Integrating jitsi video conferencing

[quote=482620:@Tomas Jakobs]you do not need width and height if you have made use of proper css and you want to maintain auto resize. You may check my software. I’ve tried the same but not as website but as desktop client app for windows. But I failed to get running mic and webcam due bad implementation of Chromium Engine (CEFv3) in XOJO.

Here’s the link: https://jakobssystems.net/downloads/jitsi-client-0-1.zip[/quote]
The implementation is using the “file://” protocol due to local folderitem usage. You “must” use remote “https://” or a local webserver “http://” is allowed on the loopback interface (like stand alone web app) to use the system’s microphone and camera in CEF (HTMLViewer). I suggest developing a simple web application, implement the App.HandleURL and return the html code, run it by using the Shell class from the main application then should be able to run it using microphone and camera etc. In the HTMLViewer you’d just do HTMLViewer1.LoadURL(“http://localhost:8080/mymeeting”)

for reasons this is a very bad design:

  1. same what Zoom did last year remaining all Macs quite open to malware and pranksters using webcams and Microphones remotely.

  2. same what Electron does. 1 Mio alien, unknown code as overhead just for a few lines of own code? Doesn’t sound effective, does it?

  3. there is a switch for CEF “enable-media-stream” which is not enabled somehow. I am not familiar with CEF or how it is integrated in XOJO, but there is a lot of software with CEF which is running with enabled webcams and microphones.

[quote=482628:@Tomas Jakobs]for reasons this is a very bad design:

  1. same what Zoom did last year remaining all Macs quite open to malware and pranksters using webcams and Microphones remotely.

  2. same what Electron does. 1 Mio alien, unknown code as overhead just for a few lines of own code? Doesn’t sound effective, does it?

  3. there is a switch for CEF “enable-media-stream” which is not enabled somehow. I am not familiar with CEF or how it is integrated in XOJO, but there is a lot of software with CEF which is running with enabled webcams and microphones.[/quote]

It’s not bad, it’s a browser security limitation. It’s as simple as that. Forget electron it’s not the same as xojo.Ifyou want a solution then you should try or do what’s possible now. Asking xojo to change is not going to work. It’s always possible to include some kind of hash based security but all comms on a computer will always remain insecure, as you don’t have control over someone’s computer.

You best option would be to host it behind a Https connection and point the htmlviewer to that url. Cef should allow that and xojo also.

Nope, it seems to me that’s not a browser limitation. Otherwise would you please explain, how a Chromium-Browser in Linux or the new chromium-ed Edge in Windows or even the CEF refeence browsers work? Basically they are all wrapping the same Engine like XOJO Apps would do.

What you are suggesting (and Electron, Zoom etc. do) is unsafe, dirty and bad developing style and doesn’t work with HSTS and cert-pinned domains at all. basically it’s a man in the middle scenario.

It’s true that it’s a possible M-I-T-M scenario:

Mixed (http://, https://, file://) content was removed by most current browsers, they will show you an insecure notification or even completely block the request.

You are loading a “local” file:// protocol based document, and include a script from a secure location.
See the source for example here:

<html itemscope itemtype="http://schema.org/Product" prefix="og: http://ogp.me/ns#" xmlns="http://www.w3.org/1999/html">
    <head>
        <meta charset="utf-8">
        <meta http-equiv="content-type" content="text/html;charset=utf-8">
    </head>
    <body style="margin:0;padding:0;">
        <script src="https://meet.jit.si/external_api.js"></script>
        <script>
            var domain = "meet.jit.si";
            var options = {
                roomName: "@room",
                width: @width,
                height: @height
            }
            var api = new JitsiMeetExternalAPI(domain, options);
        </script>
    </body>
</html>

it includes the script located at: “https://meet.jit.si/external_api.js” while xojo/cef loads it from a “file://” protocol. That’s called mixed content and is not allowed and not secure (M-I-T-M attacks can be done for example).

You can flag the CEFProcess executable to allow (not in Xojo apparently) it but this i would in no way recommend.

If you want it to work securely just use LoadURL(“https://my-jitsi-server.com/mymeetingname”) or something like that, having it hosted yourself. Of course i would recommend having some kind of login/hmac or whatever to secure it so it’s not accessible by everyone.

Browsers did not invent the XSS preventions for nothing.

The Jitsi Desktop Client Software works fine. It connects and can run all scripts etc. Feel free to check my link where I have put my sources. It connetcs to Jitsi instances (which have Jitsi API enabled) and works as intended though the Micophone and Webcam are not accessible. And it seems to me, that XOJOs CEF integration is quite poor (or too strict depends on your viewpoint) and missing some switches, other implementations have.

I rather consider any attempts with any webservices in between as quirk than a proper implementation of CEF.

[quote=482593:@ronaldo florendo]Hi Frank,
This is very interesting!
I am trying to follow your procedure it can’t make it work particularly
Is it possible to share your code?[/quote]

Sorry, haven’t been visting this post for a time.

I have a string-constant jitsi with the following HTML-Code:

[code]







[/code]

To show the conference, I have a push-button with the following code in the action-event:

[code]Var mPage as string
Var html as WebHTMLViewer
html = HTMLViewer1

if Session.urlconference.IndexOf(“meet.jit.si”) > -1 then
// jitsi.org
// >> Room ermitteln
// >> https://meet.jit.si/room

var room as string
room = Session.urlconference.NthField("/", 4)

if room <> “” then

if html.Visible = false then
  // HTMLViewer wird noch nicht angezeigt
  // jitsi vorbereiten
  
  mpage = Replace(jitsi, "@width", str(html.width))
  mPage = Replace(mPage, "@height", str(html.Height))
  mPage = Replace(mPage, "@room", room)
  
  html.Visible = true
  html.LoadPage(mPage)
  
else
  html.URL = ""
  html.Visible = false
  
end if

else
// Zwar jitsi, aber keinen Raum angegeben
ShowURL(Session.urlconference, true)

end if

else
// Kein jitsi
ShowURL(Session.urlconference, true)

end if[/code]

Hope that helps.

Hi. What is Session.urlconference?
A string property in Session?

[quote=486771:@Juan Carlos Alcedo Velarde]Hi. What is Session.urlconference?
A string property in Session?[/quote]
Yes. For example https://meet.jit.si/room123 where room123 is the room wher you will meet.

Thanks for your answer.
I added a property called urlconference in Session and made the default value https://meet.jit.si/room123
I got this error: There is more than one item with this name and it’s not clear to which this refers. If Session.urlconference.IndexOf(“meet.jit.si”) > -1 then
The error showed with 2018r3 and not in 2019r3.1

@Carlos: It would be helpfull to see your code.

Hi Frank, here is my code following your sample code (not working for me)

https://gofile.io/?c=x3YBGh

Please help me to work fo this. Thanks.

Hi Ronado. Here are some modifications to your code per Frank instructions.
It worked here with 2019r3.1
link text

Thanks Juan. Now I understand how it should be coded.

Hello all.
I had embbeded jitsi in an webHtmlviewer and running in debug mode in my mac, works fine… It recognize my mac’s devices (vidieo & mic) without any problem.
When I deployed the web app in a server the runs OK In the web browser but my mac‘’s devices are not recognized.
Any advise in order to sol this ?
May be a port that have to be opened ?

Did you try to embedd jitsi with the jitsi API-call as mentioned above? Or did you try to embedd jitsi with an iframe? In this case you should allow camera and microphone like this:

<iframe src="https://meet.jit.si/mytestroom" allow="camera;microphone" width="800" height="600"></iframe>

When not in debug, SSL needed.