Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Introduce 'webrtc' as a simple on/off switch #457

Merged
merged 27 commits into from
Apr 22, 2022
Merged

Conversation

zenhack
Copy link
Contributor

@zenhack zenhack commented Jan 18, 2021

This builds on #287; I've merged in changes from master and then changed the description so that this is a simple on-off switch with * allowing anything and 'none' denying everything.

The original PR had at least one TODO in there that I haven't yet tackled, so this is definitely still in the "starting point for discussion" phase.

PTAL


(2022-02-14): For folks not wanting to wade through over a year worth of comments, a summary of things that we ended up settling on:

  • The directive's name changed from webrtc-src to webrtc, and we don't inherit from any other directive due to compatibility considerations.
  • The accepted values are 'allow' and 'block', rather than * and 'none'
  • In the companion pr at Add a CSP check to RTCPeerConnection.addIceCandidate(). webrtc-extensions#81, we integrate this with webrtc in the definition of "administratively prohibited."

Preview | Diff

mikewest and others added 4 commits January 17, 2018 13:38
The 'webrtc-src' directive is a proposal for handling WebRTC connections. This patch
isn't exactly finished, but it should at least give a concrete proposal that we can
discuss in w3c#92.
Minor conflicts wrt. new sections added; just required picking an order.
There's no longer any server/peer specific logic, it's just yes or no
now.
@zenhack
Copy link
Contributor Author

zenhack commented Jan 18, 2021

The CI has pointed out that I need to sign off on some licensing stuff. I'm not affiliated with any relevant organization, so probably this case applies:

Otherwise, the WG’s team contacts will request the contributors to sign the non-participant licensing commitments

how do I go about this?

index.src.html Outdated Show resolved Hide resolved
@mozfreddyb
Copy link
Contributor

The CI has pointed out that I need to sign off on some licensing stuff. I'm not affiliated with any relevant organization, so probably this case applies:

Otherwise, the WG’s team contacts will request the contributors to sign the non-participant licensing commitments

how do I go about this?

Paging @samuelweiler, can you help with this?

@samuelweiler
Copy link
Member

The CI has pointed out that I need to sign off on some licensing stuff. I'm not affiliated with any relevant organization, so probably this case applies:

Otherwise, the WG’s team contacts will request the contributors to sign the non-participant licensing commitments

how do I go about this?

Paging @samuelweiler, can you help with this?

@zenhack Thanks for asking. It's a multi-stage process, but it's also easy.

  1. Create a w3c account, if you don't have one already.
  2. Then connect your W3C & GitHub accounts.
  3. Lastly, make the appropriate IPR commitment.

@zenhack
Copy link
Contributor Author

zenhack commented Jan 23, 2021

I went through the process re: IPR, invited expert application is pending, thanks.

@mozfreddyb, could you also weigh in on the telemetry question?

@samuelweiler
Copy link
Member

@zenhack I was apparently somewhat wrong about the process - or at least the links; you don't need to become an IE to do this. You should now have an email with the proper form.

@zenhack
Copy link
Contributor Author

zenhack commented Jan 26, 2021 via email

This would be a breaking change.
To make it more apparent that this is a stand-alone thing which doesn't
inherit from anything else, per @annevk's suggestion.
...since we've backed out the finer grained cases.
@zenhack
Copy link
Contributor Author

zenhack commented Feb 3, 2021

The one big TODO still left is the integration section. My current thinking is that the constructor for RTCPeerConnection should call into the procedure specified here, before doing much of anything else. So this would probably affect this section of the spec:

https://www.w3.org/TR/webrtc/#constructor

afaik there are no other entry points that would need to be blocked. Thoughts?

@annevk
Copy link
Member

annevk commented Feb 4, 2021

If you block the constructor you'll also block postMessage() of it, right?

@zenhack
Copy link
Contributor Author

zenhack commented Feb 4, 2021

Hm, that hadn't specifically been my intent, is it a corollary of some detail of how object transfer works that I'm unaware of?

Note that the discussion in w3c/mediacapture-extensions#16 (comment) is about transferring MediaStreamTrack, not RTCPeerConnection, so you wouldn't be able to postMessage() the RTCPeerConnection itself anyway, only tracks obtained from it.

