From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org [79.124.17.100]) by master.gitmailbox.com (Postfix) with ESMTP id 7416545CA7 for ; Wed, 3 May 2023 09:26:50 +0000 (UTC) Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 44A5168BD27; Wed, 3 May 2023 12:26:48 +0300 (EEST) Received: from mail0.khirnov.net (red.khirnov.net [176.97.15.12]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 8AFEE68B649 for ; Wed, 3 May 2023 12:26:41 +0300 (EEST) Received: from localhost (localhost [IPv6:::1]) by mail0.khirnov.net (Postfix) with ESMTP id 1CB8C2404EC for ; Wed, 3 May 2023 11:26:41 +0200 (CEST) Received: from mail0.khirnov.net ([IPv6:::1]) by localhost (mail0.khirnov.net [IPv6:::1]) (amavisd-new, port 10024) with ESMTP id OTUwmGyDaB8n for ; Wed, 3 May 2023 11:26:40 +0200 (CEST) Received: from lain.khirnov.net (lain.khirnov.net [IPv6:2001:67c:1138:4306::3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "lain.khirnov.net", Issuer "smtp.khirnov.net SMTP CA" (verified OK)) by mail0.khirnov.net (Postfix) with ESMTPS id 8A5EF240177 for ; Wed, 3 May 2023 11:26:40 +0200 (CEST) Received: by lain.khirnov.net (Postfix, from userid 1000) id 6E8DE1601B2; Wed, 3 May 2023 11:26:40 +0200 (CEST) From: Anton Khirnov To: FFmpeg development discussions and patches In-Reply-To: <20230502211546.GB1391451@pb2> References: <20230502193631.10844-1-michael@niedermayer.cc> <20230502201627.GA1391451@pb2> <20230502211546.GB1391451@pb2> Mail-Followup-To: FFmpeg development discussions and patches Date: Wed, 03 May 2023 11:26:40 +0200 Message-ID: <168310600042.3843.5516265915136683107@lain.khirnov.net> User-Agent: alot/0.8.1 MIME-Version: 1.0 Subject: Re: [FFmpeg-devel] [PATCH] [RFC] avformat: Add basic same origin check X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" Archived-At: List-Archive: List-Post: Quoting Michael Niedermayer (2023-05-02 23:15:46) > the problem with default-disabled is that the user needs to know > 1. that the option exist > 2. what the option does > 3. what an attacker can do with such urls > 4. that its not enabled by default > > OTOH if its enabled by default, the worst it can do is fail with a error > the user can lookup the error and disable the option > > but i may be missing something here, also comments both from people > who regularly work with hls and anything else contaning urls in files > and also people who dealt with any related attacks is welcome. > > The goal is that this actually does something useful in reality. This changes behavior in an incompatible way, so IMO this should happen on a major bump. There should also be a note in the changelog. Perhaps there could be a special 'auto' value that would initially default to no effect, but would print a warning if a URL would stop working after the bump. -- Anton Khirnov _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".