[FFmpeg-devel] [PATCH] [RFC] avformat: Add basic same origin check
Anton Khirnov
anton at khirnov.net
Wed May 3 12:26:40 EEST 2023
Quoting Michael Niedermayer (2023-05-02 23:15:46)
> the problem with default-disabled is that the user needs to know
> 1. that the option exist
> 2. what the option does
> 3. what an attacker can do with such urls
> 4. that its not enabled by default
>
> OTOH if its enabled by default, the worst it can do is fail with a error
> the user can lookup the error and disable the option
>
> but i may be missing something here, also comments both from people
> who regularly work with hls and anything else contaning urls in files
> and also people who dealt with any related attacks is welcome.
>
> The goal is that this actually does something useful in reality.
This changes behavior in an incompatible way, so IMO this should happen
on a major bump. There should also be a note in the changelog.
Perhaps there could be a special 'auto' value that would initially
default to no effect, but would print a warning if a URL would stop
working after the bump.
--
Anton Khirnov
More information about the ffmpeg-devel
mailing list