Note that there's some suggestion of making RTCDataChannel transferrable as well:

w3c/webrtc-extensions#6

Base automatically changed from master to main February 16, 2021 23:21
@sideshowbarker
Copy link
Member

@annevk If this is merged, will that resolve #92?

@annevk
Copy link
Member

annevk commented Feb 18, 2021

I think so, even though it would be opt-in. We should try to avoid that with WebTransport.

@mikewest
Copy link
Member

I was assuming Web Transport would tie into connect-src, just like web sockets?

@mikewest
Copy link
Member

Also, this kind of thing still seems reasonable to me, but cc @antosart to evaluate this from Chromium's perspective.

@mikewest mikewest closed this Feb 18, 2021
@mikewest mikewest reopened this Feb 18, 2021
@martinthomson
Copy link
Member

¯\_(ツ)_/¯

@zenhack
Copy link
Contributor Author

zenhack commented Feb 7, 2022

Ok, so I think we're just waiting on @annevk now.

Copy link
Member

@annevk annevk left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you @zenhack for your tireless efforts on fixing this gap in the web platform. It's unfortunate this is the best we can do due to web compatibility, but that's still a lot better than doing nothing at all.

I think it's worth updating #457 (comment) to explain the setup we ended up with.

This as well w3c/webrtc-extensions#81 look good to me.

Is there a web-platform-tests PR as well?

@zenhack
Copy link
Contributor Author

zenhack commented Feb 14, 2022 via email

@annevk
Copy link
Member

annevk commented Feb 15, 2022

@antosart can clarify that, but I would recommend at least writing some basic tests to ensure everyone is on the same page.

@antosart
Copy link
Member

Yes, right. It would be great to have a basic web platform test before merging this one.

@zenhack
Copy link
Contributor Author

zenhack commented Feb 20, 2022

Opened web-platform-tests/wpt#32914; could use feedback.

@annevk
Copy link
Member

annevk commented Feb 25, 2022

Thanks! It seems like that would be best reviewed by @alvestrand or @jan-ivar or someone of their choosing. Like @antosart I'm not familiar enough with WebRTC testing.

@youennf
Copy link

youennf commented Apr 14, 2022

WPT test in web-platform-tests/wpt#32914 seems ready to land.
Can we merge this PR?

@jamesrez
Copy link

Can someone merge this please? I need this today. Thanks

jan-ivar added a commit to web-platform-tests/wpt that referenced this pull request Apr 18, 2022
* Test webrtc/content-security-policy integration

...as specified in:

- w3c/webappsec-csp#457
- w3c/webrtc-extensions#81

* Fix typos in comment.

Co-authored-by: Jan-Ivar Bruaroey <jan-ivar@users.noreply.github.com>

* Fix ice candidate exchange in CSP webrtc tests.

we should be passing each candidate to the *other* pc.

Tests now behave as expected.

* CSP webrtc tests: listen for connection state change, not gathering.

See #32914 (comment)

* CSP webrtc tests: drop unnecessary stun server.

* webrtc csp: simplify state checking

"new" is the initial state.

Co-authored-by: Jan-Ivar Bruaroey <jan-ivar@users.noreply.github.com>

Co-authored-by: Jan-Ivar Bruaroey <jan-ivar@users.noreply.github.com>
@jan-ivar
Copy link
Member

I don't have merge access in this repo, but I just merged the wpt this depended on, so maybe someone else can do the honors?

Copy link
Member

@antosart antosart left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It is good to merge for me. Could you just fix a few stylistic nits? (I would have done it myself, but I have no edit rights on your repo). Thanks!

index.bs Outdated
<h3 id="webrtc-integration">Integration with WebRTC</h3>

<p>The [=administratively-prohibited=] algorithm calls [[#should-block-rtc-connection]]
when invoked, and prohibits all candidates if it returns "`Blocked`."</p>
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit:

  "`Blocked`".

(swap " and .)

index.bs Outdated
[[#create-violation-for-global]] on |global|, |policy|, and
|directive|'s <a for="directive">name</a>.

3. Set |violation|'s <a for="violation">resource</a> to null.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit:

 `null`

(with backquotes)

index.bs Outdated
</div>

<h5 algorithm id="webrtc-pre-connect">
`webrtc` Preconnect Check
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: Pre-connect for consistency.

index.bs Outdated

1. If this directive's [=directive/value=] contains a single item which is an
<a>ASCII case-insensitive</a> match for the string "<a grammar>`'allow'`</a>",
return "Allowed"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit:

 "`Allowed`".

