[FFmpeg-devel] [PATCH] [RFC] avformat: Add basic same origin check
Rémi Denis-Courmont
remi at remlab.net
Wed May 3 14:16:03 EEST 2023
Nit: different
But is there an actual threat model whence it is necessary or even useful for a media framework to implement origin policies? On top of my head, this can be used by content providers to prevent third parties from referencing their media files... but that seems user-hostile; it does not provide any security for the user of FFmpeg.
I could be wrong, but IMU, origin policy is meant to prevent harmful embedding of images and frames, and to prevent cross-site scripting, but FFmpeg doesn't support either if these anyway, so it's not concerned.
More information about the ffmpeg-devel
mailing list