Open
Bug 1421842
Opened 7 years ago
Updated 2 years ago
Limit the amount of PCs per origin
Categories
(Core :: WebRTC, enhancement, P3)
Core
WebRTC
Tracking
()
NEW
Tracking | Status | |
---|---|---|
firefox59 | --- | affected |
People
(Reporter: drno, Unassigned)
Details
Apparently there are some service and libraries out there which try to create PeerConnections as if they are free of costs. This apparently can result in the browser tab crashing, e.g. https://github.com/ipfs/js-ipfs/issues/950 I think we should look into limiting the amount of PeerConnections a given origin is allowed to create to X And we should also put in a higher limit for the whole browser so that about:webrtc only shows Y (where Y > X) connections to avoid wasting too much memory on lots of old, and probably closed connections. Note: apparently the RTCPeerConnection constructor right now can not fail https://www.w3.org/TR/webrtc/#constructor
Reporter | ||
Updated•7 years ago
|
Rank: 24
Reporter | ||
Comment 1•7 years ago
|
||
jib what do you think about adding a limit? I think we should also open an issue against the spec to allow a browser to reject the creation of yet another PeerConnection with a meaningful error code.
Flags: needinfo?(jib)
Comment 2•7 years ago
|
||
There is one. See https://github.com/w3c/webrtc-pc/issues/1670. A limit makes sense to me, but we should probably track down the crash as well?
Flags: needinfo?(jib)
Comment 3•7 years ago
|
||
A few comments: 1. A per-origin limit seems unwise. People will just shard, which is worse. 2. I agree we should not crash. Some method to avoid running out of memory is good, but it should be browser global
Reporter | ||
Comment 4•7 years ago
|
||
(In reply to Eric Rescorla (:ekr) from comment #3) > 1. A per-origin limit seems unwise. People will just shard, which is worse. > 2. I agree we should not crash. Some method to avoid running out of memory > is good, but it should be browser global Do you think per (second level) domain would be a possible alternative to browser global?
Comment 5•7 years ago
|
||
No, I think people will cheat.
Reporter | ||
Comment 6•7 years ago
|
||
Browser global has the problem though that a single malicious or stupid page can prevent other legit services in other tabs/windows from working.
Comment 7•7 years ago
|
||
I think rather than origin you want all the PCs that were started by a given page no matter what origin they came from. And I wouldn't have a limit but rather a warning like the slow script warning.
Updated•2 years ago
|
Severity: normal → S3
You need to log in
before you can comment on or make changes to this bug.
Description
•