navigator.mediaDevices.enumerateDevices() not working from non-https origins |
|||||
Issue description
navigator.mediaDevices.enumerateDevices() crashes the tab if called
from a non-https: orign, I could repro on Mac Canary (56.0.2902.0)
with this line, in an about:blank page; e.g.:
navigator.mediaDevices.enumerateDevices().then((devices) => {
devices.forEach(function(device) { console.log(device); })})
I noticed this because [1] is failing consistently,
which disables a few content_browsertests/chrome_browsertests:
https://cs.chromium.org/search/?q=IsWebcamAvailableOnSystem&sq=package:chromium&type=cs
[1] https://cs.chromium.org/chromium/src/content/public/test/browser_test_utils.cc?q=kHasVideoInputDeviceOnSystem&sq=package:chromium&l=430&dr=CSs
[72106:41987:1027/151758:ERROR:media_stream_manager.cc(1977)] MSM: Renderer requested a URL it's not allowed to use.
[72106:1295:1027/151758:ERROR:bad_message.cc(23)] Terminating renderer for bad IPC message, reason 142
[72106:41987:1027/151758:FATAL:interface_endpoint_client.cc(32)] Check failed: !is_valid. The callback passed to MediaDevicesDispatcherHost::EnumerateDevices() was never run.
0 libbase.dylib 0x0000000122cfd3ce _ZN4base5debug10StackTraceC2Ev + 30
1 libbase.dylib 0x0000000122cfd435 _ZN4base5debug10StackTraceC1Ev + 21
2 libbase.dylib 0x0000000122d96360 _ZN7logging10LogMessageD2Ev + 80
3 libbase.dylib 0x0000000122d93f15 _ZN7logging10LogMessageD1Ev + 21
4 libbindings.dylib 0x000000012535ac5b _ZN4mojo12_GLOBAL__N_115DCheckIfInvalidERKN4base7WeakPtrINS_23InterfaceEndpointClientEEERKNSt3__112basic_stringIcNS7_11char_traitsIcEENS7_9allocatorIcEEEE + 315
5 libbindings.dylib 0x0000000125359d12 _ZN4mojo12_GLOBAL__N_114ResponderThunk13DCheckInvalidERKNSt3__112basic_stringIcNS2_11char_traitsIcEENS2_9allocatorIcEEEE + 98
6 libcontent.dylib 0x000000012908546f _ZN5mojom60MediaDevicesDispatcherHost_EnumerateDevices_ProxyToResponderD2Ev + 1135
7 libcontent.dylib 0x0000000129084ff5 _ZN5mojom60MediaDevicesDispatcherHost_EnumerateDevices_ProxyToResponderD1Ev + 21
8 libcontent.dylib 0x0000000129084fbf _ZN4base8internal13PassedWrapperINSt3__110unique_ptrIN5mojom60MediaDevicesDispatcherHost_EnumerateDevices_ProxyToResponderENS2_14default_deleteIS5_EEEEED2Ev + 175
9 libcontent.dylib 0x0000000129083fc5 _ZN4base8internal13PassedWrapperINSt3__110unique_ptrIN5mojom60MediaDevicesDispatcherHost_EnumerateDevices_ProxyToResponderENS2_14default_deleteIS5_EEEEED1Ev + 21
10 libcontent.dylib 0x0000000129084b45 _ZNSt3__112__tuple_leafILm0EN4base8internal13PassedWrapperINS_10unique_ptrIN5mojom60MediaDevicesDispatcherHost_EnumerateDevices_ProxyToResponderENS_14default_deleteIS6_EEEEEELb0EED2Ev + 21
11 libcontent.dylib 0x0000000129084b25 _ZNSt3__112__tuple_implINS_15__tuple_indicesIJLm0EEEEJN4base8internal13PassedWrapperINS_10unique_ptrIN5mojom60MediaDevicesDispatcherHost_EnumerateDevices_ProxyToResponderENS_14default_deleteIS8_EEEEEEEED2Ev + 21
12 libcontent.dylib 0x0000000129084b05 _ZNSt3__112__tuple_implINS_15__tuple_indicesIJLm0EEEEJN4base8internal13PassedWrapperINS_10unique_ptrIN5mojom60MediaDevicesDispatcherHost_EnumerateDevices_ProxyToResponderENS_14default_deleteIS8_EEEEEEEED1Ev + 21
