Polyfill returns misleading CBCS

[baseballbrad3]

Have you read the FAQ and checked for duplicate open issues?
Yes

What version of Shaka Player are you using?
4.2.1

Can you reproduce the issue with our latest release version?
Yes

Can you reproduce the issue with the latest code from main?
Yes, via https://nightly-dot-shaka-player-demo.appspot.com/demo/

Are you using the demo app or your own custom app?
Reproducible in both

If custom app, can you reproduce the issue using our demo app?
Yes

What browser and OS are you using?
Windows 10 - Firefox 104.0.2
macOS 10.15.7 - Firefox 104.0.2

For embedded devices (smart TVs, etc.), what model and firmware version are you using?
N/A

What are the manifest and license server URIs?
N/A

What configuration are you using? What is the output of player.getConfiguration()?
N/A

What did you do?
I probed Firefox for support of Widevine CBCS after applying the Shaka Polyfills (shaka.polyfill.installAll()). The behavior is the same if in a code file or in the dev tools console.

const config = [
  {
    label: 'cbcs support',
    audioCapabilities: [
      {
        contentType: `audio/mp4; codecs="mp4a.40.2"`,
        encryptionScheme: 'cbcs',
        robustness: 'SW_SECURE_CRYPTO',
      },
    ],
    videoCapabilities: [
      {
        contentType: `video/mp4;codecs="avc1.42E01E"`,
        encryptionScheme: 'cbcs',
        robustness: 'SW_SECURE_CRYPTO',
      },
    ],
  },
];

await navigator.requestMediaKeySystemAccess('com.widevine.alpha', config);

What did you expect to happen?
I expected Firefox to report that this config object was a supported configuration. Running the same code block in Firefox's dev tools console on a page without the polyfills applied indicates that it is a supported configuration. It's worth noting that Chrome/Edge do work after the polyfill.

What actually happened?
An exception is thrown indicating that it is not a supported configuration:
Uncaught (in promise) NotSupportedError: Unsupported keySystem or supportedConfigurations.

I made a Stack Blitz showing that when ran with Firefox, the native navigator.requestMediaKeySystemAccess indicates support, while after applying the polyfill, it is not supported.
https://shaka-player-eme-polyfill-cbcs-issue.stackblitz.io/
https://stackblitz.com/edit/shaka-player-eme-polyfill-cbcs-issue?file=index.js&view=editor
(Note that their editor's preview iframe doesn't provide permissions for encrypted-media, so it must be opened in a new tab)

We're undergoing an effort to remove any OS version detection in favor of feature detection as the User Agent is becoming unreliable. We're detecting CBCS support with similar code to the example in the Stack Blitz, which is working with the exception of Firefox. The current workaround is to get a reference to the native navigator.requestMediaKeySystemAccess prior to the polyfill being applied, calling that reference, then falling back to the post-polyfilled navigator.requestMediaKeySystemAccess if the native version doesn't indicate success.

[joeyparrish]

I'm using Firefox 125 on Ubuntu, and I find that when you query encryptionScheme support through EME, it does not recognize the field at all. IIRC, this is what is triggering the polyfill to activate.

Note that DRM decryption support is separate from the ability to query it. The CDM may be able to decrypt CBCS, but the browser may not understand the query or consider the encryptionScheme field.

I'll double-check the status through MCap as well, in case Firefox implemented encryptionScheme support in that API only.

[joeyparrish]

Open bug for encryptionScheme implementation in Firefox: https://bugzilla.mozilla.org/show_bug.cgi?id=1860910

[joeyparrish]

CBCS support in Firefox seems to have been added around late 2018.

[joeyparrish]

I'm migrating this issue to the polyfill repo.

[joeyparrish]

Firefox 125 doesn't support encryptionScheme checks in EME or in MediaCapabilities. So there is no way to check for this at runtime. The polyfill has to be in play on Firefox.

So the only thing we can do is to have the polyfill check the Firefox version number and return different results based on that.

I expected Firefox to report that this config object was a supported configuration. Running the same code block in Firefox's dev tools console on a page without the polyfills applied indicates that it is a supported configuration. It's worth noting that Chrome/Edge do work after the polyfill.

What you're overlooking by doing that is that on Firefox, we can query a completely fictional encryption scheme and it will still report supported: true. It is ignoring the field completely. You can also tell it is ignored by checking decodingInfo.keySystemAccess.getConfiguration().videoCapabilities[0]. If encryptionScheme isn't there, it wasn't checked.

The polyfill uses this fact (missing encryptionScheme in the results) to know when to activate its own logic to check encryptionScheme against assumptions made for each browser. And since Firefox is the only one that shipped CBCS support for multiple years without a way to query it... the best we can do in the polyfill is check the Firefox version at runtime.

[avelad]

The feature can be enabled in Firefox in about:config with media.eme.encrypted-media-encryption-scheme.enabled