|
| 1 | + |
| 2 | +Port Range Configuration |
| 3 | +=== |
| 4 | + |
| 5 | +# Background |
| 6 | +In webview2 components like WebRTC by default allocates ports dynamically from the system’s ephemeral range. |
| 7 | +In enterprise or testing environments, developers often need deterministic or firewall-friendly port allocation. |
| 8 | + |
| 9 | +This API enables developers to configure the port range WebRTC uses for [ICE](https://developer.mozilla.org/en-US/docs/Web/API/WebRTC_API/Protocols#ice) candidates and media connections. |
| 10 | + |
| 11 | +The initial support is for **UDP**, with room to extend to **TCP** in the future. |
| 12 | + |
| 13 | +# Conceptual pages (How To) |
| 14 | + |
| 15 | +Developers can use this API to restrict WebRTC’s UDP ports to a specific range which WebRTC uses for ICE candidate and media connections. |
| 16 | + |
| 17 | +ICE stands for **Interactive Connectivity Establishment**. It is a standard method of NAT traversal used in WebRTC. It is defined in [IETF RFC 5245](https://datatracker.ietf.org/doc/html/rfc5245). ICE deals with the process of connecting media through NATs by conducting connectivity checks. |
| 18 | + |
| 19 | +Common scenarios: |
| 20 | +- Configure ports for **enterprise firewall compliance**. |
| 21 | +- Run **deterministic tests** where ICE candidate ports are predictable. |
| 22 | +- Avoid conflicts with other applications that may already use ephemeral ranges. |
| 23 | + |
| 24 | +Usage steps: |
| 25 | +1. Create `CoreWebView2EnvironmentOptions`. |
| 26 | +2. Call `SetAllowedPortRange` for `COREWEBVIEW2_TRANSPORT_PROTOCOL_KIND_UDP`. |
| 27 | +3. Pass the options when creating the WebView2 environment. |
| 28 | + |
| 29 | + |
| 30 | +# Examples |
| 31 | +### C++ Configure UDP Port Range |
| 32 | +```cpp |
| 33 | +Microsoft::WRL::ComPtr<ICoreWebView2StagingEnvironmentOptions10> optionsStaging10; |
| 34 | +if (options.As(&optionsStaging10) == S_OK) |
| 35 | +{ |
| 36 | + // Configure port ranges for WebRTC UDP traffic to work within enterprise firewalls |
| 37 | + // Set UDP port range (example: 50000-55000 for enterprise environments) |
| 38 | + const INT32 udpMin = 50000, udpMax = 55000; |
| 39 | + |
| 40 | + CHECK_FAILURE(optionsStaging10->SetAllowedPortRange( |
| 41 | + COREWEBVIEW2_TRANSPORT_PROTOCOL_KIND_UDP, udpMin, udpMax)); |
| 42 | + |
| 43 | + // Get the configured port range |
| 44 | + CHECK_FAILURE(optionsStaging10->GetAllowedPortRange( |
| 45 | + COREWEBVIEW2_TRANSPORT_PROTOCOL_KIND_UDP, &m_udpPortRange.minPort, |
| 46 | + &m_udpPortRange.maxPort)); |
| 47 | +} |
| 48 | + |
| 49 | +HRESULT hr = CreateCoreWebView2EnvironmentWithOptions( |
| 50 | + subFolder, m_userDataFolder.c_str(), options.Get(), |
| 51 | + Callback<ICoreWebView2CreateCoreWebView2EnvironmentCompletedHandler>( |
| 52 | + this, &AppWindow::OnCreateEnvironmentCompleted) |
| 53 | + .Get()); |
| 54 | +``` |
| 55 | + |
| 56 | +### C# Configure UDP Port Range |
| 57 | +```csharp |
| 58 | +var options = CoreWebView2Environment.CreateCoreWebView2EnvironmentOptions(); |
| 59 | +var optionsStaging10 = options as ICoreWebView2StagingEnvironmentOptions10; |
| 60 | +if (optionsStaging10 != null) |
| 61 | +{ |
| 62 | + // Configure port ranges for WebRTC UDP traffic to work within enterprise firewalls |
| 63 | + // Set UDP port range (example: 50000-55000 for enterprise environments) |
| 64 | + const int udpMin = 50000, udpMax = 55000; |
| 65 | + |
| 66 | + optionsStaging10.SetAllowedPortRange( |
| 67 | + COREWEBVIEW2_TRANSPORT_PROTOCOL_KIND_UDP, udpMin, udpMax); |
| 68 | + |
| 69 | + // Get the configured port range |
| 70 | + optionsStaging10.GetAllowedPortRange( |
| 71 | + COREWEBVIEW2_TRANSPORT_PROTOCOL_KIND_UDP, out m_udpPortRange.minPort, |
| 72 | + out m_udpPortRange.maxPort); |
| 73 | +} |
| 74 | + |
| 75 | +var environment = await CoreWebView2Environment.CreateAsync( |
