Geolocation sharing state overwrites WebRTC sharing state
Categories
(Firefox :: Site Identity, defect)
Tracking
()
People
(Reporter: emz, Assigned: emz)
References
(Regression)
Details
(Keywords: regression, sec-low, Whiteboard: [adv-main85+])
Attachments
(3 files, 1 obsolete file)
47 bytes,
text/x-phabricator-request
|
jcristau
:
approval-mozilla-beta+
|
Details | Review |
47 bytes,
text/x-phabricator-request
|
jcristau
:
approval-mozilla-beta+
|
Details | Review |
281 bytes,
text/plain
|
Details |
When we have an active sharing state for WebRTC and then begin sharing geolocation, updateBrowserSharing
resets the webRTC sharing state: tab._sharingState.webRTC = null
:
https://searchfox.org/mozilla-central/rev/6bb59b783b193f06d6744c5ccaac69a992e9ee7b/browser/base/content/tabbrowser.js#1392
This results in the microphone/camera indicator in the tab, the identity section and in the siteIdentity popup permission list to disappear. The global WebRTC indicator is not affected.
In theory this could be abused, but it's rather an edge case. The user would have to first accept the webRTC sharing permission prompt and then the geolocation prompt.
Assignee | ||
Comment 1•4 years ago
|
||
Comment 2•4 years ago
|
||
This feels like sec-moderate to sec-low since it's definitely a big spoofing/tricking issue but also one that requires the user to consent to camera access in the first place (which is quite a big barrier to cross). Additionally there are global hardware and software indicators on most systems that alert you about the camera usage.
Assignee | ||
Comment 3•4 years ago
|
||
Depends on D98798
Assignee | ||
Updated•4 years ago
|
![]() |
||
Comment 4•4 years ago
|
||
https://hg.mozilla.org/integration/autoland/rev/9d898069051e3688a096e39629195d9d70e2b813
https://hg.mozilla.org/integration/autoland/rev/2e95962ba599ff217803b689f16a038fc50e7d85
https://hg.mozilla.org/mozilla-central/rev/9d898069051e
https://hg.mozilla.org/mozilla-central/rev/2e95962ba599
Updated•4 years ago
|
Comment 5•4 years ago
|
||
The patch landed in nightly and beta is affected.
:pbz, is this bug important enough to require an uplift?
If not please set status_beta
to wontfix
.
For more information, please visit auto_nag documentation.
Assignee | ||
Comment 6•4 years ago
|
||
Comment on attachment 9191358 [details]
Bug 1680793 - Do not overwrite the webRTC sharing state when updating other sharing states. r=johannh
Beta/Release Uplift Approval Request
- User impact if declined: If a user grants access to WebRTC (mic, camera, or screen) and then geolocation the indicators for the WebRTC sharing disappear. This is a security risk, because it can give the user the impression that they are no longer sharing their device via WebRTC. The affected sharing indicators are: Tab icon (for background tabs), site identity icon, permission icon in the identity popup permission list. The global WebRTC sharing indicator (window) is not affected by this bug.
- Is this code covered by automated tests?: Yes
- Has the fix been verified in Nightly?: No
- Needs manual test from QE?: Yes
- If yes, steps to reproduce: 1. Go to https://permission.site
- Click on Microphone, Camera, or Camera + Microphone, select a device and click "allow"
There should be a blinking WebRTC indicator icon in the identity icon section (next to the lock) and in the permission list of the identity popup - Click on "Location" and allow access
There should now be indicators for both the geolocation and the webRTC access.
- List of other uplifts needed: None
- Risk to taking this patch: Medium
- Why is the change risky/not risky? (and alternatives if risky): The patch updates the device sharing UI code and could break our device sharing indicators as well as permission list entries for temporary geolocation / webRTC grants.
However the code change is rather small and it now has improved test coverage. - String changes made/needed:
Assignee | ||
Updated•4 years ago
|
Assignee | ||
Updated•4 years ago
|
Comment 7•4 years ago
|
||
Comment on attachment 9191358 [details]
Bug 1680793 - Do not overwrite the webRTC sharing state when updating other sharing states. r=johannh
approved for 85.0b3
Updated•4 years ago
|
Comment 8•4 years ago
|
||
uplift |
Updated•4 years ago
|
Comment 9•4 years ago
|
||
Hello!
Reproduced the initial issue with Firefox 85.0a1 (20201204162120) on Windows 10x64 while following the steps from comment 6. After allowing the camera or camera+ microphone and then allowing the geolocation the WebRTC camera indicator was hidden.
The issue is verified fixed with Firefox 86.0a1 (20201217214927) and 85.0b3 (20201217185930) on Windows 10x64, macOS 10.12 and Ubuntu 18.04. The camera WebRTC icon is still displayed after allowing geolocation.
Comment 10•4 years ago
|
||
Seems low-impact enough that we don't need to take this on ESR. Feel free to nominate if you feel strongly otherwise.
Updated•4 years ago
|
Comment 11•4 years ago
|
||
Comment 12•4 years ago
|
||
Updated•4 years ago
|
Updated•3 years ago
|
Updated•3 years ago
|
Description
•