Re: [webkit-dev] Proposed feature: Network Service Discovery
Hi Anders, The JS object extension hooks you are mentioning looks interesting. Do you know where I can get some more information about it? IHMO, this feature is not yet mature and stable enough to be added into WebKit right now. I hope it gets improved further so that the functionality can be actually brought into WebKit in the future. As a side information, there is a thread on the Blink mailing list on that particular topic: https://groups.google.com/a/chromium.org/forum/#!searchin/blink-dev/network$20service$20discovery/blink-dev/HT0KZKuTLxM/S3w-SdvjZfUJ Regards, Youenn 2013/9/6 Anders Carlsson ander...@apple.com I agree. This also seems like it’s something that could be implemented by a client application using our JS object extension hooks without touching WebKit at all. - Anders On Sep 6, 2013, at 10:30 AM, Simon Fraser simon.fra...@apple.com wrote: Perhaps before we spend any more time discussing the security implications of Network Service Discovery, we should decide whether it fits with the goals of the WebKit project: https://www.webkit.org/projects/goals.html It’s not at all clear to me that it does. Simon On Sep 6, 2013, at 9:59 AM, Oliver Hunt oli...@apple.com wrote: On Sep 6, 2013, at 9:44 AM, youenn fablet youe...@gmail.com wrote: Hi Ryosuke, The two points you are mentioning make sense to me. ** For starters, most of users wouldn't even know what a local network is; let alone what discovering media sources, etc... mean. Most users may not be able to understand what means “discover local network DACP servers”. But if a user is requested to grant/deny access to “Bob music library” service (the service being a DACP server), the situation seems getting better. The spec is a work in progress and may be improved. For the sake of argument let's say this discovery is allowed to occur. How do you talk to Bob music library without the web page sending raw data to/from the DACP server? --Oliver ___ webkit-dev mailing list webkit-dev@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-dev ___ webkit-dev mailing list webkit-dev@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-dev ___ webkit-dev mailing list webkit-dev@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-dev ___ webkit-dev mailing list webkit-dev@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-dev
Re: [webkit-dev] Proposed feature: Network Service Discovery
I also don't think it should be added to WebKit. In addition to other reasons stated, the spec has obvious severe security risks which are not adequately addressed by a permissions dialog. Section 7 of the spec allows a webpage to bypass the same-origin security model to communicate with discovered services via HTTP. Discovery is via ZeroConf, UPnP or DIAL. Consider that this will include things like printers, routers, intranet servers, and other devices where access to the http interface is potentially very dangerous. The spec is supposedly designed for media servers, but nothing limits it to that. In addition to the obviously dangerous cases (reconfiguring your home router), most devices intended for use on a home network or firewalled intranet have many security vulnerabilities and could be exploited by throwing untrusted data at them. Regards, Maciej On Sep 6, 2013, at 2:21 PM, Benjamin Poulain benja...@webkit.org wrote: +1 After the concerns raised, I am not convinced the feature fits into the engine. I am also not convinced this needs WebKit support to be implemented. Benjamin On 9/6/13 10:39 AM, Anders Carlsson wrote: I agree. This also seems like it’s something that could be implemented by a client application using our JS object extension hooks without touching WebKit at all. - Anders On Sep 6, 2013, at 10:30 AM, Simon Fraser simon.fra...@apple.com wrote: Perhaps before we spend any more time discussing the security implications of Network Service Discovery, we should decide whether it fits with the goals of the WebKit project: https://www.webkit.org/projects/goals.html It’s not at all clear to me that it does. Simon On Sep 6, 2013, at 9:59 AM, Oliver Hunt oli...@apple.com wrote: On Sep 6, 2013, at 9:44 AM, youenn fablet youe...@gmail.com wrote: Hi Ryosuke, The two points you are mentioning make sense to me. For starters, most of users wouldn't even know what a local network is; let alone what discovering media sources, etc... mean. Most users may not be able to understand what means “discover local network DACP servers”. But if a user is requested to grant/deny access to “Bob music library” service (the service being a DACP server), the situation seems getting better. The spec is a work in progress and may be improved. For the sake of argument let's say this discovery is allowed to occur. How do you talk to Bob music library without the web page sending raw data to/from the DACP server? --Oliver ___ webkit-dev mailing list webkit-dev@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-dev ___ webkit-dev mailing list webkit-dev@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-dev ___ webkit-dev mailing list webkit-dev@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-dev ___ webkit-dev mailing list webkit-dev@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-dev
Re: [webkit-dev] Proposed feature: Network Service Discovery