| 76 | + subFolder, m_userDataFolder, options); |
| 77 | +OnCreateEnvironmentCompleted(environment); |
| 78 | +``` |
| 79 | + |
| 80 | +# API Details |
| 81 | +### C++ |
| 82 | +``` |
| 83 | +/// Specifies the network protocol for port configuration. |
| 84 | +[v1_enum] |
| 85 | +typedef enum COREWEBVIEW2_TRANSPORT_PROTOCOL_KIND { |
| 86 | + /// User Datagram Protocol - fast, connectionless protocol. |
| 87 | + COREWEBVIEW2_TRANSPORT_PROTOCOL_KIND_UDP, |
| 88 | +} COREWEBVIEW2_TRANSPORT_PROTOCOL_KIND; |
| 89 | +
|
| 90 | +/// Additional options used to create WebView2 Environment to manage port range configuration. |
| 91 | +[uuid(eaf22436-27a1-5e3d-a4e3-84d7e7a69a1a), object, pointer_default(unique)] |
| 92 | +interface ICoreWebView2StagingEnvironmentOptions10 : IUnknown { |
| 93 | + /// Sets the allowed port range for the specified transport protocol. |
| 94 | + /// This API enables WebView2 to operate within enterprise network or firewall |
| 95 | + /// restrictions by limiting network communication to a defined port range. |
| 96 | + /// |
| 97 | + /// Currently, only WebRTC UDP Port Range restriction is supported. |
| 98 | + /// |
| 99 | + /// `minPort` and `maxPort` must be within the range 1025–65535 (inclusive), |
| 100 | + /// and `minPort` must be less than or equal to `maxPort`. |
| 101 | + /// If `minPort` equals `maxPort`, the range represents a single port. |
| 102 | + /// |
| 103 | + /// Passing `(0, 0)` resets to the default behavior, meaning no restrictions |
| 104 | + /// are applied and the system assigns ports from the full ephemeral range. |
| 105 | + /// |
| 106 | + /// Calls with invalid ranges fail with `E_INVALIDARG`. |
| 107 | + /// |
| 108 | + /// `protocol` The transport protocol (currently only UDP is supported). |
| 109 | + /// `minPort` The minimum allowed port number (inclusive). |
| 110 | + /// `maxPort` The maximum allowed port number (inclusive). |
| 111 | + /// |
| 112 | + HRESULT SetAllowedPortRange( |
| 113 | + [in] COREWEBVIEW2_TRANSPORT_PROTOCOL_KIND protocol, |
| 114 | + [in] INT32 minPort, |
| 115 | + [in] INT32 maxPort |
| 116 | + ); |
| 117 | +
|
| 118 | + /// Retrieves the allowed port range for the specified transport protocol. |
| 119 | + /// Returns the currently configured port range previously set via |
| 120 | + /// `SetAllowedPortRange`. |
| 121 | + /// |
| 122 | + /// By default, `(0, 0)` is returned, which indicates no restrictions are applied |
| 123 | + /// and ports are allocated from the system’s ephemeral range (1025–65535 inclusive). |
| 124 | + /// |
| 125 | + /// `protocol` The transport protocol (currently only UDP is supported). |
| 126 | + /// `minPort` Receives the minimum allowed port number (inclusive). |
| 127 | + /// `maxPort` Receives the maximum allowed port number (inclusive). |
| 128 | + /// |
| 129 | + HRESULT GetAllowedPortRange( |
| 130 | + [in] COREWEBVIEW2_TRANSPORT_PROTOCOL_KIND protocol, |
| 131 | + [out] INT32* minPort, |
| 132 | + [out] INT32* maxPort |
| 133 | + ); |
| 134 | +
|
| 135 | +
|
| 136 | +} |
| 137 | +``` |
| 138 | + |
| 139 | +### C# |
| 140 | +```csharp |
| 141 | +namespace Microsoft.Web.WebView2.Core |
| 142 | +{ |
| 143 | + enum CoreWebView2TransportProtocolKind |
| 144 | + { |
| 145 | + Udp = 0, |
| 146 | + }; |
| 147 | + |
| 148 | + runtimeclass CoreWebView2EnvironmentOptions |
| 149 | + { |
| 150 | + [interface_name("Microsoft.Web.WebView2.Core.ICoreWebView2StagingEnvironmentOptions10")] |
| 151 | + { |
| 152 | + // ICoreWebView2StagingEnvironmentOptions10 members |
| 153 | + void SetAllowedPortRange(CoreWebView2TransportProtocolKind protocol, Int32 minPort, Int32 maxPort); |
| 154 | + void GetAllowedPortRange(CoreWebView2TransportProtocolKind protocol, out Int32 minPort, out Int32 maxPort); |
| 155 | + } |
| 156 | + } |
| 157 | +} |
| 158 | +``` |
0 commit comments