Intent to Ship: Direct Sockets API

1,095 views
Skip to first unread message

Chromestatus

unread,
Aug 13, 2024, 9:59:09 AMAug 13
to blin...@chromium.org, green...@google.com

Contact emails

green...@google.com

Explainer

https://github.com/WICG/direct-sockets/blob/main/docs/explainer.md

Specification

https://wicg.github.io/direct-sockets

Summary

Allows Isolated Web Apps to establish direct transmission control protocol (TCP) and user datagram protocol (UDP) communications with network devices and systems as well as listen to and accept incoming connections.



Blink component

Blink>Network>Direct Sockets

Search tags

networking, TCP, UDP, sockets

TAG review

https://github.com/w3ctag/design-reviews/issues/548

TAG review status

Pending

Risks



Interoperability and Compatibility

Other browsers may choose to implement this API.



Gecko: Closed Without a Position (https://github.com/mozilla/standards-positions/issues/431)

WebKit: No signal

Web developers: Positive (https://discourse.wicg.io/t/filling-the-remaining-gap-between-websocket-webrtc-and-webtranspor/4366) Numerous potential use cases have been suggested.

Other signals:

Security

Various security risks and mitigations are noted in https://github.com/WICG/raw-sockets/blob/master/docs/explainer.md#security-considerations This is a powerful API. Users will have the opportunity to give Isolated Web Apps access to local hardware, and information systems behind organization firewalls. Mitigations are designed to ensure this cannot happen accidentally, and only through enterprise policies or the friction of installing a native app.



WebView application risks

Does this intent deprecate or change behavior of existing APIs, such that it has potentially high risk for Android WebView-based applications?

N/A. Feature not compiled in Android.



Debuggability

The code using this API can be debugged using the standard tools. Integrating the API with the DevTools Networking tab to enable easier introspection of the state of these connections as well as the data transferred could be a beneficial future improvement.



Will this feature be supported on all six Blink platforms (Windows, Mac, Linux, ChromeOS, Android, and Android WebView)?

No

This feature is implemented on desktop platforms, although it will only be available to the end users on platforms that support Isolated Web Apps, which is currently only ChromeOS. Android is excluded for historical reasons, although there are no apparent interoperability blockers here.



Is this feature fully tested by web-platform-tests?

Yes

These tests require a specific --isolated-context-origins flag to be tested in WPTs, so they're run as a part of a virtual suite and are not reflected on wpt.fyi.



Flag name on chrome://flags

#enable-direct-sockets-web-api

Finch feature name

DirectSockets

Requires code in //chrome?

False

Tracking bug

https://bugs.chromium.org/p/chromium/issues/detail?id=909927

Launch bug

https://launch.corp.google.com/launch/4339602

Measurement

We have the following histograms for tracking network failures upon creating sockets (prefixed with DirectSockets.*): - TCPNetworkFailures - UDPNetworkFailures - TCPServerNetworkFailures Separate programmatic counters for the .idl methods and attributes (via MeasureAs) are also included to track the stats for API usage.

Availability expectation

Feature is available only in Isolated Web Apps on desktop platforms. https://chromestatus.com/feature/5146307550248960

Adoption expectation

Expected to be used initially by a small number of developers inside Isolated Web Apps.

Adoption plan

Working directly with developers that are planning to rely on the API.

Non-OSS dependencies

Does the feature depend on any code or APIs outside the Chromium open source repository and its open-source dependencies to function?

None

Sample links


https://github.com/GoogleChromeLabs/telnet-client

Estimated milestones

Shipping on desktop 130


Anticipated spec changes

Open questions about a feature may be a source of future web compat or interop issues. Please list open issues (e.g. links to known github issues in the project for the feature specification) whose resolution may introduce web compat/interop risk (e.g., changing to naming or structure of the API in a non-backward-compatible way).

None

Link to entry on the Chrome Platform Status

https://chromestatus.com/feature/6398297361088512?gate=6732051726729216

This intent message was generated by Chrome Platform Status.

Christian Biesinger

unread,
Aug 13, 2024, 1:20:25 PMAug 13
to Chromestatus, blin...@chromium.org, green...@google.com
On Tue, Aug 13, 2024 at 9:59 AM Chromestatus <ad...@cr-status.appspotmail.com> wrote:

Contact emails

green...@google.com

Explainer

https://github.com/WICG/direct-sockets/blob/main/docs/explainer.md

Specification

https://wicg.github.io/direct-sockets

Summary

Allows Isolated Web Apps to establish direct transmission control protocol (TCP) and user datagram protocol (UDP) communications with network devices and systems as well as listen to and accept incoming connections.



Blink component

Blink>Network>Direct Sockets

Search tags

networking, TCP, UDP, sockets

TAG review

https://github.com/w3ctag/design-reviews/issues/548

TAG review status

Pending

Risks



Interoperability and Compatibility

Other browsers may choose to implement this API.



Gecko: Closed Without a Position (https://github.com/mozilla/standards-positions/issues/431)

This seems to be closed as harmful, not as no position?
 
--
You received this message because you are subscribed to the Google Groups "blink-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+...@chromium.org.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/000000000000c7b248061f910247%40google.com.

Andrew Rayskiy

unread,
Aug 13, 2024, 2:15:14 PMAug 13
to blink-dev, Christian Biesinger, blin...@chromium.org, green...@google.com, Chromestatus, iwa-team
+ iwa-team@ for visibility.

On Tuesday, August 13, 2024 at 7:20:25 PM UTC+2 Christian Biesinger wrote:
On Tue, Aug 13, 2024 at 9:59 AM Chromestatus <ad...@cr-status.appspotmail.com> wrote:
Contact emails green...@google.com

Explainer https://github.com/WICG/direct-sockets/blob/main/docs/explainer.md

Specification https://wicg.github.io/direct-sockets

Summary

Allows Isolated Web Apps to establish direct transmission control protocol (TCP) and user datagram protocol (UDP) communications with network devices and systems as well as listen to and accept incoming connections.