Hi Brendan, I am also interested in that feature and am actually working on an implementation of it. The implementation, which is behind a specific flag, is currently usable for simple demos on linux environment. My initial plan was to publish it in a couple of weeks when being stabilized, probably on github. Maybe we can team up? Regards, Youenn ___ webkit-dev mailing list webkit-dev@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-dev
Re: [webkit-dev] Proposed feature: Network Service Discovery
Hi Ryosuke, The two points you are mentioning make sense to me. ** For starters, most of users wouldn't even know what a local network is; let alone what discovering media sources, etc... mean. Most users may not be able to understand what means “discover local network DACP servers”. But if a user is requested to grant/deny access to “Bob music library” service (the service being a DACP server), the situation seems getting better. The spec is a work in progress and may be improved. It's also a very good way to finger-print users. How many users have the same set of speakers, etc... let alone the same set of media contents. ** That is a valid point. Fingerprinting based on the information gathered by the discovery process may be adjusted. In particular, one may minimize the exposure to web applications of the information gathered from the discovery scan. Fingerprinting based on XHR exchanges with granted local services seems more difficult to defeat. Note though that the fingerprinting web application would need to be granted access to the same service each time it wants to fingerprint the user. This probably makes it less appealing than existing strategies such as JS/canvas-based fingerprinting. Regards, Youenn ___ webkit-dev mailing list webkit-dev@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-dev
Re: [webkit-dev] Proposed feature: Network Service Discovery
Perhaps before we spend any more time discussing the security implications of Network Service Discovery, we should decide whether it fits with the goals of the WebKit project: https://www.webkit.org/projects/goals.html It’s not at all clear to me that it does. Simon On Sep 6, 2013, at 9:59 AM, Oliver Hunt oli...@apple.com wrote: On Sep 6, 2013, at 9:44 AM, youenn fablet youe...@gmail.com wrote: Hi Ryosuke, The two points you are mentioning make sense to me. For starters, most of users wouldn't even know what a local network is; let alone what discovering media sources, etc... mean. Most users may not be able to understand what means “discover local network DACP servers”. But if a user is requested to grant/deny access to “Bob music library” service (the service being a DACP server), the situation seems getting better. The spec is a work in progress and may be improved. For the sake of argument let's say this discovery is allowed to occur. How do you talk to Bob music library without the web page sending raw data to/from the DACP server? --Oliver ___ webkit-dev mailing list webkit-dev@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-dev ___ webkit-dev mailing list webkit-dev@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-dev
Re: [webkit-dev] Proposed feature: Network Service Discovery
I agree. This also seems like it’s something that could be implemented by a client application using our JS object extension hooks without touching WebKit at all. - Anders On Sep 6, 2013, at 10:30 AM, Simon Fraser simon.fra...@apple.com wrote: Perhaps before we spend any more time discussing the security implications of Network Service Discovery, we should decide whether it fits with the goals of the WebKit project: https://www.webkit.org/projects/goals.html It’s not at all clear to me that it does. Simon On Sep 6, 2013, at 9:59 AM, Oliver Hunt oli...@apple.com wrote: On Sep 6, 2013, at 9:44 AM, youenn fablet youe...@gmail.com wrote: Hi Ryosuke, The two points you are mentioning make sense to me. For starters, most of users wouldn't even know what a local network is; let alone what discovering media sources, etc... mean. Most users may not be able to understand what means “discover local network DACP servers”. But if a user is requested to grant/deny access to “Bob music library” service (the service being a DACP server), the situation seems getting better. The spec is a work in progress and may be improved. For the sake of argument let's say this discovery is allowed to occur. How do you talk to Bob music library without the web page sending raw data to/from the DACP server? --Oliver ___ webkit-dev mailing list webkit-dev@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-dev ___ webkit-dev mailing list webkit-dev@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-dev ___ webkit-dev mailing list webkit-dev@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-dev
Re: [webkit-dev] Proposed feature: Network Service Discovery
