Once we've tested and are shipping the 4.10.2391.0 CDM via balrog, we should also update the fallback downloader.

Posting script used to generate JSON for this widevine release so my working can be checked and/or reproduced.

Update the fallback URLs for Widevine version 4.10.2391.0. This also adds a
fallback for the Windows asan case. This makes the fallback URLs consistent with
the balrog rules and handles the (edge) case where asan Win builds can't connect
to balrog.

I've verified this matches our current balrog settings for the same downloads. I've also checked that this works as expected by MiTM-ing myself and breaking the connection to balrog/aus5 to ensure we're picking up the fallback.

I plan to request uplift on this once the change been in nightly for a bit. I'd like this in beta so beta and all applicable ESR releases going forward have fallbacks that match the balrog rules. This is good for consistency, but also because the current fallbacks are going to point to CDMs that will not work come the start of December.

https://hg.mozilla.org/mozilla-central/rev/089a2533363d

Comment on attachment 9250775 [details]
Bug 1737666 - Update widevine fallback URLs to 4.10.2391.0 CDM. r?mjf

Beta/Release Uplift Approval Request

• User impact if declined: Users who fail to download CDM update information from Mozilla's update server and who do not yet have a CDM downloaded will receive an out of date CDM (which will be non-functional as of 2021-12-01). These users will not be able to watch DRM protected media until they connect to the update server and receive info to update their CDM.
• Is this code covered by automated tests?: Yes
• Has the fix been verified in Nightly?: Yes
• Needs manual test from QE?: No
• If yes, steps to reproduce:
• List of other uplifts needed: None
• Risk to taking this patch: Low
• Why is the change risky/not risky? (and alternatives if risky): The patch itself is low risk and well understood. The primary risk here is that the new CDM we're updating to has issues that we have not yet discovered. However, we've been rolling the CDM out via balrog and have not yet encountered issues. Come 2021-12-01 the existing fallback CDMs will no longer work, so the alternative to not patching is also fairly bad.
• String changes made/needed: None

ESR Uplift Approval Request

• If this is not a sec:{high,crit} bug, please state case for ESR consideration: Avoid issues with playback for DRM protected media.
• User impact if declined: Users who fail to download CDM update information from Mozilla's update server and who do not yet have a CDM downloaded will receive an out of date CDM (which will be non-functional as of 2020-12-01). These users will not be able to watch DRM protected media until they connect to the update server and receive info to update their CDM.
• Fix Landed on Version: 96
• Risk to taking this patch: Low
• Why is the change risky/not risky? (and alternatives if risky): The patch itself is low risk and well understood. The primary risk here is that the new CDM we're updating to has issues that we have not yet discovered. However, we've been rolling the CDM out via balrog and have not yet encountered issues. Come 2021-12-01 the existing fallback CDMs will no longer work, so the alternative to not patching is also fairly bad.
• String or UUID changes made by this patch: None

Comment on attachment 9250775 [details]
Bug 1737666 - Update widevine fallback URLs to 4.10.2391.0 CDM. r?mjf

Approved for 95 beta 10. Thanks

https://hg.mozilla.org/releases/mozilla-beta/rev/d795375bfbba

Comment on attachment 9250775 [details]
Bug 1737666 - Update widevine fallback URLs to 4.10.2391.0 CDM. r?mjf

Approved for 91.4esr.

https://hg.mozilla.org/releases/mozilla-esr91/rev/4f90e0e0970b

Hi Pavel,
I've noticed an improvement on AWSY
Do you think that your changes in this bug caused it or Bug 1740924, Bug 1741997 is the reason for the improvement?
Thanks!

I am not Pavel :)

Leaving NI, but I'm pretty confident this patch will not have been the reason for the improvement. This patch modifies the fallback URLs Firefox will use when it fails to connect to our update service. For the vast majority of tests (if not all our automated tests), these changes are invisible.

@pas(In reply to Pascal Chevrel:pascalc from comment #12)

I am not Pavel :)

I am so sorry, I don't know how I managed to do that