Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Make RTCCertificate unusable by other origins #1870

Merged
merged 2 commits into from
May 17, 2018
Merged

Make RTCCertificate unusable by other origins #1870

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
85e474d
Make RTCCertificate unusable by other origins
martinthomson May 4, 2018
20a511e
clone -> cloning, fashion -> manner
aboba May 17, 2018
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
16 changes: 13 additions & 3 deletions webrtc.html
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -972,7 +972,8 @@ <h4>Constructor</h4>
<p>If the <code>certificates</code> value in
<var>configuration</var> is non-empty, check that
the <code>expires</code> on each value is in the future. If a
certificate has expired, <a>throw</a> an
certificate has expired or a the [[\Origin]] internal slot of
the certificate does not match the current origin, <a>throw</a> an
<code>InvalidAccessError</code>; otherwise, store the certificates.
If no <code>certificates</code> value was specified, one or more
new <code>RTCCertificate</code> instances are generated for use
Expand Down Expand Up @@ -4572,9 +4573,10 @@ <h2><dfn>RTCCertificate</dfn> Interface</h2>
<p>The <code>RTCCertificate</code> interface represents a
certificate used to authenticate WebRTC communications. In addition to
the visible properties, internal slots contain a handle to the
generated private keying materal (<dfn>[[\KeyingMaterial]]</dfn>) and a certificate
generated private keying materal (<dfn>[[\KeyingMaterial]]</dfn>), a certificate
(<dfn>[[\Certificate]]</dfn>]]) that <code>RTCPeerConnection</code>
uses to authenticate with a peer.</p>
uses to authenticate with a peer, and the origin (<dfn>[[\Origin]]</dfn>)
that created the object.</p>
<div>
<pre class="idl">[Exposed=Window] interface RTCCertificate {
readonly attribute DOMTimeStamp expires;
Expand Down Expand Up @@ -4661,7 +4663,15 @@ <h2>Methods</h2>
refer to the same private keying material represented by the
<a>[[\KeyingMaterial]]</a> internal slot of <var>input</var>.
</li>
<li>Let the <a>[[\Origin]]</a> internal slot of <var>output</var>
be a copy of the <a>[[\Origin]]</a> internal slot of <var>input</var>.
</li>
</ol>
<p class="note">Supporting structured cloning in this manner
allows <a>RTCCertificate</a> instances to be persisted to stores. It
also allows instances to be passed to other origins using APIs
like <a>postMessage</a> [[!webmessaging]]. However, the object cannot
be used by any other origin than the one that originally created it.</p>
</section>
</section>
</section>
Expand Down