On 09/06/2013 10:59 AM, Oliver Hunt wrote: On Sep 6, 2013, at 9:44 AM, youenn fablet youe...@gmail.com mailto:youe...@gmail.com wrote: For starters, most of users wouldn't even know what a local network is; let alone what discovering media sources, etc... mean. Most users may not be able to understand what means discover local network DACP servers. But if a user is requested to grant/deny access to Bob music library service (the service being a DACP server), the situation seems getting better. The spec is a work in progress and may be improved. For the sake of argument let's say this discovery is allowed to occur. How do you talk to Bob music library without the web page sending raw data to/from the DACP server? The spec isn't very clear about how the permissions work, but I think we could protect users from accidentally giving permission and fingerprinting by making the permissions work like this: * When prompting the user for permission, get the list of discovered services and ask the user if they want to give the application access to any of them. An implementation could using checkboxes, for example, but with the default state being unchecked. If the user clicks ok without looking at it, the result is an empty list. * Remove PERMISSION_DENIED_ERR. If permission is denied, just return an empty object. This way, a JavaScript application can't tell the difference between an empty network and not having permission to see any of the services. I'll look into proposing this change to the spec. signature.asc Description: OpenPGP digital signature ___ webkit-dev mailing list webkit-dev@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-dev
Re: [webkit-dev] Proposed feature: Network Service Discovery
+1 After the concerns raised, I am not convinced the feature fits into the engine. I am also not convinced this needs WebKit support to be implemented. Benjamin On 9/6/13 10:39 AM, Anders Carlsson wrote: I agree. This also seems like it’s something that could be implemented by a client application using our JS object extension hooks without touching WebKit at all. - Anders On Sep 6, 2013, at 10:30 AM, Simon Fraser simon.fra...@apple.com mailto:simon.fra...@apple.com wrote: Perhaps before we spend any more time discussing the security implications of Network Service Discovery, we should decide whether it fits with the goals of the WebKit project: https://www.webkit.org/projects/goals.html It’s not at all clear to me that it does. Simon On Sep 6, 2013, at 9:59 AM, Oliver Hunt oli...@apple.com mailto:oli...@apple.com wrote: On Sep 6, 2013, at 9:44 AM, youenn fablet youe...@gmail.com mailto:youe...@gmail.com wrote: Hi Ryosuke, The two points you are mentioning make sense to me. For starters, most of users wouldn't even know what a local network is; let alone what discovering media sources, etc... mean. Most users may not be able to understand what means “discover local network DACP servers”. But if a user is requested to grant/deny access to “Bob music library” service (the service being a DACP server), the situation seems getting better. The spec is a work in progress and may be improved. For the sake of argument let's say this discovery is allowed to occur. How do you talk to Bob music library without the web page sending raw data to/from the DACP server? --Oliver ___ webkit-dev mailing list webkit-dev@lists.webkit.org mailto:webkit-dev@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-dev ___ webkit-dev mailing list webkit-dev@lists.webkit.org mailto:webkit-dev@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-dev ___ webkit-dev mailing list webkit-dev@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-dev
Re: [webkit-dev] Proposed feature: Network Service Discovery
On Sep 6, 2013, at 9:44 AM, youenn fablet youe...@gmail.com wrote: Hi Ryosuke, The two points you are mentioning make sense to me. For starters, most of users wouldn't even know what a local network is; let alone what discovering media sources, etc... mean. Most users may not be able to understand what means “discover local network DACP servers”. But if a user is requested to grant/deny access to “Bob music library” service (the service being a DACP server), the situation seems getting better. The spec is a work in progress and may be improved. For the sake of argument let's say this discovery is allowed to occur. How do you talk to Bob music library without the web page sending raw data to/from the DACP server? --Oliver___ webkit-dev mailing list webkit-dev@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-dev
Re: [webkit-dev] Proposed feature: Network Service Discovery
30.08.2013, в 15:53, Dirk Pranke dpra...@chromium.org написал(а): The draft does contain the sentence Web pages should not be able to communicate with Local-networked Services that have not been authorized by the user thereby maintaining the user's privacy in the use cases section; this should definite be emphasized and fleshed out, in a security section. How does the user know what they're doing? If there's an ad/unescaped comment containing something malicious should a remote site be able to know what services you have in your internal network? I'm not sure I understand your question, but I'm talking about the user having to opt-in to disclosing services, similar to the opt-ins we do for geolocation, media capture, local files, etc., e.g., Spotify would like to know if you have any local media receivers, etc. ... Would you like to install malware onto all networked printers in your office? Please click OK to get rid of this dialog, and finally start the browser game you want to play. - WBR, Alexey Proskuryakov ___ webkit-dev mailing list webkit-dev@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-dev
Re: [webkit-dev] Proposed feature: Network Service Discovery
As far as I read the spec, websites can't probe the local network. The UAs
are supposed to do that periodically and expose the list of media services
they maintain when asked.
