Re: Sandboxing usage of RTCPeerConnection? from Eric Rescorla on 2015-08-17 (public-webrtc@w3.org from August 2015)

From: Eric Rescorla <ekr@rtfm.com>
Date: Mon, 17 Aug 2015 06:15:20 -0700
To: Dominique Hazael-Massieux <dom@w3.org>
Cc: "public-webrtc@w3.org" <public-webrtc@w3.org>
Message-ID: <CABcZeBNesJ1A7sovaHyasdgujjhgroR5_3hf=3YwdDYCqP5MBQ@mail.gmail.com>

On Mon, Aug 17, 2015 at 6:10 AM, Dominique Hazael-Massieux <dom@w3.org>
wrote:

> On 17/08/2015 14:54, Eric Rescorla wrote:
>
>> This seems like it's going to cause a lot of ossification, since it will
>> mean that if
>> you want to load an iframe that *can* use PC, then you will have to use
>> iframe-sandbox and then you will be restricted to just the APIs that are
>> presently
>> whitelistable.
>>
>
> Hmm... Indeed, I see how that could become problematic.
>
> It would be fine to have PC disabled when IFRAME sandbox was used unless
>> allow-rtcpeerconnection was set.
>>
>
> I think that would already be an improvement.
>
> How about a CSP directive that enables RTCPeerConnection for embedded
> contexts from specific origins and defaults to false for other than self?
>

Seems like a question for WebAppSec. It's not like this is the only thing
that's
problematic in IFRAMEs

-Ekr

Received on Monday, 17 August 2015 13:16:28 UTC