(with backquotes, and dot at the end).

@annevk
Copy link
Member

annevk commented Apr 22, 2022

@antosart weirdly enough I do have push access so I made the requested changes + one bonus.

@antosart
Copy link
Member

Ok, then let's merge it.

@antosart antosart merged commit 7e0f637 into w3c:main Apr 22, 2022
github-actions bot added a commit that referenced this pull request Apr 22, 2022
SHA: 7e0f637
Reason: push, by @antosart

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
DanielRyanSmith pushed a commit to DanielRyanSmith/wpt that referenced this pull request Apr 27, 2022
…2914)

* Test webrtc/content-security-policy integration

...as specified in:

- w3c/webappsec-csp#457
- w3c/webrtc-extensions#81

* Fix typos in comment.

Co-authored-by: Jan-Ivar Bruaroey <jan-ivar@users.noreply.github.com>

* Fix ice candidate exchange in CSP webrtc tests.

we should be passing each candidate to the *other* pc.

Tests now behave as expected.

* CSP webrtc tests: listen for connection state change, not gathering.

See web-platform-tests#32914 (comment)

* CSP webrtc tests: drop unnecessary stun server.

* webrtc csp: simplify state checking

"new" is the initial state.

Co-authored-by: Jan-Ivar Bruaroey <jan-ivar@users.noreply.github.com>

Co-authored-by: Jan-Ivar Bruaroey <jan-ivar@users.noreply.github.com>
moz-v2v-gh pushed a commit to mozilla/gecko-dev that referenced this pull request May 16, 2022
…gration, a=testonly

Automatic update from web-platform-tests
Test webrtc/content-security-policy integration (#32914)

* Test webrtc/content-security-policy integration

...as specified in:

- w3c/webappsec-csp#457
- w3c/webrtc-extensions#81

* Fix typos in comment.

Co-authored-by: Jan-Ivar Bruaroey <jan-ivar@users.noreply.github.com>

* Fix ice candidate exchange in CSP webrtc tests.

we should be passing each candidate to the *other* pc.

Tests now behave as expected.

* CSP webrtc tests: listen for connection state change, not gathering.

See web-platform-tests/wpt#32914 (comment)

* CSP webrtc tests: drop unnecessary stun server.

* webrtc csp: simplify state checking

"new" is the initial state.

Co-authored-by: Jan-Ivar Bruaroey <jan-ivar@users.noreply.github.com>

Co-authored-by: Jan-Ivar Bruaroey <jan-ivar@users.noreply.github.com>
--

wpt-commits: 0abba58602758eb8be11c38788c6f51fed2529e4
wpt-pr: 32914
jamienicol pushed a commit to jamienicol/gecko that referenced this pull request May 25, 2022
…gration, a=testonly

Automatic update from web-platform-tests
Test webrtc/content-security-policy integration (#32914)

* Test webrtc/content-security-policy integration

...as specified in:

- w3c/webappsec-csp#457
- w3c/webrtc-extensions#81

* Fix typos in comment.

Co-authored-by: Jan-Ivar Bruaroey <jan-ivar@users.noreply.github.com>

* Fix ice candidate exchange in CSP webrtc tests.

we should be passing each candidate to the *other* pc.

Tests now behave as expected.

* CSP webrtc tests: listen for connection state change, not gathering.

See web-platform-tests/wpt#32914 (comment)

* CSP webrtc tests: drop unnecessary stun server.

* webrtc csp: simplify state checking

"new" is the initial state.

Co-authored-by: Jan-Ivar Bruaroey <jan-ivar@users.noreply.github.com>

Co-authored-by: Jan-Ivar Bruaroey <jan-ivar@users.noreply.github.com>
--

wpt-commits: 0abba58602758eb8be11c38788c6f51fed2529e4
wpt-pr: 32914
Seirdy added a commit to Seirdy/grapheneos.org that referenced this pull request Aug 6, 2022
Merged to the webappsec-csp repo in April:
w3c/webappsec-csp#457
Seirdy added a commit to Seirdy/grapheneos.org that referenced this pull request Aug 26, 2022
Merged to the webappsec-csp repo in April:
w3c/webappsec-csp#457
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.