Having said that, I agree that I don't think asking the user whether it's
okay for a website to discover media sources or output in the local
network is not a good security model.
For starters, most of users wouldn't even know what a local network is; let
alone what discovering media sources, etc... mean.
It's also a very good way to finger-print users. How many users have the same
set of speakers, etc... let alone the same set of media contents.
- R. Niwa
On Saturday, August 31, 2013, Alexey Proskuryakov wrote:
30.08.2013, в 15:53, Dirk Pranke dpra...@chromium.org javascript:_e({},
'cvml', 'dpra...@chromium.org'); написал(а):
The draft does contain the sentence Web pages should not be able to
communicate with Local-networked Services that have not been authorized by
the user thereby maintaining the user's privacy in the use cases section;
this should definite be emphasized and fleshed out, in a security section.
How does the user know what they're doing? If there's an ad/unescaped
comment containing something malicious should a remote site be able to know
what services you have in your internal network?
I'm not sure I understand your question, but I'm talking about the user
having to opt-in to disclosing services, similar to the opt-ins we do for
geolocation, media capture, local files, etc., e.g., Spotify would like to
know if you have any local media receivers, etc. ...
Would you like to install malware onto all networked printers in your
office? Please click OK to get rid of this dialog, and finally start the
browser game you want to play.
- WBR, Alexey Proskuryakov
--
- R. Niwa
___
webkit-dev mailing list
webkit-dev@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-dev
Re: [webkit-dev] Proposed feature: Network Service Discovery
On Aug 30, 2013, at 9:15 AM, Brendan Long s...@brendanlong.com wrote: On 08/29/2013 05:45 PM, Benjamin Poulain wrote: Can you explain a bit what it is for? What are the common use cases? This would be useful for certain kinds of web apps. For example,a music website like Pandora or Spotify could allow users to include music on their local network. Or a service like Netflix could include local network movies (on networked hard drives, or DVR's) in their search results, and play them from the same interface. Here's my concern - if you say a service like x might want to search for something, that is better described as a random website. That may be something the user wants, alternatively it could be something evil. It could also be something evil embedded in an ad on the site a user trusts. My concern here is that as a web spec this essentially acts as a way for arbitrary web content from any source to perform a network scan of your local machine and get data about your internal network topology and services from inside your firewall. That's a really scary concept to me. --Oliver ___ webkit-dev mailing list webkit-dev@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-dev
Re: [webkit-dev] Proposed feature: Network Service Discovery
On 08/29/2013 05:45 PM, Benjamin Poulain wrote: Can you explain a bit what it is for? What are the common use cases? This would be useful for certain kinds of web apps. For example,a music website like Pandora or Spotify could allow users to include music on their local network. Or a service like Netflix could include local network movies (on networked hard drives, or DVR's) in their search results, and play them from the same interface. Or use-case is to make a media center UI entirely in HTML5 (huge portability benefits), and to allow that UI to discovery local DLNA HTML5 Remote UI's (I'd love to put a link to what this is, but the spec isn't public and the best link is our own page http://html5.cablelabs.com/dlna-rui/index.html about it). The use-cases would probably be more interesting if browsers were able to advertise themselves, but that's not part of this spec unfortunately. I suspect that Firefox would be interested, since it fits into the Firefox OS idea, but it looks like no one has really talked to them about it yet. Who already implements it? Opera supports it http://dev.opera.com/articles/view/network-service-discovery-api-support-in-opera/ (it looks like an experimental build though). This person http://jcdufourd.wp.mines-telecom.fr/2013/05/15/network-service-discovery-api/ made a Java applet to add support to existing browsers. There's a thread on the Chromium mailing list https://groups.google.com/a/chromium.org/forum/#%21topic/blink-dev/HT0KZKuTLxM about this. It sounds like they're planning to update the spec before implementing it though, since there's some strange