13 libcontent.dylib 0x0000000129084ae5 _ZNSt3__15tupleIJN4base8internal13PassedWrapperINS_10unique_ptrIN5mojom60MediaDevicesDispatcherHost_EnumerateDevices_ProxyToResponderENS_14default_deleteIS6_EEEEEEEED2Ev + 21
14 libcontent.dylib 0x0000000129084ac5 _ZNSt3__15tupleIJN4base8internal13PassedWrapperINS_10unique_ptrIN5mojom60MediaDevicesDispatcherHost_EnumerateDevices_ProxyToResponderENS_14default_deleteIS6_EEEEEEEED1Ev + 21
15 libcontent.dylib 0x0000000129084aa9 _ZN4base8internal9BindStateIMN5mojom60MediaDevicesDispatcherHost_EnumerateDevices_ProxyToResponderEFvRKNSt3__16vectorINS5_IN7content15MediaDeviceInfoENS4_9allocatorIS7_EEEENS8_ISA_EEEEEJNS0_13PassedWrapperINS4_10unique_ptrIS3_NS4_14default_deleteIS3_EEEEEEEED2Ev + 25
16 libcontent.dylib 0x0000000129084a85 _ZN4base8internal9BindStateIMN5mojom60MediaDevicesDispatcherHost_EnumerateDevices_ProxyToResponderEFvRKNSt3__16vectorINS5_IN7content15MediaDeviceInfoENS4_9allocatorIS7_EEEENS8_ISA_EEEEEJNS0_13PassedWrapperINS4_10unique_ptrIS3_NS4_14default_deleteIS3_EEEEEEEED1Ev + 21
17 libcontent.dylib 0x0000000129084a27 _ZN4base8internal9BindStateIMN5mojom60MediaDevicesDispatcherHost_EnumerateDevices_ProxyToResponderEFvRKNSt3__16vectorINS5_IN7content15MediaDeviceInfoENS4_9allocatorIS7_EEEENS8_ISA_EEEEEJNS0_13PassedWrapperINS4_10unique_ptrIS3_NS4_14default_deleteIS3_EEEEEEEE7DestroyEPKNS0_13BindStateBaseE + 39
18 libbase.dylib 0x0000000122cca806 _ZNK4base8internal13BindStateBase7ReleaseEv + 54
19 libbase.dylib 0x0000000122ccb215 _ZN13scoped_refptrIN4base8internal13BindStateBaseEE7ReleaseEPS2_ + 21
20 libbase.dylib 0x0000000122ccb1fa _ZN13scoped_refptrIN4base8internal13BindStateBaseEED2Ev + 42
21 libbase.dylib 0x0000000122ccaed5 _ZN13scoped_refptrIN4base8internal13BindStateBaseEED1Ev + 21
22 libbase.dylib 0x0000000122ccaeb5 _ZN4base8internal12CallbackBaseILNS0_8CopyModeE0EED2Ev + 21
23 libcontent.dylib 0x00000001289f3585 _ZN4base8internal12CallbackBaseILNS0_8CopyModeE1EED2Ev + 21
24 libcontent.dylib 0x00000001290855e5 _ZN4base8CallbackIFvRKNSt3__16vectorINS2_IN7content15MediaDeviceInfoENS1_9allocatorIS4_EEEENS5_IS7_EEEEELNS_8internal8CopyModeE1ELNSD_10RepeatModeE1EED2Ev + 21
25 libcontent.dylib 0x0000000129083335 _ZN4base8CallbackIFvRKNSt3__16vectorINS2_IN7content15MediaDeviceInfoENS1_9allocatorIS4_EEEENS5_IS7_EEEEELNS_8internal8CopyModeE1ELNSD_10RepeatModeE1EED1Ev + 21
26 libcontent.dylib 0x0000000129082dac _ZN5mojom38MediaDevicesDispatcherHostStubDispatch19AcceptWithResponderEPNS_26MediaDevicesDispatcherHostEPN4mojo8internal20SerializationContextEPNS3_7MessageEPNS3_25MessageReceiverWithStatusE + 1004
27 libcontent.dylib 0x000000012a5afffb _ZN5mojom30MediaDevicesDispatcherHostStubIN4mojo19RawPtrImplRefTraitsINS_26MediaDevicesDispatcherHostEEEE19AcceptWithResponderEPNS1_7MessageEPNS1_25MessageReceiverWithStatusE + 107
28 libbindings.dylib 0x00000001253544b9 _ZN4mojo23InterfaceEndpointClient22HandleValidatedMessageEPNS_7MessageE + 761
29 libbindings.dylib 0x00000001253541b1 _ZN4mojo23InterfaceEndpointClient26HandleIncomingMessageThunk6AcceptEPNS_7MessageE + 33
30 libbindings.dylib 0x0000000125352357 _ZN4mojo11FilterChain6AcceptEPNS_7MessageE + 855
31 libbindings.dylib 0x0000000125358c56 _ZN4mojo23InterfaceEndpointClient21HandleIncomingMessageEPNS_7MessageE + 278
