RESOLVED FIXED 168975
[WebRTC] Activate ICE candidate privacy policy 
https://bugs.webkit.org/show_bug.cgi?id=168975
Summary [WebRTC] Activate ICE candidate privacy policy
youenn fablet
Reported 2017-02-28 10:35:51 PST
We should activate ICE candidate privacy policy by default and find a way to disable it when needed.
Attachments
Patch (5.23 KB, patch)
2017-02-28 11:35 PST, youenn fablet 		no flags
DetailsFormatted DiffDiff
Patch (23.21 KB, patch)
2017-03-01 09:54 PST, youenn fablet 		no flags
DetailsFormatted DiffDiff
Patch (22.84 KB, patch)
2017-03-01 17:05 PST, youenn fablet 		no flags
DetailsFormatted DiffDiff
Show Obsolete (2) View All Add attachment proposed patch, testcase, etc.
youenn fablet
Comment 1 2017-02-28 11:35:31 PST
Created attachment 302956 [details] Patch
youenn fablet
Comment 2 2017-02-28 11:37:02 PST
This patch is a second step towards implementing privacy policy. We should add tests and probably reactivate filtering in some cases. For instance when access is being revoked from the address bar.
Eric Carlson
Comment 3 2017-02-28 15:17:09 PST
Comment on attachment 302956 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=302956&action=review > Source/WebKit2/UIProcess/UserMediaPermissionRequestManagerProxy.cpp:209 > +#if ENABLE(WEB_RTC) && USE(LIBWEBRTC) > + m_page.process().send(Messages::WebPage::DisableICECandidateFiltering(), m_page.pageID()); > +#endif I don't think this should be done here, because it will disable filtering if the user accepts one stream and denies another. Instead, I think it should be in UserMediaProcessManager::willCreateMediaStream and UserMediaProcessManager::endedCaptureSession.
youenn fablet
Comment 4 2017-03-01 09:54:02 PST
Created attachment 303074 [details] Patch
youenn fablet
Comment 5 2017-03-01 09:56:18 PST
(In reply to comment #3) > Comment on attachment 302956 [details] > Patch > > View in context: > https://bugs.webkit.org/attachment.cgi?id=302956&action=review > > > Source/WebKit2/UIProcess/UserMediaPermissionRequestManagerProxy.cpp:209 > > +#if ENABLE(WEB_RTC) && USE(LIBWEBRTC) > > + m_page.process().send(Messages::WebPage::DisableICECandidateFiltering(), m_page.pageID()); > > +#endif > > I don't think this should be done here, because it will disable filtering if > the user accepts one stream and denies another. Instead, I think it should > be in UserMediaProcessManager::willCreateMediaStream and > UserMediaProcessManager::endedCaptureSession. Thanks for the feedback. I updated patch accordingly. I also added a layout test for it.
Eric Carlson
Comment 6 2017-03-01 11:25:56 PST
Comment on attachment 303074 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=303074&action=review > Source/WebKit2/UIProcess/UserMediaPermissionRequestManagerProxy.cpp:205 > +#if ENABLE(WEB_RTC) && USE(LIBWEBRTC) > + m_page.process().send(Messages::WebPage::DisableICECandidateFiltering(), m_page.pageID()); > +#endif Don't you want to remove this? > Source/WebKit2/UIProcess/UserMediaProcessManager.cpp:159 > +#if ENABLE(WEB_RTC) && USE(LIBWEBRTC) > + if (currentExtensions == ProcessState::SandboxExtensionsGranted::None) > + proxy.page().process().send(Messages::WebPage::DisableICECandidateFiltering(), proxy.page().pageID()); > +#endif Shouldn't this be in UserMediaProcessManager::endedCaptureSession?
youenn fablet
Comment 7 2017-03-01 17:05:17 PST
Created attachment 303143 [details] Patch
youenn fablet
Comment 8 2017-03-01 17:06:23 PST
(In reply to comment #6) > Comment on attachment 303074 [details] > Patch > > View in context: > https://bugs.webkit.org/attachment.cgi?id=303074&action=review > > > Source/WebKit2/UIProcess/UserMediaPermissionRequestManagerProxy.cpp:205 > > +#if ENABLE(WEB_RTC) && USE(LIBWEBRTC) > > + m_page.process().send(Messages::WebPage::DisableICECandidateFiltering(), m_page.pageID()); > > +#endif > > Don't you want to remove this? Right > > Source/WebKit2/UIProcess/UserMediaProcessManager.cpp:159 > > +#if ENABLE(WEB_RTC) && USE(LIBWEBRTC) > > + if (currentExtensions == ProcessState::SandboxExtensionsGranted::None) > > + proxy.page().process().send(Messages::WebPage::DisableICECandidateFiltering(), proxy.page().pageID()); > > +#endif > > Shouldn't this be in UserMediaProcessManager::endedCaptureSession? We want to disable filtering when capture is authorised, so I think this is ok like this. I reworked a bit the way this is handled to ensure we got good coverage here.
youenn fablet
Comment 9 2017-03-01 17:08:41 PST
Eric, could you check that the granting/revocation goes well with the disable/enable filtering? Alex, one thing to consider is that we probably do not want these preferences to stay persistent WebKit launch after WebKit launch. Maybe more a Safari issue though but this may be the two-only preferences that act like this currently.
WebKit Commit Bot
Comment 10 2017-03-02 08:23:27 PST
Comment on attachment 303143 [details] Patch Clearing flags on attachment: 303143 Committed r213283: <http://trac.webkit.org/changeset/213283>
WebKit Commit Bot
Comment 11 2017-03-02 08:23:31 PST
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.