requirements for garbage collection and they want to do a review of the security and privacy implications. mark a. foltz said, Adam, Thanks for your feedback. (I'm working with Justin on this.) I'll summarize our response and plan. (1) Agreed that a longer discussion of the security and privacy implications of the API is warranted. Rich posted a section to the spec [1] that is a good starting point; I plan on working with the editors on minimizing the opportunities for harm, and minimizing the ability to fingerprint users of the API, which was brought up by the Chrome privacy team. (2) Rich posted an update to the spec to address the language around garbage collection. https://dvcs.w3.org/hg/dap/diff/b4b2569b4e9b/discovery-api/Overview.src.html https://dvcs.w3.org/hg/dap/diff/b4b2569b4e9b/discovery-api/Overview.src.html (3) I reviewed the last several months of list traffic and, to my ability to scan, haven't seen comments or commitment from other browser vendors. I'll let Rich fill in if there are any updates here. I think an effort to evangelize and get additional participation will be helpful to the spec as a whole. Given the current set of feedback, we plan on working with the spec editors and coming back when we feel it is ready to implement. signature.asc Description: OpenPGP digital signature ___ webkit-dev mailing list webkit-dev@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-dev
Re: [webkit-dev] Proposed feature: Network Service Discovery
On 08/29/2013 09:37 PM, Sam Weinig wrote: I don't think this belongs in WebKit, as this doesn't seem like it would ever be appropriate to expose to the Web at large. I recommend trying to find a way to layer this on top of WebKit if it is something you need to support. While our use-case is definitely possible to implement outside of WebKit, I think the spec is useful for some kinds of applications. Right now, that's mainly media-related websites, which could benefit from access to local music and videos. Even if this API was only available to privileged apps (locally installed apps, from the app store for example), it would be a benefit to app developers, because they wouldn't need to use platform-specific API's. signature.asc Description: OpenPGP digital signature ___ webkit-dev mailing list webkit-dev@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-dev
Re: [webkit-dev] Proposed feature: Network Service Discovery
On 08/30/2013 11:06 AM, Oliver Hunt wrote: Here's my concern - if you say a service like x might want to search for something, that is better described as a random website. That may be something the user wants, alternatively it could be something evil. It could also be something evil embedded in an ad on the site a user trusts. My concern here is that as a web spec this essentially acts as a way for arbitrary web content from any source to perform a network scan of your local machine and get data about your internal network topology and services from inside your firewall. That's a really scary concept to me. This would require permission from the user, but it's definitely a valid concern that: * Users frequently ok on any popup, so maybe that's not good enough. * This could be pretty scary, combined with cross-site scripting attacks (or advertising). Would this be useful in WebKit if it was only enabled for apps with special privileges (HTML apps from the app store, for example)? signature.asc Description: OpenPGP digital signature ___ webkit-dev mailing list webkit-dev@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-dev
Re: [webkit-dev] Proposed feature: Network Service Discovery
On Fri, Aug 30, 2013 at 10:06 AM, Oliver Hunt oli...@apple.com wrote: On Aug 30, 2013, at 9:15 AM, Brendan Long s...@brendanlong.com wrote: On 08/29/2013 05:45 PM, Benjamin Poulain wrote: Can you explain a bit what it is for? What are the common use cases? This would be useful for certain kinds of web apps. For example,a music website like Pandora or Spotify could allow users to include music on their local network. Or a service like Netflix could include local network movies (on networked hard drives, or DVR's) in their search results, and play them from the same interface. Here's my concern - if you say a service like x might want to search for something, that is better described as a random website. That may be something the user wants, alternatively it could be something evil. It could also be something evil embedded in an ad on the site a user trusts. My concern here is that as a web spec this essentially acts as a way for arbitrary web content from any source to perform a network scan of your