NEW 168242
[WebRTC][Mac][WebKit2] UIProcess should be able to veto WebRTC requests 
https://bugs.webkit.org/show_bug.cgi?id=168242
Summary [WebRTC][Mac][WebKit2] UIProcess should be able to veto WebRTC requests
Brent Fulgham
Reported 2017-02-13 12:10:36 PST
In Bug 168010 we added the ability for the UIProcess to extend the NetworkProcess sandbox to include WebRTC connections. Currently, we grant access whenever the NetworkProcess requests to expand the sandbox for a new connection. For a final shipping product, however, we need to validate that the user actually intended a WebRTC connection to be established before expanding the sandbox. This bug tracks that task.
Attachments
Patch (15.73 KB, patch)
2017-02-16 12:30 PST, Brent Fulgham 		achristensen: review+
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Radar WebKit Bug Importer
Comment 1 2017-02-13 12:12:11 PST
<rdar://problem/30496382>
Brent Fulgham
Comment 2 2017-02-16 12:30:18 PST
Created attachment 301799 [details] Patch
Alex Christensen
Comment 3 2017-02-16 14:24:56 PST
Comment on attachment 301799 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=301799&action=review Looks good with a few comments. > Source/WebKit2/NetworkProcess/mac/NetworkProcessMac.mm:152 > +void NetworkProcess::didGrantRTCConnection(uint64_t requestID) These should be in NetworkProcessCocoa.mm > Source/WebKit2/NetworkProcess/webrtc/NetworkRTCProvider.cpp:107 > + NetworkProcess::singleton().grantRTCConnectionForClient("tcp", localAddress, remoteAddress, ASCIILiteral with the protocols.
Note You need to log in before you can comment on or make changes to this bug.