Enable widevine on linux #3037
Enable widevine on linux #3037
Conversation
simonhong
changed the title
simonhong
force-pushed
the
support_widevine_in_linux
branch
2 times, most recently
from
eff91d3 to
ffb91dc
Compare
simonhong
force-pushed
the
support_widevine_in_linux
branch
from
ffb91dc to
655966f
Compare
Widevine cdm pkg is downloaded by using version that is spcified in package.json. Then it is stored to src/third_party/widevine. widevinew version configuration is added in package.json. adm-zip and sync-request are newly added into dependencies for downloading widevine pkg synchronously and unzip.
simonhong
force-pushed
the
support_widevine_in_linux
branch
from
655966f to
69b46cc
Compare
|
|
||
| // Synchronously download widevine pkg and extracts into cdm dir. | ||
| const widevineZipFileName = `${widevineConfig.configuredVersion}-linux-x64.zip` | ||
| const widevineUrl = `https://redirector.gvt1.com/edgedl/widevine-cdm/${widevineZipFileName}` |
There was a problem hiding this comment.
I'm not sure if downloading a new binary each time (instead of the manual binary update) is OK from the security point of view, so maybe it is worth to show this to someone from DevOps or security teams.
There was a problem hiding this comment.
@bbondy I think we also need to think about widevine download url could be exposed or not. Also, as far as we use bundling, I think manual binary update seems fine.
There was a problem hiding this comment.
Please post a security review for this PR entirely in brave/internal
|
Added @diracdeltas to review the new npm dependencies |
| // because processes except browser process are forked from zygote process not created from | ||
| // brave.exe binary. So, cdm should be loaded(not initialized) into zygote process space | ||
| // before zygote enters the sandbox. | ||
| // This method places WidevineCdm lib and header file into proper place before building. |
There was a problem hiding this comment.
Sorry for delay in reviewing this, but for licensing reasons it's not allowed for us to bundle.
This will need to happen on each client and we should use an npm config variable likebrave_google_api_endpoint
| "commander": "^2.9.0", | ||
| "fs-extra": "^1.0.0" | ||
| "fs-extra": "^1.0.0", | ||
| "sync-request": "^6.0.0" |
There was a problem hiding this comment.
If i'm not mistaken, these can be devDependencies instead of dependencies. (npm install --save-dev)
|
I'm going to close this PR because I think the approach can't be used to a point that a new PR is needed. |
Widevine cdm pkg is downloaded by using version that is spcified in
package.json. Then it is stored to src/third_party/widevine.
widevinew version configuration is added in package.json.
adm-zip and sync-request are newly added into dependencies for
downloading widevine pkg synchronously and unzip.
This PR should be merged with brave/brave-core#1475.
Fix #413
Submitter Checklist:
npm test brave_unit_tests && npm test brave_browser_tests) ongit rebase master(if needed).git rebase -ito squash commits (if needed).Test Plan:
Reviewer Checklist: