Skip to content

Option for a resctricted CEF configuration for inworld/hud media #5180

New issue
New issue
Open
Open
Option for a resctricted CEF configuration for inworld/hud media#5180
Labels
enhancementNew feature or requesttriageFlags issues that need to be triaged
@WolfGangS

Description

@WolfGangS
WolfGangS
opened on Dec 20, 2025

Many users are hesitant to enable media on a prim, mostly it seems for fears of IP tracking...

I would like to propose on option for media on a prim cef instances to be operate in a mode where by default they refuse to make connections to any domain that isn't operated by LL, and set the DNT or Sec-GPC header.

After that the server team needs to add support for stripping or stubbing the x-remote-ip header from requests with the relevant DNT/Sec-GPC headers.

With those 2 restrictions in place, a script could serve a moap web page, and remain mostly private giving little distinguishing info to the script. It also may encourage content made in sl to be more hosted in sl, hopefully leading to slightly less products just breaking because some server was taken down.

The basic implementation would need a whitelist for domains, possibly configurable as it is in some TPV's, with LL domains in as defaults.

Then the restriction could be implemented via a few mechanisms

  • Enforcing/Injecting CSP headers on responses to force all content to only be loaded from same origin.
  • A general whitelist on domains that cef will even access (no direct ip connections either)
  • A certificate match restriction

Test Plan

  • Enable the restricted mode however it is implemented.
  • Test that MOAP can no longer load https://google.com or any other non LL domain
  • Create a MOAP script that serves content on one of its prims faces, and check that it loads fine.
  • Check that the script gets 0.0.0.0 or empty string or equivelent for the x-remote-ip header.
  • Serve content from script via MOAP that loads content from a non allowed domain (images/javascript/css), and check that it doesn't load the external content.

This repo is using Opire - what does it mean? 👇
💵 Everyone can add rewards for this issue commenting /reward 100 (replace 100 with the amount).
🕵️‍♂️ If someone starts working on this issue to earn the rewards, they can comment /try to let everyone know!
🙌 And when they open the PR, they can comment /claim #5180 either in the PR description or in a PR's comment.

🪙 Also, everyone can tip any user commenting /tip 20 @WolfGangS (replace 20 with the amount, and @WolfGangS with the user to tip).

📖 If you want to learn more, check out our documentation.

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or requesttriageFlags issues that need to be triaged

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions