locked
Sandbox client-to-client RRS feed

  • Question

  • Hi,

    it´s me again with a question. Is the WPF/E sandbox going to support direct client-to-client communication of binary data streams?

    It´s for a web based collaboration solution including video chat and working together on shared documents of various types.

    regards immanuel
    Friday, December 29, 2006 12:03 PM

All replies

  • Hello,

    Always a pleasure to get good questions.

    This CTP communication stack relies on the communication stack that is available to Javascript.

    We are investigating scenarios such as the one you described for future releases. Extendig the sandbox is not something that is done easily. We have to understand that we are enbling important scenario without compromizing security. In the meantime, as a temporary solution, if the standard sandbox does not support what you need you can use a server as a middle tier (compromizing performance but enabling the scenario)

    Barak

    Friday, December 29, 2006 10:10 PM
  • Hello Barak,

    thank you for the quick answer.

    With the server acting as a repeater for all the data (which is a lot when it comes to video chat or colaboration on other bigger data files) it quickly becomes a bottleneck. Thus a server based solution would result in poor scalability.

    In terms of security the following model might be a solution:
    Since two clients, who want to communicate, actively connect to the thrustworthy server, the server should be the instance to announce the clients to each other (by providing them with each others net addresses). Both of them would then open up a port for communication. Of course an open port is always a security issue. To target this, the server (as the authority both clients trust to) should provide a unique key for the session to the two clients on initializing the connection. Furtheron the clients encrypt their communication with the common key. Connections to the port would be only accepted, if the request is signed with the right key and comes from the right net address (ip address).

    This way 'unauthorised' connections should be easily prevented.
    What do you think about this ?

    regards immanuel

    Saturday, December 30, 2006 2:01 AM
  • hi
    has this been solved somehow or has anybody found a workaround for this problem?
    are there some changes concerning this in the new ctp, is it still work in progress, is direct client communication allready possible or what release is it planned for if not yet working?

    I ve been lookin for a solution for direct in-browser client communication but without a f* server in between there s no way to make this work with the existing tools out there. Writing an own plugin is not in our resources. wpfe is my last realistic chance.

    I am in desperate need of this function - like many many others for sure

    this could be good for so many things like chat/video chat, writing/layouting text/pictures/whatever together, shareing my vacation videos or my music with a buddy, recutting them an remixin em and ... lots of things I just cant imagine of right now - its all the natural way of people working together with no third instance between them (server) - its thrustworthy and scaling

    pls tell me about the plans on this feature
    Sunday, February 11, 2007 4:01 PM
  • Hi,

    I would also like to know whether there have been some changes in the Feb CTP, which would enable client-to-client communication as described above ?

    kind regards immanuel
    Tuesday, February 13, 2007 2:05 PM
  • No, no changes in this area. The communication stack relies on the communication stack that is available to Javascript/browser.

    -mark
    Program Manager
    Microsoft
    This post is provided "as-is"

    Tuesday, February 13, 2007 6:42 PM
  • Hi,

    thank you for answering. Unfortunately the Javascript sandbox is limited to only calling addresses of the same domain. However it remains a burning question to me, whether you still plan to integrate direct inter machine / inter browser communication capabilities for the kind of scenarios previously described. Perhaps with the integration of the CLR ?

    Please give us a short hint on this

    Thanks, Immanuel
    Sunday, February 25, 2007 3:48 PM