Google’s Chromium team has suggested a way to allow web apps to communicate directly with the device using TCP and UDP network connections. Apart from this it is a powerful capability that could complicate web security.
The Raw Sockets API, which may end up being renamed the Direct Sockets API, represents an attempt to give browser apps networking capabilities that aren’t possible via data transport options like HTTP, WebSockets and WebRTC. It essentially allows the browser to talk directly to devices and other computers via the network.
Chromium engineer Eric Willigers announced plans to prototype the API on Wednesday. The intent is to ship the tech for Chrome OS before there’s a general Chromium release. Browser plugin technologies like ActiveX, Java applets, and Microsoft Silverlight have provided this sort of connectivity in the past. But these have fallen out of favor, largely due to security problems.
There are various ways the API could be used to violate the privacy of Chromium browser users, to the extent such a thing even exists anymore in an environment where websites regularly load dozens of trackers. Regardless of how the permission prompt eventually gets implemented, there’s at least some support for the idea among web devs.
Post Your Comments