Bug 73816

Summary: MediaStream API: Removing SecurityContext from the embedder API
Product: WebKit Reporter: Tommy Widenflycht <tommyw>
Component: WebKit APIAssignee: Tommy Widenflycht <tommyw>
Status: RESOLVED FIXED    
Severity: Normal CC: abarth, fishd, grunell, harald, s.choi, webkit.review.bot
Priority: P2    
Version: 528+ (Nightly build)   
Hardware: All   
OS: All   
Bug Depends on:    
Bug Blocks: 56459    
Attachments:
Description Flags
Patch
none
Patch none

Tommy Widenflycht
Reported 2011-12-05 03:32:38 PST
Changed the SecurityOrigin argument to a String in PeerConnectionHandler and associated files. This is done for two reasons: 1) Using SecurityContext breaks the layering pattern 2) The textual representation is enough anyway.
Attachments
Patch (10.79 KB, patch)
2011-12-05 03:36 PST, Tommy Widenflycht 		no flags
DetailsFormatted DiffDiff
Patch (10.85 KB, patch)
2012-02-10 06:19 PST, Tommy Widenflycht 		no flags
DetailsFormatted DiffDiff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.
Tommy Widenflycht
Comment 1 2011-12-05 03:36:17 PST
Created attachment 117864 [details] Patch
WebKit Review Bot
Comment 2 2011-12-05 03:38:38 PST
Please wait for approval from fishd@chromium.org before submitting because this patch contains changes to the Chromium public API.
Tommy Widenflycht
Comment 3 2012-02-10 06:19:51 PST
Created attachment 126510 [details] Patch
Darin Fisher (:fishd, Google)
Comment 4 2012-02-13 08:23:19 PST
Is this something Adam recommended? Is the idea that "platform" level stuff should not depend on SecurityOrigin? Generally, replacing SecurityOrigin with a String is seen as the wrong thing to do. I find it interesting that you are calling the result of SecurityOrigin::toString() a "username"... can you say more about what this string is meant to represent? Typically, security origins are URLs (but not always), so I'd like to better understand what it is for media streams. How will the consumer of this string make use of this field? Are you saying that it will just be treated in opaque fashion? What is its purpose then?
Tommy Widenflycht
Comment 5 2012-02-13 08:49:26 PST
It is partly a platform violation but the main reason is that we need it in string form only so I'm changing to to the correct type. The URL is used in the ice negotiation as a little security.
Adam Barth
Comment 6 2012-02-13 09:10:02 PST
Seems fine. What is the string called in the spec? As much as possible, we should try to reuse names from the spec in the implementation.
Tommy Widenflycht
Comment 7 2012-02-13 09:14:12 PST
It's called username. Quote: "The long-term username for the STUN or TURN server is the ASCII serialization of the entry script's origin;"
Adam Barth
Comment 8 2012-02-13 09:41:46 PST
Great.
Tommy Widenflycht
Comment 9 2012-02-15 04:42:49 PST
FYI I discussed with Harald who said that the username will have to be specified when creating the PeerConnection object instead of taking the SecurityOrigin in a future revision of the specification. Yet another reason to do this change now.
WebKit Review Bot
Comment 10 2012-02-15 17:35:17 PST
Comment on attachment 126510 [details] Patch Clearing flags on attachment: 126510 Committed r107861: <http://trac.webkit.org/changeset/107861>
WebKit Review Bot
Comment 11 2012-02-15 17:35:22 PST
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.