local machine and get data about your internal network topology and services from inside your firewall. That's a really scary concept to me. While there are certainly security concerns that need to be clearly thought through and addressed, the spec isn't as broad as you make it sound. It picks up services that are advertising themselves, after all; you can't probe. (Unless you've noticed something in the spec I haven't; I've scanned the spec, but not read it super-carefully). Another use case for this is for devices like AppleTVs and ChromeCast ... receivers advertise themselves on the local network, and the browser (and browser-based apps) can identify available receivers that you can send media to. The draft does contain the sentence Web pages should not be able to communicate with Local-networked Services that have not been authorized by the user thereby maintaining the user's privacy in the use cases section; this should definite be emphasized and fleshed out, in a security section. -- Dirk ___ webkit-dev mailing list webkit-dev@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-dev
Re: [webkit-dev] Proposed feature: Network Service Discovery
On Aug 30, 2013, at 12:44 PM, Dirk Pranke dpra...@chromium.org wrote: On Fri, Aug 30, 2013 at 10:06 AM, Oliver Hunt oli...@apple.com wrote: On Aug 30, 2013, at 9:15 AM, Brendan Long s...@brendanlong.com wrote: On 08/29/2013 05:45 PM, Benjamin Poulain wrote: Can you explain a bit what it is for? What are the common use cases? This would be useful for certain kinds of web apps. For example,a music website like Pandora or Spotify could allow users to include music on their local network. Or a service like Netflix could include local network movies (on networked hard drives, or DVR's) in their search results, and play them from the same interface. Here's my concern - if you say a service like x might want to search for something, that is better described as a random website. That may be something the user wants, alternatively it could be something evil. It could also be something evil embedded in an ad on the site a user trusts. My concern here is that as a web spec this essentially acts as a way for arbitrary web content from any source to perform a network scan of your local machine and get data about your internal network topology and services from inside your firewall. That's a really scary concept to me. While there are certainly security concerns that need to be clearly thought through and addressed, the spec isn't as broad as you make it sound. It picks up services that are advertising themselves, after all; you can't probe. (Unless you've noticed something in the spec I haven't; I've scanned the spec, but not read it super-carefully). Define advertise? Bonjour like? UPnP? The draft does contain the sentence Web pages should not be able to communicate with Local-networked Services that have not been authorized by the user thereby maintaining the user's privacy in the use cases section; this should definite be emphasized and fleshed out, in a security section. How does the user know what they're doing? If there's an ad/unescaped comment containing something malicious should a remote site be able to know what services you have in your internal network? -- Dirk ___ webkit-dev mailing list webkit-dev@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-dev
Re: [webkit-dev] Proposed feature: Network Service Discovery
On Fri, Aug 30, 2013 at 3:48 PM, Oliver Hunt oli...@apple.com wrote: On Aug 30, 2013, at 12:44 PM, Dirk Pranke dpra...@chromium.org wrote: On Fri, Aug 30, 2013 at 10:06 AM, Oliver Hunt oli...@apple.com wrote: On Aug 30, 2013, at 9:15 AM, Brendan Long s...@brendanlong.com wrote: On 08/29/2013 05:45 PM, Benjamin Poulain wrote: Can you explain a bit what it is for? What are the common use cases? This would be useful for certain kinds of web apps. For example,a music website like Pandora or Spotify could allow users to include music on their local network. Or a service like Netflix could include local network movies (on networked hard drives, or DVR's) in their search results, and play them from the same interface. Here's my concern - if you say a service like x might want to search for something, that is better described as a random website. That may be something the user wants, alternatively it could be something evil. It could also be something evil embedded in an ad on the site a user trusts. My concern here is that as a web spec this essentially acts as a way for arbitrary web content from any source to perform a network scan of your local machine and get data about your internal network