WebRTC circumvention #588
Comments
|
How does uBlock Origin pull it off? |
|
It does not. uBO (and ABP will also do it soon) used the approach from the comment below. Not the best thing to do as it might break some websites functionality, the desktop programs $network approach is much "cleaner", but I guess there's nothing better we can do in the browser extensions. |
|
It seems that the only way is to break WebRTC for the chosen website, and if they are trying to circumvent it with the "frames" approach, block it by using Content-Security-Policy. The same as what we did with WebSocket issue some time ago. |
I was going to say, it does too (as an advanced/privacy option)! Killing WebRTC would be great, especially for those using VPNs (e.g. like I do in a Windows 10 VM and on Arch Linux with the Adguard browser extensions). |
Nah, that's tweaking some
Frankly, I am more concerned about the ad reinjection now, there're a lot of websites exploiting webrtc in order to load ads metadata. |
|
We've just had an interesting discussion about this case with uBO and ABP devs. @atropnikov please take a look: It makes sense to implement the proposed way for disabling wrapping right away. Whichever common approach is agreed, we'll be able to reuse the implementation:
Also, we should come up with something in the desktop programs case. Wrapping RTC does not make much sense there, but we could at least transform $webrtc rules into the $network rules automatically. |
|
A bit more information about it. Test website: Chromium bug: Discussion about CSP: |
WebRTC contentWindow circumvention #588
…AG-1192 to master * commit 'be1e461dffff6a9498828a561639db40675f1bea': update scriptlets to v1.1.5
We do take care of it in the standalone programs with $network rules.
Browser extensions cannot do it, so we should figure out another way. For instance, we could override RTCPeerConnection objects, just like what we do for WebSocket.
The text was updated successfully, but these errors were encountered: