[FFmpeg-devel] [PATCH] [RFC] avformat: Add basic same origin check
Michael Niedermayer
michael at niedermayer.cc
Thu May 4 01:26:03 EEST 2023
On Wed, May 03, 2023 at 11:01:43PM +0200, Timo Rothenpieler wrote:
> On 03.05.2023 21:08, Michael Niedermayer wrote:
> > > > > A quick check for example shows that even something as simple as the
> > > > > HLS BBC Radio streams will fail _all_ checks, since the playlists are
> > > > > hosted on another host entirely as the media, thanks to akamai live
> > > > > streaming.
> > > > > Playlist here, as an example:
> > > > > http://a.files.bbci.co.uk/media/live/manifesto/audio/simulcast/hls/nonuk/sbr_low/ak/bbc_radio_one.m3u8
> > > >
> > > > yes, thats why it says RFC in the subject, i had expected that a bit already
> > > >
> > > > still OTOH, blocking these by default is the safer option, i mean if a user
> > > > does a
> > > > ./ffplay http://trustedfoobar.org/cutevideo.avi
> > > >
> > > > would she expect that video to access http://127.0.0.1/ and later http://evilhost/localwebscan-success
> > > > I think this should not be possible by default settings, its unexpected
> > > >
> > >
> > > Coming from the other side -- If the user needs to set the flag for
> > > nearly all streams, then they are not going to check in the future and
> > > just set it, defeating the purpose of them. At which point we might as
> > > well not burden them.
> >
> > Yes, we need a system that is secure and works in most cases.
>
> What about doing what actual browsers do, and reading the
> Access-Control-Allow-Origin HTTP header, and checking if the current origin
> is allowed?
>
> This does not really work for local files. Best you could do is check for
> "*" or not.
> But would at least fix the BBC+Akamai case.
I like the idea, do you want to implement it ?
thx
[...]
--
Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB
Everything should be made as simple as possible, but not simpler.
-- Albert Einstein
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
URL: <https://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20230504/3f0c4f1e/attachment.sig>
More information about the ffmpeg-devel
mailing list