topology and services from inside your firewall. That's a really scary concept to me. While there are certainly security concerns that need to be clearly thought through and addressed, the spec isn't as broad as you make it sound. It picks up services that are advertising themselves, after all; you can't probe. (Unless you've noticed something in the spec I haven't; I've scanned the spec, but not read it super-carefully). Define advertise? Bonjour like? UPnP? Yes (the spec explicitly lists zeroconf, upnp, and dial). The draft does contain the sentence Web pages should not be able to communicate with Local-networked Services that have not been authorized by the user thereby maintaining the user's privacy in the use cases section; this should definite be emphasized and fleshed out, in a security section. How does the user know what they're doing? If there's an ad/unescaped comment containing something malicious should a remote site be able to know what services you have in your internal network? I'm not sure I understand your question, but I'm talking about the user having to opt-in to disclosing services, similar to the opt-ins we do for geolocation, media capture, local files, etc., e.g., Spotify would like to know if you have any local media receivers, etc. ... -- Dirk ___ webkit-dev mailing list webkit-dev@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-dev
[webkit-dev] Proposed feature: Network Service Discovery
We would like to implement the Network Service Discovery spec http://www.w3.org/TR/discovery-api/ in WebKIt. There's an existing bug https://bugs.webkit.org/show_bug.cgi?id=101162 (with a basic patch to show the API) in the bug tracker. This is useful to allow media applications to discover network media sources, players or DLNA remote UI's (and presumably plenty of other things). I was planning to start by implementing SSDP https://en.wikipedia.org/wiki/Simple_Service_Discovery_Protocol, using GSSDP https://wiki.gnome.org/GUPnP, targetting QtWebKit (and probably WebKitGTK and WebKit-EFL as a side-effect). The API itself is pretty simple, but I'll probably need some help fitting it into WebKit. Does anyone have any opinions about this? ___ webkit-dev mailing list webkit-dev@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-dev
Re: [webkit-dev] Proposed feature: Network Service Discovery
On 8/29/13 4:19 PM, Brendan Long wrote: We would like to implement the Network Service Discovery spec http://www.w3.org/TR/discovery-api/ in WebKIt. There's an existing bug https://bugs.webkit.org/show_bug.cgi?id=101162 (with a basic patch to show the API) in the bug tracker. This is useful to allow media applications to discover network media sources, players or DLNA remote UI's (and presumably plenty of other things). I was planning to start by implementing SSDP https://en.wikipedia.org/wiki/Simple_Service_Discovery_Protocol, using GSSDP https://wiki.gnome.org/GUPnP, targetting QtWebKit (and probably WebKitGTK and WebKit-EFL as a side-effect). The API itself is pretty simple, but I'll probably need some help fitting it into WebKit. Does anyone have any opinions about this? In any case, this will needs a build flag :) It is weird to have the web browser perform actions on the local network. I am not sure why this would ever be a good idea. Can you explain a bit what it is for? What are the common use cases? Who already implements it? Benjamin ___ webkit-dev mailing list webkit-dev@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-dev
Re: [webkit-dev] Proposed feature: Network Service Discovery
I don’t think this belongs in WebKit, as this doesn’t seem like it would ever be appropriate to expose to the Web at large. I recommend trying to find a way to layer this on top of WebKit if it is something you need to support. -Sam On Aug 29, 2013, at 4:19 PM, Brendan Long b.l...@cablelabs.com wrote: We would like to implement the Network Service Discovery spec in WebKIt. There's an existing bug (with a basic patch to show the API) in the bug tracker. This is useful to allow media applications to discover network media sources, players or DLNA remote UI's (and presumably plenty of other things). I was planning to start by implementing SSDP, using GSSDP, targetting QtWebKit (and probably WebKitGTK and WebKit-EFL as a side-effect). The API itself is pretty simple, but I'll probably need some help fitting it into WebKit. Does anyone have any opinions about this? ___ webkit-dev mailing list webkit-dev@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-dev ___ webkit-dev mailing list webkit-dev@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-dev
