Closed Bug 1049087 Opened 10 years ago Closed 10 years ago

pre-populate the whitelist for screensharing in Fx33

Categories

(Core :: WebRTC, defect)

Product:
Core
Component:
WebRTC
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla35
Tracking Flags:
Tracking Status
firefox33 --- fixed
firefox34 --- fixed
firefox35 --- fixed
b2g-v2.1 --- fixed
b2g-v2.2 --- fixed

People

(Reporter: mreavy, Assigned: ehugg)

References

Details

(Whiteboard: [screensharing-uplift])

Attachments

(2 files)

set temporary allowed screensharing domain of mozilla.github.io - replace for release
(deleted), patch
gcp
: review+
Sylvestre
: approval-mozilla-aurora+
Details | Diff | Splinter Review
pre-populate the whitelist for screensharing in Fx33
(deleted), patch
jesup
: review+
Sylvestre
: approval-mozilla-aurora+
Sylvestre
: approval-mozilla-beta+
Details | Diff | Splinter Review 
For Fx33, we should pre-populate the whitelist with certain domains so that the feature is more useful "out of the box" for users.

The user retains the ability to update the whitelist at any time by going into about:config.
Blocks: 1040061
I'd like to point out that the implementation does not support wildcards.  Each domain in the list must be an exact match.  Code is here:
http://mxr.mozilla.org/mozilla-central/source/dom/media/MediaManager.cpp#137
I don't have a list of domains yet but I'm pretty sure we'll need wildcards for subdomains so we can add "*.webex.com" for example.

This is mentioned on bug 1037424 here as a "possible part 2":
https://bugzilla.mozilla.org/show_bug.cgi?id=1037424#c18
Depends on: 1049583
Assignee: nobody → gpiper
OS: Windows 7 → All
Hardware: x86_64 → All
Whiteboard: [sceensharing-uplift] → [sceensharing-uplift][leave-open]
Comment on attachment 8481304 [details] [diff] [review]
set temporary allowed screensharing domain of mozilla.github.io - replace for release

Approval Request Comment
[Feature/regressing bug #]: screensharing

[User impact if declined]: harder for people to test in beta

[Describe test coverage new/current, TBPL]: screensharing tests in tbpl use this

[Risks and why]: Provide a temporary value for the whitelist to allow testers to use http://mozilla.github.io/webrtc-landing/gum_test.html to verify screensharing.  Should be replaced by mid-beta with whatever we decide will be the initial release whitelist.

[String/UUID change made/needed]: none
Attachment #8481304 - Flags: review?(gpascutto)
Attachment #8481304 - Flags: approval-mozilla-aurora?
Comment on attachment 8481304 [details] [diff] [review]
set temporary allowed screensharing domain of mozilla.github.io - replace for release

Review of attachment 8481304 [details] [diff] [review]:
-----------------------------------------------------------------

::: modules/libpref/init/all.js
@@ +371,5 @@
>  #endif
>  
>  pref("media.getusermedia.screensharing.enabled", true);
> + // temporary value, not intended for release - bug 1049087
> +pref("media.getusermedia.screensharing.allowed_domains", "mozilla.github.io");

If it's not meant for release you should protect it with !defined(RELEASE_BUILD).
Attachment #8481304 - Flags: review?(gpascutto) → review+
Whiteboard: [sceensharing-uplift][leave-open] → [screensharing-uplift][leave-open]
Attachment #8481304 - Flags: approval-mozilla-aurora? → approval-mozilla-aurora+
Assignee: gpiper → ethanhugg
Status: NEW → ASSIGNED
Attachment #8484458 - Flags: review?(rjesup)
Comment on attachment 8484458 [details] [diff] [review]
pre-populate the whitelist for screensharing in Fx33

Review of attachment 8484458 [details] [diff] [review]:
-----------------------------------------------------------------

::: modules/libpref/init/all.js
@@ +380,5 @@
>  #endif
>  
>  pref("media.getusermedia.screensharing.enabled", true);
>  #ifdef RELEASE_BUILD
> +pref("media.getusermedia.screensharing.allowed_domains", "webex.com,*.webex.com,collaborate.com,*.collaborate.com");

I see it as problematic that none of these domains use HTTPS+HSTS, because that means this protection is really trivial to circumvent in many cases.
Comment on attachment 8484458 [details] [diff] [review]
pre-populate the whitelist for screensharing in Fx33

Review of attachment 8484458 [details] [diff] [review]:
-----------------------------------------------------------------

Note: we've restricted screen/windowsharing to https: in a different bug
Attachment #8484458 - Flags: review?(rjesup) → review+
https://hg.mozilla.org/integration/mozilla-inbound/rev/efb085f286fd
status-firefox33: fixedaffected
status-firefox34: fixedaffected
status-firefox35: --- → affected
Whiteboard: [screensharing-uplift][leave-open] → [screensharing-uplift]
Target Milestone: --- → mozilla35
https://hg.mozilla.org/mozilla-central/rev/efb085f286fd
Status: ASSIGNED → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
Comment on attachment 8484458 [details] [diff] [review]
pre-populate the whitelist for screensharing in Fx33

Approval Request Comment
[Feature/regressing bug #]: screensharing

[User impact if declined]: inability to access approved sites

[Describe test coverage new/current, TBPL]: nightly, externally tested by Cisco

[Risks and why]: virtually none

[String/UUID change made/needed]: none
Attachment #8484458 - Flags: approval-mozilla-beta?
Attachment #8484458 - Flags: approval-mozilla-aurora?
Attachment #8484458 - Flags: approval-mozilla-beta?
Attachment #8484458 - Flags: approval-mozilla-beta+
Attachment #8484458 - Flags: approval-mozilla-aurora?
Attachment #8484458 - Flags: approval-mozilla-aurora+
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: