•6 years ago
|
||
Microphone by itself used to work, so a site compat doc might be good.
https://jan-ivar.github.io/dummy/iframe_gum_sandbox_isolate.html hasn't worked since 52.
https://jan-ivar.github.io/dummy/iframe_gum_audio_sandbox_isolate.html worked until 66.
Comment 31•6 years ago
•
|
||
Documentation updates
- Updated information about
NotAllowedError
on the MediaDevices.getUserMedia() page - Added a new section about security on that same page; includes this information
- Firefox 66 for developers updated
BCD updates
- Submitted PR for BCD update -- adds a note about this change for Firefox
Description
•