player: add mpv:// protocol to open safe protocols
#15898
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
This is likely security consideration of running arbitrary file, from handler. Needs to be evaluated. |
|
Download the artifacts for this pull request: |
|
As discussed on IRC, I will make this allow only "safe" protocols to open. Which is already status quo with |
kasper93
changed the title
mpv:// protocolmpv:// safe protocol
kasper93
changed the title
mpv:// safe protocolmpv:// protocol to run safe protocols
kasper93
changed the title
mpv:// protocol to run safe protocolsmpv:// protocol to open safe protocols
kasper93
force-pushed
the
mpv-protocol
branch
from
de377b2 to
d042eee
Compare
|
I've updates to handle only safe protocols and also allowed safe protocols to handle bit more. EDIT: Removed also handling from macos. |
kasper93
force-pushed
the
mpv-protocol
branch
3 times, most recently
from
50766ca to
bb6fb3e
Compare
Dudemanguy
reviewed
Feb 23, 2025
kasper93
force-pushed
the
mpv-protocol
branch
3 times, most recently
from
43e0192 to
bb58a1a
Compare
This is useful to run mpv from URL handler. Can be used to start mpv from you web browser or anything that would trigger url handler for given protocol. Only safe protocols are allowed. Current solutions to run mpv in such context are to spawn IPC proxy and run mpv when requested, but this is in most cases not necessary. Currently the protocol is added in mpv.desktop. Windows related registration will follow in future changes.
It has been moved to the mpv core with additional security considerations, including filtering unsafe protocols from being opened via the URL handler. While we are not aware of any active exploitation, naive protocol handling could allow the use of niche protocols in FFmpeg, which, in turn, might load native code. How such native code would be dropped on the local machine is another question. This remains theoretical, but it's better to be safe than sorry. Fixes: 494d408
kasper93
force-pushed
the
mpv-protocol
branch
from
bb58a1a to
f402516
Compare
6 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This is useful to run mpv from URL handler. Can be used to start mpv from you web browser or anything that would trigger url handler for given protocol.
Current solutions to run mpv in such context are to spawn IPC proxy and run mpv when requested, but this is in most cases not necessary.
Currently the protocol is added in mpv.desktop. Windows related registration will follow in future changes.