Global support for sand-boxed custom apps

[ianopolous]

We would like global support for an exfiltration proof sandbox for running custom apps in Peergos in the browser, including on localhost. Our design uses iframes on random subdomains which are sand-boxed using CSP and COOP, COEP. This works in Firefox and Chrome based browsers (modulo webrtc based exfiltration), but not at all in Safari. We describe the architecture, motivation and use case more in this talk.

There are three high level issues blocking this at the moment. The first is stopping exfiltration via webrtc. This is discussed in the web spec here.

The browser issues for implementing the CSP webrtc switch are Chrome, Firefox and Safari.

The 2nd issue is safari not enabling service workers and writable streams in a sand-boxed iframe. We have written a demo for this on both localhost and a public domain here: https://github.com/Peergos/iframe-sw-streams (The public example is at https://safaribug.peergos.com/

The 3rd issue is safari not supporting localhost subdomains.

[ianopolous]

The 2nd and 3rd issues seem to be solved in the latest Safari!!!!! This means custom peergos apps now work fully in Safari on MacOS and iOS!!!!

[ianopolous]

It seems like the 3rd issue was not actually fixed yet. But 2nd was the main issue for Peergos. Custom apps now run on Safari for public domains.