32 libbindings.dylib 0x0000000125371234 _ZN4mojo8internal15MultiplexRouter22ProcessIncomingMessageEPNS_7MessageENS1_18ClientCallBehaviorEPN4base22SingleThreadTaskRunnerE + 1716
33 libbindings.dylib 0x0000000125370513 _ZN4mojo8internal15MultiplexRouter6AcceptEPNS_7MessageE + 739
34 libbindings.dylib 0x0000000125352357 _ZN4mojo11FilterChain6AcceptEPNS_7MessageE + 855
35 libbindings.dylib 0x0000000125343ec6 _ZN4mojo9Connector17ReadSingleMessageEPj + 390
36 libbindings.dylib 0x0000000125344f07 _ZN4mojo9Connector24ReadAllAvailableMessagesEv + 71
37 libbindings.dylib 0x0000000125344c54 _ZN4mojo9Connector21OnHandleReadyInternalEj + 308
38 libbindings.dylib 0x0000000125344b0b _ZN4mojo9Connector20OnWatcherHandleReadyEj + 27
39 libbindings.dylib 0x00000001253467d7 _ZN4base8internal13FunctorTraitsIMN4mojo9ConnectorEFvjEvE6InvokeIPS3_JjEEEvS5_OT_DpOT0_ + 151
40 libbindings.dylib 0x00000001253466df _ZN4base8internal12InvokeHelperILb0EvE8MakeItSoIRKMN4mojo9ConnectorEFvjEJPS5_jEEEvOT_DpOT0_ + 95
41 libbindings.dylib 0x000000012534665b _ZN4base8internal7InvokerINS0_9BindStateIMN4mojo9ConnectorEFvjEJNS0_17UnretainedWrapperIS4_EEEEEFvjEE7RunImplIRKS6_RKNSt3__15tupleIJS8_EEEJLm0EEEEvOT_OT0_NS_13IndexSequenceIJXspT1_EEEEOj + 107
42 libbindings.dylib 0x0000000125346564 _ZN4base8internal7InvokerINS0_9BindStateIMN4mojo9ConnectorEFvjEJNS0_17UnretainedWrapperIS4_EEEEEFvjEE3RunEPNS0_13BindStateBaseEOj + 68
43 libmojo_public_system_cpp.dylib 0x00000001254974db _ZNK4base8internal8RunMixinINS_8CallbackIFvjELNS0_8CopyModeE1ELNS0_10RepeatModeE1EEEE3RunEj + 91
44 libmojo_public_system_cpp.dylib 0x0000000125497410 _ZN4mojo7Watcher13OnHandleReadyEj + 608
45 libmojo_public_system_cpp.dylib 0x00000001254982b9 _ZN4base8internal13FunctorTraitsIMN4mojo7WatcherEFvjEvE6InvokeIRKNS_7WeakPtrIS3_EEJRKjEEEvS5_OT_DpOT0_ + 153
46 libmojo_public_system_cpp.dylib 0x0000000125498135 _ZN4base8internal12InvokeHelperILb1EvE8MakeItSoIRKMN4mojo7WatcherEFvjERKNS_7WeakPtrIS5_EEJRKjEEEvOT_OT0_DpOT1_ + 117
47 libmojo_public_system_cpp.dylib 0x00000001254980b9 _ZN4base8internal7InvokerINS0_9BindStateIMN4mojo7WatcherEFvjEJNS_7WeakPtrIS4_EEjEEEFvvEE7RunImplIRKS6_RKNSt3__15tupleIJS8_jEEEJLm0ELm1EEEEvOT_OT0_NS_13IndexSequenceIJXspT1_EEEE + 105
48 libmojo_public_system_cpp.dylib 0x0000000125497fac _ZN4base8internal7InvokerINS0_9BindStateIMN4mojo7WatcherEFvjEJNS_7WeakPtrIS4_EEjEEEFvvEE3RunEPNS0_13BindStateBaseE + 44
49 libbase.dylib 0x0000000122cff1ca _ZNO4base8internal8RunMixinINS_8CallbackIFvvELNS0_8CopyModeE0ELNS0_10RepeatModeE0EEEE3RunEv + 90
50 libbase.dylib 0x0000000122cfef4f _ZN4base5debug13TaskAnnotator7RunTaskEPKcPNS_11PendingTaskE + 687
51 libbase.dylib 0x0000000122de957b _ZN4base11MessageLoop7RunTaskEPNS_11PendingTaskE + 923
52 libbase.dylib 0x0000000122de9af4 _ZN4base11MessageLoop21DeferOrRunPendingTaskENS_11PendingTaskE + 68
53 libbase.dylib 0x0000000122dea52d _ZN4base11MessageLoop6DoWorkEv + 669
54 libbase.dylib 0x0000000122dfa4ef _ZN4base19MessagePumpLibevent3RunEPNS_11MessagePump8DelegateE + 319
55 libbase.dylib 0x0000000122de9005 _ZN4base11MessageLoop10RunHandlerEv + 645
56 libbase.dylib 0x0000000122eb9bd5 _ZN4base7RunLoop3RunEv + 85
