Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

WebRTC not configured properly for proxy #4

Open
agowa opened this issue Jul 6, 2022 · 10 comments
Open

WebRTC not configured properly for proxy #4

agowa opened this issue Jul 6, 2022 · 10 comments

Comments

@agowa
Copy link

agowa commented Jul 6, 2022

WebRTC is not configured correctly in chromium.
The option "Disable non-proxied UDP (force proxy)" (chrome.privacy.IPHandlingPolicy.DISABLE_NON_PROXIED_UDP) is not set by this extension. I don't know how to proxy UDP, but this option at least resolves connection errors when webapps try to establish webrtc without using the correct proxy specified within foxyproxy.
@erosman
Copy link

erosman commented Sep 12, 2022

There are browser bugs relating to the issue of WebRTC bypassing browser proxy settings. We are waiting for them to be fixed.

@ericjung
Copy link
Contributor

@erosman are you planning to add a global option to disable WebRTC with this setting in v8.0?

@erosman
Copy link

erosman commented Sep 12, 2022
edited
Loading

That might go beyond the scope of FoxyProxy. It also require "privacy" permission.

On Chrome it is possible to limit WebRTC.
On Firefox, the option is to disable WebRTC completely which may not be desired.

I have already filed a bug and I am waiting for a response.
WebRTC bypasses Network settings & proxy.onRequest

@ericjung
Copy link
Contributor

That might go beyond the scope of FoxyProxy.

I do not agree. FoxyProxy is a proxy extension with privacy-related tools built-in. FoxyProxy already can delete cache, cookies, indexedDB storage, DOM local storage, plugin data, service worker data.

It also require "privacy" permission.

That is ok. This is a privacy-related extension, after all.

On Chrome it is possible to limit WebRTC.

ok

On Firefox, the option is to disable WebRTC completely which may not be desired.

As long as user is informed, there is no problem. Most people do not want WebRTC on all the time anyway. It is not used often and there is no need to keep it turned on.

I have already filed a bug and I am waiting for a response.
WebRTC bypasses Network settings & proxy.onRequest

Be aware that WebRTC over UDP can never be proxied. Proxy servers do not proxy UDP traffic, only TCP. As I understand WebRTC can work over UDP or TCP, but it "prefers" UDP (tries UDP first). So this bug could possibly be implemented, but only for WebRTC over TCP which seems to be a smaller set of uses than WebRTC over UDP.

@agowa
Copy link
Author

agowa commented Sep 13, 2022

Be aware that WebRTC over UDP can never be proxied. Proxy servers do not proxy UDP traffic, only TCP.

Not quite. As of August 2022 (last month), it's now possible. Quick uses UDP instead of TCP. Therefore the IETF spent time creating this recently CONNECT-UDP.
Proxying UDP in HTTP (RFC 9298)

@erosman
Copy link

erosman commented Sep 13, 2022 

It also require "privacy" permission.

That is ok. This is a privacy-related extension, after all.

OK... but from personal experience ......
Back in Oct 2021, I added an option to save/download extension settings which requires "downloads" permission to one of my addons that is recommended on Firefox.
Although "downloads" permission is very safe and inconsequential permission, over half users refused to upgrade to the latest version complaining about the new "downloads" permission. There were even abuse report and poor review rating over it.
Today, a third of the users are still using the previous version.

📌 Be aware of new permission and user reaction.

@erosman
Copy link

erosman commented Sep 13, 2022
edited
Loading

I have added the code to limit WebRTC in FoxyProxy v8.0 (once released).
I have also set "privacy" as optional permission (for now).

Optional Permission

  • pro: no shock to user on upgrade
  • pro: not used if not actioned
  • con: every time actioned, there will be a popup asking for permission
  • con: making a toggle on/off cumbersome as getting the current value requires the permission

@ericjung
Copy link
Contributor

Be aware that WebRTC over UDP can never be proxied. Proxy servers do not proxy UDP traffic, only TCP.

Not quite. As of August 2022 (last month), it's now possible. Quick uses UDP instead of TCP. Therefore the IETF spent time creating this recently CONNECT-UDP. Proxying UDP in HTTP (RFC 9298)

Interesting. Are you aware of announcements from squid or other proxy server software announcing they will support it?

@ericjung
Copy link
Contributor

ericjung commented Sep 13, 2022
edited
Loading

I have added the code to limit WebRTC in FoxyProxy v8.0 (once released). I have also set "privacy" as optional permission (for now).

Optional Permission

  • pro: no shock to user on upgrade
  • pro: not used if not actioned
  • con: every time actioned, there will be a popup asking for permission
  • con: making a toggle on/off cumbersome as getting the current value requires the permission

This is great! I think toggling this on/off is going to be very rare. (Turn it off once and ignore). So Optional Permission is the perfect approach.

@agowa
Copy link
Author

agowa commented Sep 13, 2022

I created a feature request for Squid right now. So let's see what the devs say. https://bugs.squid-cache.org/show_bug.cgi?id=5233

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@agowa @ericjung @erosman