Blink component Blink>Network>Direct Sockets

Search tags networking, TCP, UDP, sockets

TAG review https://github.com/w3ctag/design-reviews/issues/548

TAG review status Pending

Risks


Interoperability and Compatibility

Other browsers may choose to implement this API.



Gecko: Closed Without a Position (https://github.com/mozilla/standards-positions/issues/431)

This seems to be closed as harmful, not as no position?
 
Indeed -- however, the harmful resolution was issued primarily due to the lack of adequate safeguards. It's worth pointing out that since then we've launched Isolated Web Apps with enhanced protections against these concerns.

Reilly Grant

unread,
Aug 14, 2024, 1:38:27 PMAug 14
to Andrew Rayskiy, blink-dev, Christian Biesinger, Chromestatus, iwa-team
LGTM as an IWA OWNER (3x LGTM from Blink API OWNERS are still required according to the IWA-specific API launch process).

This API is an excellent example of a case where a small number of applications need a powerful capability even though there are existing web platform alternatives (e.g. Web Transport). Some applications do not have a choice in the endpoints they need to connect to (e.g. legacy or low-level systems) and need an unrestricted network API.
Reilly Grant | Software Engineer | rei...@chromium.org | Google Chrome


You received this message because you are subscribed to the Google Groups "iwa-team" group.
To unsubscribe from this group and stop receiving emails from it, send an email to iwa-team+u...@google.com.
To view this discussion on the web visit https://groups.google.com/a/google.com/d/msgid/iwa-team/0360ba72-2c60-4190-aae4-9d2fad6722fdn%40chromium.org.
For more options, visit https://groups.google.com/a/google.com/d/optout.

Randell Jesup

unread,
Aug 19, 2024, 9:46:14 AMAug 19
to Chromestatus, blin...@chromium.org, green...@google.com
This was not closed by Mozilla with no opinion, it was closed as Harmful.

Randell Jesup, Mozilla Networking Team

--

Yoav Weiss (@Shopify)

unread,
Aug 28, 2024, 8:04:10 AMAug 28
to Randell Jesup, Chromestatus, blin...@chromium.org, green...@google.com
LGTM1 - the use case is clear, as well as the dangers of enabling this over the open web. Confining this API to IWAs seems to strike a reasonable balance.

Mike Taylor

unread,
Aug 28, 2024, 9:37:49 AMAug 28
to Yoav Weiss (@Shopify), Randell Jesup, Chromestatus, blin...@chromium.org, green...@google.com

Alex Russell

unread,
Aug 28, 2024, 11:55:21 AMAug 28
to blink-dev, Mike Taylor, Chromestatus, blin...@chromium.org, green...@google.com, Yoav Weiss, rje...@mozilla.com, Jeffrey Yasskin
In today's API OWNERS meeting, Jeff raised the concern that this API design doesn't follow our general guidance for having a Promise-returning `request*()` method that integrates with the Permissions API and allows the UA to inject controls (including, potentially, user prompts). This is our long-running pattern for gating exotic APIs, including all of the Fugu APIs.

Is there a reason this wasn't adopted here? Even in cases where an admin blesses an IWA, we should expect there to be cases where we'll want async gating for things like policy controls.

Best,

Alex

To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+unsubscribe@chromium.org.
--
You received this message because you are subscribed to the Google Groups "blink-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+unsubscribe@chromium.org.
--
You received this message because you are subscribed to the Google Groups "blink-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+unsubscribe@chromium.org.

Panos Astithas

unread,
Aug 28, 2024, 1:21:56 PMAug 28
to Randell Jesup, Chromestatus, blin...@chromium.org, green...@google.com, Jeffrey Yasskin
On Mon, Aug 19, 2024 at 6:46 AM 'Randell Jesup' via blink-dev <blin...@chromium.org> wrote:
This was not closed by Mozilla with no opinion, it was closed as Harmful.
 
Hi Randell!

I suspect this is marked as Closed by the tool because the issue doesn't have the position:negative label. If you add it I believe it will be automatically reflected in ChromeStatus.

Cheers,
Panos

Reilly Grant

unread,
Aug 28, 2024, 1:25:26 PMAug 28
to Alex Russell, blink-dev, Mike Taylor, Chromestatus, green...@google.com, Yoav Weiss, rje...@mozilla.com, Jeffrey Yasskin
The Promise returned by the "opened" attribute serves that purpose. We used this pattern because it aligns with the WebSocketStream and WebTransport constructors. 

Reilly Grant | Software Engineer | rei...@chromium.org | Google Chrome

To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+...@chromium.org.
--
You received this message because you are subscribed to the Google Groups "blink-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+...@chromium.org.
--
You received this message because you are subscribed to the Google Groups "blink-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+...@chromium.org.

--
You received this message because you are subscribed to the Google Groups "blink-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+...@chromium.org.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/82541dfc-0611-4c6c-a1af-6249c9bc0a0an%40chromium.org.

Vladimir Levin

unread,
Sep 11, 2024, 12:05:39 PM (2 days ago) Sep 11
to Reilly Grant, Alex Russell, blink-dev, Mike Taylor, Chromestatus, green...@google.com, Yoav Weiss, rje...@mozilla.com, Jeffrey Yasskin
LGTM3 for the IWAs in its current form where it is limited to enterprise customers. This and features similar to this would need to be revisited if IWAs shift to a more public audience. If and when that happens, it would be nice to understand the vetting / review process to judge whether some of these features can be available more publicly. 

Reply all
Reply to author
Forward
0 new messages