57 libbase.dylib 0x0000000122fb6b8c _ZN4base6Thread3RunEPNS_7RunLoopE + 428
58 libcontent.dylib 0x0000000129a409f7 _ZN7content17BrowserThreadImpl11IOThreadRunEPN4base7RunLoopE + 71
59 libcontent.dylib 0x0000000129a40cfc _ZN7content17BrowserThreadImpl3RunEPN4base7RunLoopE + 588
60 libbase.dylib 0x0000000122fb7db8 _ZN4base6Thread10ThreadMainEv + 3512
61 libbase.dylib 0x0000000122f90931 _ZN4base12_GLOBAL__N_110ThreadFuncEPv + 705
,
Oct 27 2016
,
Nov 1 2016
enumerateDevices works from non-secure origins. It is supposed to crash when the renderer is not allowed to access the origin it sent to the browser. http works fine for me, but about:blank does crash the renderer. Will look into it.
,
Nov 1 2016
mkwst@: Should this be considered a bug? The old enumerateDevices code simply returned when an unauthorized origin was invoked. See https://cs.chromium.org/chromium/src/content/browser/renderer_host/media/media_stream_dispatcher_host.cc?sq=package:chromium&dr&rcl=1477970106&l=203 The new code kills the renderer. See https://cs.chromium.org/chromium/src/content/browser/renderer_host/media/media_devices_dispatcher_host.cc?dr&q=media_devices_dispatcher&sq=package:chromium&l=91 when enumerateDevices is invoked from about:blank it sends a unique origin. This origin is considered invalid and the renderer is killed. https://codereview.chromium.org/2468853002/ restores the old behavior for unique origins. In this case, enumerateDevices still doesn't work for about:blank since the renderer gets no reply, but the renderer doesn't crash. Lowering the priority since the problem is restricted to invalid origins. insecure but valid origins work fine.
,
Nov 10 2016
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/7ab0eddda935e0f3bf84d73d7806c9f1d5fccd99 commit 7ab0eddda935e0f3bf84d73d7806c9f1d5fccd99 Author: guidou <guidou@chromium.org> Date: Thu Nov 10 00:08:54 2016 Do not kill renderer when enumerateDevices is called from unique origins (e.g., about:blank). This CL restores the behavior of enumerateDevices with unique origins before the Mojo migration. BUG= 660204 Review-Url: https://codereview.chromium.org/2468853002 Cr-Commit-Position: refs/heads/master@{#431090} [modify] https://crrev.com/7ab0eddda935e0f3bf84d73d7806c9f1d5fccd99/content/browser/renderer_host/media/media_devices_dispatcher_host.cc [modify] https://crrev.com/7ab0eddda935e0f3bf84d73d7806c9f1d5fccd99/content/browser/renderer_host/media/media_devices_dispatcher_host_unittest.cc [modify] https://crrev.com/7ab0eddda935e0f3bf84d73d7806c9f1d5fccd99/content/browser/renderer_host/media/media_stream_manager.cc
,
Nov 14 2016
,
Nov 14 2016
Can anyone please verify based onRe. #6, can you please verify that [1] works now? Otherwise we're just avoiding the crash but not enumerating the devices correctly for the tests. [1] https://cs.chromium.org/chromium/src/content/public/test/browser_test_utils.cc?q=kHasVideoInputDeviceOnSystem&sq=package:chromium&l=430&dr=CSs
,
Nov 15 2016
[bulk-edit : please ignore if not applicable] Could you please set the correct milestone for this issue?
,
Nov 24 2016
|
|||||
►
Sign in to add a comment |
|||||
Comment 1 by mcasas@chromium.org
, Oct 27 2016Status: Assigned (was: Available)