Confirmed users
632
edits
Loop/Architecture/Fingerprint Validation: Difference between revisions
Jump to navigation
Jump to search
Loop/Architecture/Fingerprint Validation (view source)
Revision as of 18:53, 24 September 2015
, 24 September 2015→Client Behavior
| Line 118: | Line 118: | ||
Much of the required client behavior is implied by the network API; however, to be explicit, this section describes the expected client behavior. | Much of the required client behavior is implied by the network API; however, to be explicit, this section describes the expected client behavior. | ||
Prior to loading the OpenTok SDK, the client will override window.RTCPeerConnection (or the appropriate prefixed variant, if present). The overridden function will call the original constructor, override the setLocalDescription and setRemoteDescription methods on the newly created object, and return the modified PeerConnection. The overrides of setLocalDescription and setRemoteDescription will perform exfiltration and comparison of fingerprints, respectively. See [#Proof-of-Concept Monkeypatch Shim] for an example of how this might look. | Prior to loading the OpenTok SDK, the client will override window.RTCPeerConnection (or the appropriate prefixed variant, if present). The overridden function will call the original constructor, override the setLocalDescription and setRemoteDescription methods on the newly created object, and return the modified PeerConnection. The overrides of setLocalDescription and setRemoteDescription will perform exfiltration and comparison of fingerprints, respectively. See [[#Proof-of-Concept Monkeypatch Shim]] for an example of how this might look. | ||
In more detail: when the setLocalDescription shim is called, it extracts the fingerprint attribute from the SDP that was passed to that function, and enqueues it to be sent to the Loop server (e.g., using <tt>setTimeout(...,0)</tt>). The fingerprint is sent using a "POST /rooms/{token}" request, with action=newpc, as described in [#Uploading PeerConnection Fingerprints] | In more detail: when the setLocalDescription shim is called, it extracts the fingerprint attribute from the SDP that was passed to that function, and enqueues it to be sent to the Loop server (e.g., using <tt>setTimeout(...,0)</tt>). The fingerprint is sent using a "POST /rooms/{token}" request, with action=newpc, as described in [#Uploading PeerConnection Fingerprints] | ||