New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
firefox-unwrapped: fix drmSupport option #109133
Conversation
EME is enabled by default, so adding --enable-eme=widevine is a noop. This means that firefox was always being built with DRM support, even with drmSupport set to false.
I'm against merging this as is, as it changes the de-facot default, even though the default is broken, as you've pointed out. Although I don't really know what the best solution would be, either. We could always go the "a documented bug isn't a bug" route and just add something to the release notes saying "Firefox DRM was mistakenly enabled by default, because the option to disable it, which was and is set to false, was broken. That option was fixed and now it is actually disabled by default. To re-enable it, put this (overlay, whatever, something, idk) into your configuration." |
I had a look through the Firefox source code, and the only change this option makes is whether the following options are enabled by default:
So it doesn’t actually leave out support for anything. I assume this means that if a user had previously enabled DRM, updating Firefox to one built with drmSupport set to false wouldn’t suddenly disable it for them. On the other hand, it would also remove the UI that would allow them to turn it off. I wonder if there might be a middle ground here — what if we make drmSupport mean “does Firefox prompt the user to install Widevine?”. We could then leave the checkbox in about:preferences enabled, but disable the prompt when a website tries to use DRM. That way, we wouldn’t be artificially complicating enabling DRM for a user that wants to succumb to it, but Firefox wouldn’t be going out of its way to tell them to do it either. |
Can you verify that assumption? If not, I can maybe look into how Firefox actually behaves when this changes, soonish.
That sounds like it might be a reasonable option, yes. How would we implement that? Also, maybe some of the people maintaining Firefox now (that's @mweinelt and @lovesegfault) have some input on this. |
I'm fine with changing the default behavior, but not with breaking people's setups. In other words, if this change means future users need to take an extra step to enable DRM, that's okay IMO. If, on the other hand, it meant people currently using FF with DRM (myself) have to go do something to get it to work, I'm less receptive to it. From the discussion here, it seems to be the former, as it only changes some default configs, which is perfectly fine with me. Before merging, ideally, someone would test:
Finally, we have to be careful changing FF defaults because of the copyright issues. If we stray from what Mozilla deems acceptable defaults we have to disable all the FF branding and so on. I have no idea how to check this though. In the past, for Thunderbird, I just asked on MozIRC until I got someone to say it was alright. That IRC is gone now, but maybe Matrix might be the place to ask? |
I marked this as stale due to inactivity. → More info |
I consider this a bug in our build and I'm fine with merging this, but I do see the point that we should point out via release notes that this bug existed, was squashed and how to reenable DRM if one feels the need to. |
Most people don't feel like but they are required to watch something. If you need to recompile firefox just to watch some videos you already paid for and could in the past is a terrible user experience. |
If you want DRM you can use firefox-bin for all I care. |
Thats great to know and I need to remember that. Do we have any knowledge what most people are using right now? If a lot of people need to switch to firefox-bin we should think about something else. Watching Netflix or Amazon Prime is something a lot of are doing. |
I just verified what Alyssa said in #109133 (comment). I also checked
The nagbar itself enables
I think we can write a sufficiently clear release notes entry from these infos and I might do it if @alyssais isn't interested in this change anymore. |
It gets disabled and needs to be manually reenabled.
Yes. Setting
via |
The question is, how trivial would it be for an average user to come up with that - what kind of web search will they perform and how likely they long will it take them to find the issue. I did a quick search of "firefox no drm" and I haven't found a website mentioning these config options, hence I downvote 👎 the change in it's current form. Taking the change here as a start, I think we also need to enable |
I originally posted these comments in https://matrix.to/#/#mozilla:nixos.org:
This option, to me, seems like a not great option for us to apply ourselves, since it sort of silently breaks stuff in surprising ways for someone who doesn't know they have drm disabled. From the perspective of principles it doesn't feel like a significantly complicated issue: setting drmSupport to true doesn't appear to actually do anything that harms the user except for defers the "okay but actually do you want to download the stuff?" choice to run-time. To me, this feels like a fairly respectful way to give the user the choice, and I don't think it warrants disabling that prompt in our default build. |
In NixOS#109133 @alyssais discovered that the drmSupport flag stopped working. This is because Mozilla decided around Firefox 51 (mozbz#1289634) to swap the default values and our flag was asking for the wrong thing all along. Since this flag has now been enabled for multiple years, disabling it would mean a regression for our users. Leaving it enabled should be unproblematic since it only controls whether Firefox shows the EME nagbar, that allows to enable Widevine CDM, when a site requests it. The choice is therefore completely up to the enduser. Disabling this nagbar is still possible at runtime by setting `browser.eme.ui.enabled` to `false`. If Widevine CDM was inadvertently enabled it can be disabled at `media.gmp-widevinecdm.enabled`. Supersedes: NixOS#109133
Closed via #166078 |
Motivation for this change
EME is enabled by default, so adding --enable-eme=widevine is a noop. This means that firefox was always being built with DRM support, even with drmSupport set to false.
I’ve been sitting on this commit for two years, because I’m not sure what the right thing to do about this now. In the years it’s been broken, people have probably come to expect the Firefox in Nixpkgs to have DRM enabled by default. Especially since AIUI Firefox still prompts the user to agree before downloading the Widevine blob on Linux.
On the other hand, there’s this comment:
https://github.com/alyssais/nixpkgs/blob/464dee9a9beb22f651c1ddb95fd32ab38870c304/pkgs/applications/networking/browsers/firefox/common.nix#L35
This commit currently errs on the side of following the intended functionality of the code by disabling DRM at compile time, even though that’s not the result it’s actually produced (at least for a long time).
Whichever of those two options we pick, the status quo is clearly not right, because we have a drmSupport option that doesn’t actually do anything.
Things done
sandbox
innix.conf
on non-NixOS linux)nix-shell -p nixpkgs-review --run "nixpkgs-review wip"
./result/bin/
)nix path-info -S
before and after)