WASM usage in an IWA
333 views
Skip to first unread message
John McKeon
Apr 8, 2025, 11:48:11 PMApr 8
to iwa-dev
Hello,
Is a WASM based web app able to overcome this error:
NotAllowedError: Failed to construct 'TCPSocket': Frame is not sufficiently isolated to use Direct Sockets.
'unsafe-eval' being a required Content-Security-Policy script-src for streaming instantiation of a WASM runtime, I imagine not.
Direct sockets would be great thing to have. Imagine going back to the good old days connecting directly to a posgresql db without all of this API middleware nonsense! I must be naive to wonder why they even need all of the extra security for them to be available.
Absent any other remedy, I will be forced to compile chrome without the fences if I wanted access to these.
Thanks for any advice you might have.
For completeness, the app is https://newspeaklanguage.org/webIDE The brainchild of Gilad Bracha, it was once a Google funded project and is a fantastic web development platform.
Happy Trails
Andrew Rayskiy
Apr 9, 2025, 5:03:55 AMApr 9
to John McKeon, iwa-dev
Hi John,
What exactly are you looking for? To use Direct Sockets in the context of WASM inside of an IWA? Or inside a regular web app?
If it's the former, does your manifest specify the necessary permissions policies, in this case cross-origin-isolated and direct-sockets (optionally also direct-sockets-private if you need local network access)? See example.
--
You received this message because you are subscribed to the Google Groups "iwa-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to iwa-dev+u...@chromium.org.
To view this discussion visit https://groups.google.com/a/chromium.org/d/msgid/iwa-dev/fbe77945-486f-4242-8ff1-4a6821581a0an%40chromium.org.
guest271314
Apr 9, 2025, 10:26:23 AMApr 9
to iwa-dev, green...@google.com, iwa-dev, mckeonmat...@gmail.com
Yeah, I don't think Direct Sockets should be gated behind an IWA either https://issues.chromium.org/issues/352864315.
What exactly are you trying to do with a WASM runtime in relation to one of the Direct Sockets API interfaces?
guest271314
Apr 9, 2025, 10:26:27 AMApr 9
to John McKeon, iwa-dev
Yeah, I don't think Direct Sockets should be gated behind IWA's either
https://issues.chromium.org/issues/352864315. What are you trying to
do with a WASM runtime relavant to one of the API's?
https://issues.chromium.org/issues/352864315. What are you trying to
do with a WASM runtime relavant to one of the API's?
John McKeon
Apr 9, 2025, 5:47:54 PMApr 9
to iwa-dev, green...@google.com, iwa-dev, John McKeon
Hello Andrew,
Thanks for the response.
My web application is not your typical app. It's an IDE that compiles code to bytecode that the WASM VM Interpreter runs on V8. I have configured it to run in the developer sandbox in Canary and would like to implement one or two custom TCP protocols. The resulting libraries could then be used in the IDE for building standalone applications that would also use the same WASM setup. (Those would then need their own manifest etc).
I have specified all three permission policies you mentioned as well as several necessary Content-Security-Policies in the html head. I have used script-src 'unsafe-eval' as well as 'wasm-unsafe-eval'.
Reply all
Reply to author
Forward
0 new messages