Bug 217104

Summary: Prevent media capture unless the application has correct data for system permission prompt
Product: WebKit Reporter: Eric Carlson <eric.carlson>
Component: WebRTCAssignee: Eric Carlson <eric.carlson>
Status: RESOLVED FIXED    
Severity: Normal CC: darin, ews-watchlist, glenn, jer.noble, philipj, sergio, webkit-bug-importer, youennf
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Patch
none
Patch for landing none

Eric Carlson
Reported 2020-09-29 13:43:33 PDT
The system will terminate an app that doesn't have the appropriate key(s) in its Info.plist when it tries to use a capture device, so don't allow that to happen.
Attachments
Patch (19.99 KB, patch)
2020-09-29 14:19 PDT, Eric Carlson 		no flags
DetailsFormatted DiffDiff
Patch for landing (19.69 KB, patch)
2020-09-29 17:31 PDT, Eric Carlson 		no flags
DetailsFormatted DiffDiff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.
Radar WebKit Bug Importer
Comment 1 2020-09-29 13:43:43 PDT
<rdar://problem/69761929>
Eric Carlson
Comment 2 2020-09-29 14:19:45 PDT
Created attachment 410050 [details] Patch
Darin Adler
Comment 3 2020-09-29 16:13:11 PDT
Comment on attachment 410050 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=410050&action=review > Source/WebKit/UIProcess/Cocoa/UIDelegate.mm:988 > + AVAuthorizationStatus microphoneAuthorizationStatus = usingMockCaptureDevices || !requiresAudioCapture ? AVAuthorizationStatusAuthorized : [PAL::getAVCaptureDeviceClass() authorizationStatusForMediaType:AVMediaTypeAudio]; auto > Source/WebKit/UIProcess/Cocoa/UIDelegate.mm:994 > + AVAuthorizationStatus cameraAuthorizationStatus = usingMockCaptureDevices || !requiresVideoCapture ? AVAuthorizationStatusAuthorized : [PAL::getAVCaptureDeviceClass() authorizationStatusForMediaType:AVMediaTypeVideo]; auto > Source/WebKit/UIProcess/Cocoa/UserMediaPermissionRequestManagerProxy.mm:41 > + static std::once_flag onceFlag; > + static bool validUsageString; > + std::call_once(onceFlag, [] { > + NSString *usageString = NSBundle.mainBundle.infoDictionary[@"NSMicrophoneUsageDescription"]; > + validUsageString = usageString.length; > + }); > + > + return validUsageString; Does this need to be thread-safe? If not, it can be a two-liner: static bool isPermiitted = NSBundle.mainBundle.infoDictionary[@"NSMicrophoneUsageDescription"].length; return isPermitted; > Source/WebKit/UIProcess/Cocoa/UserMediaPermissionRequestManagerProxy.mm:57 > + static std::once_flag onceFlag; > + static bool validUsageString; > + std::call_once(onceFlag, [] { > + NSString *usageString = NSBundle.mainBundle.infoDictionary[@"NSCameraUsageDescription"]; > + validUsageString = usageString.length; > + }); > + > + return validUsageString; Ditto.
Eric Carlson
Comment 4 2020-09-29 17:21:13 PDT
Comment on attachment 410050 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=410050&action=review Thanks for the review! >> Source/WebKit/UIProcess/Cocoa/UIDelegate.mm:988 >> + AVAuthorizationStatus microphoneAuthorizationStatus = usingMockCaptureDevices || !requiresAudioCapture ? AVAuthorizationStatusAuthorized : [PAL::getAVCaptureDeviceClass() authorizationStatusForMediaType:AVMediaTypeAudio]; > > auto Why do I have so much trouble remembering to use `auto`? Fixed. >> Source/WebKit/UIProcess/Cocoa/UIDelegate.mm:994 >> + AVAuthorizationStatus cameraAuthorizationStatus = usingMockCaptureDevices || !requiresVideoCapture ? AVAuthorizationStatusAuthorized : [PAL::getAVCaptureDeviceClass() authorizationStatusForMediaType:AVMediaTypeVideo]; > > auto Fixed. >> Source/WebKit/UIProcess/Cocoa/UserMediaPermissionRequestManagerProxy.mm:41 >> + return validUsageString; > > Does this need to be thread-safe? If not, it can be a two-liner: > > static bool isPermiitted = NSBundle.mainBundle.infoDictionary[@"NSMicrophoneUsageDescription"].length; > return isPermitted; Good idea, changed. >> Source/WebKit/UIProcess/Cocoa/UserMediaPermissionRequestManagerProxy.mm:57 >> + return validUsageString; > > Ditto. Ditto.
Eric Carlson
Comment 5 2020-09-29 17:31:16 PDT
Created attachment 410072 [details] Patch for landing
EWS
Comment 6 2020-10-01 11:28:22 PDT
Committed r267844: <https://trac.webkit.org/changeset/267844> All reviewed patches have been landed. Closing bug and clearing flags on attachment 410072 [details].
Note You need to log in before you can comment on or make changes to this bug.