W3C home > Mailing lists > Public > public-webrtc@w3.org > August 2012

RE: checking SDP errors in SessionDescription

From: Li Li <Li.NJ.Li@huawei.com>
Date: Wed, 1 Aug 2012 14:54:57 +0000
To: Tommy Widenflycht (ᛏᚮᛘᛘᚤ) <tommyw@google.com>
CC: "public-webrtc@w3.org" <public-webrtc@w3.org>
Message-ID: <B60F8F444AAC9C49A9EF0D12D05E0942216B7502@szxeml535-mbs.china.huawei.com>
I agree that full SDP verification depends on the PeerConnection in interest.

But it seems the syntactic checking can be done in SessionDescription. When PC.setRemoteDescription() receives a checked SD object, it can simply test if the SD object is valid (e.g. through an internal boolean attribute).
If the SD is valid, then the PC object proceeds to the semantic verification; otherwise it just rejects the SD. So no duplicate checking is performed if we split the checking logic properly.

When receiving an invalid SDP, a web application can signal its peer (or take other actions) without a PeerConnection object, thus save some memory and CPU.

Thanks.
Li

From: Tommy Widenflycht (ᛏᚮᛘᛘᚤ) [mailto:tommyw@google.com]
Sent: Wednesday, August 01, 2012 7:33 AM
To: Li Li
Cc: public-webrtc@w3.org
Subject: Re: checking SDP errors in SessionDescription

An api to verify the SDP in a SessionDescription would very likely use the same SDP verifier as used in PC.setRemoteDescription() and therefore redundant. You gain nothing by verifying the SDP twice.

Also the SDP can't be fully verified with anything else than the relevant PeerConnection since it is state dependent.

Or maybe I am missing your point? Could you please give an use case?

/Tommy

On Tue, Jul 31, 2012 at 6:06 PM, Li Li <Li.NJ.Li@huawei.com<mailto:Li.NJ.Li@huawei.com>> wrote:
I think the idea is to give the applications the ability to not use an invalid SDP with a PeerConnection.

Thanks.
Li

From: Tommy Widenflycht (ᛏᚮᛘᛘᚤ) [mailto:tommyw@google.com<mailto:tommyw@google.com>]
Sent: Tuesday, July 31, 2012 11:21 AM
To: Li Li
Cc: public-webrtc@w3.org<mailto:public-webrtc@w3.org>
Subject: Re: checking SDP errors in SessionDescription

But what would you use a SessionDescription object for if you don't have an PeerConnection?

/Tommy
On Tue, Jul 31, 2012 at 5:04 PM, Li Li <Li.NJ.Li@huawei.com<mailto:Li.NJ.Li@huawei.com>> wrote:
When constructing a SessionDescription from a SDP string received from a peer, the SDP string may contain syntactic errors (according to RFC4566) as it may have been manipulated by the remote application.

I think the browser should catch these errors during the construction of SessionDescription object, through  error callback or exception. By detecting an invalid SDP early, the application can be more robust and efficient.

The current API can catch these errors in setRemoteDescrition() through its error callback. However, this requires a PeerConnection object.

Thanks.
Li





--
Tommy Widenflycht, Senior Software Engineer
Google Sweden AB, Kungsbron 2, SE-11122 Stockholm, Sweden
Org. nr. 556656-6880
And yes, I have to include the above in every outgoing email according to EU law.



--
Tommy Widenflycht, Senior Software Engineer
Google Sweden AB, Kungsbron 2, SE-11122 Stockholm, Sweden
Org. nr. 556656-6880
And yes, I have to include the above in every outgoing email according to EU law.
Received on Wednesday, 1 August 2012 14:57:11 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Wednesday, 1 August 2012 14:57:11 GMT