Allow core APIs to be bound directly into isolated freedom modules #255
Comments
|
Makes sense. This seems doable - the providers will exist in the workers, so it's mainly a matter of switching wiring, and making sure we're squared away on maintaining references to the globals that are masked out before user code is loaded. |
I appear to have been mistaken about this. Not sure how I got confused. |
|
My current understanding is that we can make progress on the rtcPeerConnection, but that neither browser can directly access priviledged sockets from workers. |
|
That is also my understanding. |
|
Food for thought: If our code knew that getBufferedAmount didn't have to wait for the freedom event queue, then instead of calling pause() pre-emptively, we would call getBufferedAmount() and make a decision based on the immediate return ... especially if we could check it synchronously! It looks to me like Chrome, Firefox, and Node all allow exposing WebRTC, WebSockets, and XHR into the context that is used for freedom modules. Could we just add an option to expose these APIs directly, un-intermediated (except maybe for adapter.js), into appropriately permissioned modules? |
|
By expose directly, i think we still would do better to go through the Node certainly doesn't export the same API for any of these that chrome and On Thu, May 14, 2015 at 6:06 PM, Benjamin M. Schwartz <
|
|
node-webrtc appears to export exactly the standard W3C RTCPeerConnection API. There are emulation packages for the others that claim tight spec compliance. I see two important advantages to un-intermediated access:
I also see some smaller advantages: less code to maintain in Freedom, more natural APIs, less to learn for new Freedom users. |
|
My only concern - maybe a bit leas for webrtc, is that this would limit the
|
|
I agree that this kind of restriction would be nice, but I don't think it impacts the design in this case. If we can apply these restrictions without imposing the RPC-to-core structure, then I think we are free to stick with the W3C's APIs across the board. If we cannot, then we must maintain both options, and only offer restricted modules via the Promisified core.* APIs. As a first step, I think we would want to do this anyway for backwards compatibility. |
|
This seem to also be relevant for debugging in node so that a top-level module can be inspected in the originally launched process. |
Starting in Firefox 37, WebSockets are available directly inside Web Workers. (Chrome has long allowed this.) XHR and RTCPeerConnection may also be available. Chrome allows Web Workers in extensions to access the whole range of extension APIs.
Rather than forcing all API access to go through the core environment, with significant performance consequences, it would be nice if modules with appropriate permission could obtain direct access to their approved APIs, on platforms where this is possible.
Based on benchmarks so far, this would dramatically improve the performance of uProxy, and make increased modularization substantially more appealing. I believe it would also provide better performance and security/isolation than the proposed channels model (#48). I expect the immediate performance improvement for uProxy would be significantly greater than enabling direct inter-module messaging (#254), because uProxy performs a great deal of core<->module communication and very little module<->module communication.
The text was updated successfully, but these errors were encountered: