Proposal: Add UDP broadcast capability to chrome.sockets.udp

102 views
Skip to first unread message

Reilly Grant

unread,
Mar 27, 2015, 7:59:51 PM3/27/15
to apps-dev, security-enamel
Since people have asked for it on the mailing lists and issue tracker I've put together an API extension proposal for adding a chrome.sockets.udp.setBroadcast function that would allow a Chrome app to enable sending and receiving UDP broadcast traffic on the local network. I have been unable to find any discussion of why this was not included in the original API.

https://docs.google.com/a/chromium.org/document/d/1Jf5I-ZtuWix3LsWGxB7Axh-t0dK7emNuyEMV07UQHe0/edit?usp=sharing

λ Ken Rockot

unread,
Mar 27, 2015, 8:42:04 PM3/27/15
to Reilly Grant, apps-dev, security-enamel
API LGTM pending security review

On Fri, Mar 27, 2015 at 4:59 PM, Reilly Grant <rei...@chromium.org> wrote:
Since people have asked for it on the mailing lists and issue tracker I've put together an API extension proposal for adding a chrome.sockets.udp.setBroadcast function that would allow a Chrome app to enable sending and receiving UDP broadcast traffic on the local network. I have been unable to find any discussion of why this was not included in the original API.

https://docs.google.com/a/chromium.org/document/d/1Jf5I-ZtuWix3LsWGxB7Axh-t0dK7emNuyEMV07UQHe0/edit?usp=sharing

To unsubscribe from this group and stop receiving emails from it, send an email to apps-dev+u...@chromium.org.

Chris Bentzel

unread,
Mar 28, 2015, 7:01:38 AM3/28/15
to λ Ken Rockot, Reilly Grant, net...@chromium.org, apps-dev, security-enamel

Reilly Grant

unread,
Apr 7, 2015, 5:09:33 PM4/7/15
to Chris Bentzel, λ Ken Rockot, net...@chromium.org, apps-dev, security-enamel
Security ping?

Mustafa Emre Acer

unread,
Apr 7, 2015, 5:17:29 PM4/7/15
to Reilly Grant, Chris Bentzel, λ Ken Rockot, net-dev, apps-dev, security-enamel
Sorry for the delay, I thought this API was already reviewed. Looking now.

Mustafa Emre Acer

unread,
Apr 7, 2015, 6:55:29 PM4/7/15
to Reilly Grant, Chris Bentzel, λ Ken Rockot, net-dev, apps-dev, security-enamel
The risks outlined in the doc sound acceptable to me, so lgtm. If another reviewer from net-dev or security-enamel could chime in that would be great too.

Ryan Sleevi

unread,
Apr 8, 2015, 8:32:54 PM4/8/15
to Mustafa Emre Acer, Reilly Grant, Chris Bentzel, λ Ken Rockot, net-dev, apps-dev, security-enamel
On Tue, Apr 7, 2015 at 3:54 PM, Mustafa Emre Acer <mea...@chromium.org> wrote:
The risks outlined in the doc sound acceptable to me, so lgtm. If another reviewer from net-dev or security-enamel could chime in that would be great too.

I went to the doc with certain attack scenarios in mind, and was happy to find them already listed and documented.

If the security folks are happy with the design and mitigation, I didn't think of anything to add from the network attack scenario, so LGTM as well. 
Reply all
Reply to author
Forward
0 new messages