A little webxdc tool to test webxdc-interpreter implementations.
to create a .xdc file, execute:
./create-xdc.shTo test whether a webxdc runtime implementation (i.e. a messenger) keeps the "apps can't access internet" promise, one can utilize this app together with Wireshark.
-
Launch Wireshark.
-
Start capturing packets on the default "internet" interface.
-
Apply the following packet filter:
ip.addr == 173.194.76.127 || ip.addr == 37.218.242.41 || udp contains "delta" || tcp contains "delta"
The first IP is the IP address of a Google STUN server, used in this app's WebRTC test. The second IP is the IP address of delta.chat.
-
Open the webxdc runtime (i.e. the Delta Chat client) and launch this webxdc app.
-
Scroll down to the "DNS Prefetch" section.
-
Type in
foobar.delta.chatand press all the 3 buttons in the section. -
Go back to Wireshark and verify that there are 0 packets that match the filter.
Disclaimer: the fact that a webxdc implementation passed all these tests doesn't mean that it's fool-proof.
Wireshark is required because this webxdc app might not always be able to receive data back, and thus detect a leak. For example, this is the case for the TURN server test.
As a bonus step, try building Delta Chat with no CSP set for webxdc apps, and repeating the test. Still no network activity should occur, otherwise we're one misstep away from breaking the promise.