Disable WebRTC RTCPeerConnection in fenced frames.
WebRTC is one form of network communication that should
be disabled when window.fence.disableUntrustedNetwork is called
in a fenced frame. However,
- We don't have any identified use cases for WebRTC in fenced frames
- The revocation process would be more involved than other forms of
network access, which would provide little benefit per #1. - Entirely disabling WebRTC PeerConnection instead is beneficial for privacy and does not break existing fenced frame use cases.
This CL disables RTCPeerConnection construction entirely in fenced
frames, regardless of whether window.fence.disableUntrustedNetwork
was called or not. The change is behind an existing flag so that
it does not ship until other forms of network revocation do.
Disabling RTCPeerConnection can be handled entirely by the renderer,
but a compromised renderer could potentially circumvent this to
construct a peer connection anyway. A follow-up CL will add
a browser-side control to ensure that this does not occur.
Change-Id: Iaa2caaddeee70852179332dd89c5dbbac3ffcfbf
Bug: 41488151
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5527514
Reviewed-by: Guido Urdaneta guidou@chromium.org
Commit-Queue: Andrew Verge averge@chromium.org
Reviewed-by: Liam Brady lbrady@google.com
Reviewed-by: Shivani Sharma shivanisha@chromium.org
Cr-Commit-Position: refs/heads/main@{#1319162}