-
-
Notifications
You must be signed in to change notification settings - Fork 371
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Widevine CDM provisioning request to googleapis.com #471
Comments
Is there anything else installed on that device? I presume it's another background process calling the Google API 🤔 |
@sooorajjj please inspect the content of the request/response, I doubt this is sourced from Bromite |
I tried this myself but could not reproduce the Google access. The only thing appearing is the bromite.org URL. What homepage do you open when opening Bromite the first time? |
@sooorajjj good, that reduces the scope. Which icons are on your New Tab Page? The requests should be only about those favicons. The googleapis request might be about something else which did not get blocked, but to sort it out we need the full request and response as per previous comment. See also this comment. |
I analyzed Bromite's network traffic and noticed that, after about 1 minute after its first start, two URL: (First request)
Client request:
Server response:
URL: (Second request)
Client request:
Server response:
|
Great job @SnwMds! The request appears to be done here: https://github.com/chromium/chromium/blob/79.0.3945.123/content/browser/media/url_provision_fetcher.cc I am now looking further into this. The network traffic annotation provides details about this request, trigger and purpose:
|
The I find it surprising that it starts requesting a CDM key even before content is played... |
I found in Chromium codebase 2 switches called I will disable
Meanwhile I will document in the README that Bromite supports Android DRM (this is intentional, but it is not clear for all users how DRM works so better to refresh it). @Eloston @wchen342 your opinion appreciated as I see that in ungoogled-chromium you did a fair setup; as far as I know ungoogled-chromium-android also has this issue/feature which is related to DRM support. |
To be precise: https://w3c.github.io/encrypted-media/#direct-individualization explains how the identifiers are created, which is a good method. The privacy violation consists not much on these identifiers but for example on the source IP address and the fact that user is not requested consent before it happening (another case of violate-by-default). |
Fixed in As per upstream https://bugs.chromium.org/p/chromium/issues/detail?id=686430 it must already be possible to disable playback of protected content. @sooorajjj @SnwMds can you please get latest version and disable protected content playback from site settings -> multimedia -> protected content and verify that the the CDM provisioning request to |
@csagan5, I tested version |
Thanks @csagan5 , the issue is fixed no more googleapis call . |
@sooorajjj it will happen first time protected content is played (unless protected content is disabled for all sites or that specific site) |
Bromite version
Version:
79.0.3945.123
Arch:
arm64
Android version:
8.0
Device model:
Poco F1
Is this bug about the SystemWebView?
No
Is the bug reproducible with latest version?
Yes
Can the bug be reproduced with corresponding Chromium version?
Yes, but won't complain chrome targeting google APIs
Is the bug a crash?
No
Describe the bug
Snif network traffic from the acces point on the device where Bromite is installed (by using Wireshark), and notice calls to
Steps to reproduce the bug
Start Wireshark on Bromite access point.
Just run Bromite for the first time (or after cleaning all Storage cache) without browsing wait a minute.
Read Wireshark traces statistics and notice calls to Google FQDN
Expected behavior
No call to any Google FQDN.
Screenshots
The text was updated successfully, but these errors were encountered: