From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org [79.124.17.100]) by master.gitmailbox.com (Postfix) with ESMTP id 42DB446082 for ; Wed, 3 May 2023 21:01:57 +0000 (UTC) Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id E366D68BFE9; Thu, 4 May 2023 00:01:54 +0300 (EEST) Received: from btbn.de (btbn.de [136.243.74.85]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id E571D68BF98 for ; Thu, 4 May 2023 00:01:47 +0300 (EEST) Received: from [authenticated] by btbn.de (Postfix) with ESMTPSA id 138F9132795 for ; Wed, 3 May 2023 23:01:44 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rothenpieler.org; s=mail; t=1683147704; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=l1OXqJTrwgPjCqliBOvLBmxKQ0HLWk1izaCGh2NliIQ=; b=CzJ01ecnvMaSJEoTG6SsS3qwMWrBKahfWC3zQ1AESlhf1tmPQLcCplkasTSxzcEyY32Dnb IU4ss457bCzWNnrAmBiQcwmrequq7ZhcX68OnAH+/YYWkCBoJp3KLY2FwwKSho2/ZUtZft t/6WAmq5QOHhLBtnqqGQfLmR3HQvrBBMpBhFB97Vl/QCtwL+SIP47MWB5HO1mnKGr7YOjL Ed+C7uw7Z8+wL+VV49khc0rxYK2gT531rT1fLWOXU8WNez0nd4cU0PshNcXp6NLddT/V9/ XOr3ePEm/958vL13Xqr8IfSmbEfVbewwpHkegHh8y0DkS6hzzT8A6PNqFJsjFw== Message-ID: <6b734fb1-3e03-bfde-8f74-df38229e3d66@rothenpieler.org> Date: Wed, 3 May 2023 23:01:43 +0200 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101 Thunderbird/102.10.0 To: ffmpeg-devel@ffmpeg.org References: <20230502193631.10844-1-michael@niedermayer.cc> <20230502201627.GA1391451@pb2> <20230503104941.GC1391451@pb2> <20230503190842.GF1391451@pb2> Content-Language: en-US From: Timo Rothenpieler In-Reply-To: <20230503190842.GF1391451@pb2> Subject: Re: [FFmpeg-devel] [PATCH] [RFC] avformat: Add basic same origin check X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="us-ascii"; Format="flowed" Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" Archived-At: List-Archive: List-Post: On 03.05.2023 21:08, Michael Niedermayer wrote: >>>> A quick check for example shows that even something as simple as the >>>> HLS BBC Radio streams will fail _all_ checks, since the playlists are >>>> hosted on another host entirely as the media, thanks to akamai live >>>> streaming. >>>> Playlist here, as an example: >>>> http://a.files.bbci.co.uk/media/live/manifesto/audio/simulcast/hls/nonuk/sbr_low/ak/bbc_radio_one.m3u8 >>> >>> yes, thats why it says RFC in the subject, i had expected that a bit already >>> >>> still OTOH, blocking these by default is the safer option, i mean if a user >>> does a >>> ./ffplay http://trustedfoobar.org/cutevideo.avi >>> >>> would she expect that video to access http://127.0.0.1/ and later http://evilhost/localwebscan-success >>> I think this should not be possible by default settings, its unexpected >>> >> >> Coming from the other side -- If the user needs to set the flag for >> nearly all streams, then they are not going to check in the future and >> just set it, defeating the purpose of them. At which point we might as >> well not burden them. > > Yes, we need a system that is secure and works in most cases. What about doing what actual browsers do, and reading the Access-Control-Allow-Origin HTTP header, and checking if the current origin is allowed? This does not really work for local files. Best you could do is check for "*" or not. But would at least fix the BBC+Akamai case. _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".