<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=Windows-1252">
</head>
<body>
<div dir="ltr">
<div></div>
<div style="">
<div dir="ltr">So the incoming request, Verto, WebRTC, SIPJS, whatever still gets authenticated with whatever credentials the web page supplies.</div>
<div dir="ltr"><br>
</div>
<div dir="ltr">So you could set up anonymous registration, and validate the credentials in the dial plan. <span></span></div>
<div dir="ltr"><br>
</div>
<div dir="ltr">You could dynamically validate the user and password and use those as tokens.</div>
<div dir="ltr">You could also enforce only certain CODECs, for instance Opus, and anyone not using any of those would weed out most scripts.<span></span></div>
<div dir="ltr"><br>
</div>
<div dir="ltr">These measures, and Fail2Ban will prevent some unauthorized access but won’t help with DDoS or anyone actively looking to cause trouble (if an authentication token is provided by HTTPS its trivial to grab that if someone really wants to be malicious).</div>
<div dir="ltr"><br>
</div>
<div dir="ltr">Most other options would be expensive (hide behind CloudFlare) or onerous (use a CAPTCHA as authentication). It comes down to balancing requirements.</div>
<div dir="ltr"><br>
</div>
<div dir="ltr">If a client asked this from me we’d propose a one-time code provided on a Verto client that had a ten second timeout for login. </div>
<div dir="ltr"><br>
</div>
<div dir="ltr"><br>
</div>
<div dir="ltr"><br>
</div>
<div dir="ltr">The issue is </div>
</div>
<div id="id-266c6d02-10dc-46d3-8054-a32b5c9cd621" class="ms-outlook-mobile-reference-message">
<hr style="display: inline-block; width: 98%; font-family: -webkit-standard; font-size: 12pt; color: rgb(0, 0, 0);" tabindex="-1">
<div id="divRplyFwdMsg" dir="ltr"><font face="Calibri, sans-serif"><b>From:</b> FreeSWITCH-users <freeswitch-users-bounces@lists.freeswitch.org> on behalf of kaleem rehman <k4kaleem@gmail.com><br>
<b>Sent:</b> Friday, December 3, 2021 5:08 AM<br>
<b>To:</b> freeswitch-users@lists.freeswitch.org<br>
<b>Subject:</b> Re: [Freeswitch-users] WebRTC calls one way with custom sip messages UUI
<div> </div>
</font></div>
<div dir="ltr">
<div>Hi All,</div>
<div><br>
</div>
<div>any takes on this plz.</div>
<br>
<div class="gmail_quote">
<div dir="ltr" class="gmail_attr">On Fri, Nov 26, 2021 at 5:35 PM kaleem rehman <<a href="mailto:k4kaleem@gmail.com">k4kaleem@gmail.com</a>> wrote:<br>
</div>
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex; border-left:1px solid rgb(204,204,204); padding-left:1ex">
<div dir="ltr">Hi Kaiduan,
<div><br>
</div>
<div>thanks for looking into it.</div>
<div><br>
</div>
<div>Verto looks cool. we have no restriction as to what to use. main item is to attach data to call so sip client at end user can strip and show data to agent.</div>
<div><br>
</div>
<div>no need for user to login to enter credentials, we want simple "<b>call us"</b> type button which generates a call.</div>
<div>to make it safe from attacks as server will be on cloud, we would like some sort of safety measure, either a login and pwd, which gets passed to freeswitch to verify its genuine call from a webpage or app. or some hidden message within the generate call
command so freeswitch can verify and drop any calls which arent from right source so answering party doesnt get too many junk calls from random bots who discover port is open on Cloud FS.</div>
<div><br>
</div>
<div>Regards,</div>
<div>K<br>
<div>---------- Forwarded message ----------<br>
From: kaiduan xie <<a href="mailto:kaiduanx@yahoo.ca" target="_blank">kaiduanx@yahoo.ca</a>><br>
To: "<a href="mailto:freeswitch-users@lists.freeswitch.org" target="_blank"><span>freeswitch</span>-users@lists.freeswitch.org</a>" <<a href="mailto:freeswitch-users@lists.freeswitch.org" target="_blank"><span>freeswitch</span>-users@lists.freeswitch.org</a>><br>
Cc: <br>
Bcc: <br>
Date: Fri, 26 Nov 2021 02:57:01 +0000 (UTC)<br>
Subject: Re: [<span>Freeswitch</span>-users] WebRTC calls one way with custom sip messages UUI<br>
<div>
<div style="font-family:"Helvetica Neue",Helvetica,Arial,sans-serif; font-size:13px">
<div></div>
<div dir="ltr">You can use JSON based VERTO protocol instead of SIP to make things easier. Does the user have to login in FS?</div>
<div dir="ltr"><br>
</div>
<div dir="ltr">/Kaiduan</div>
<div><br>
</div>
</div>
<div id="gmail-m_488690031935877251gmail-m_5497511137806875249yahoo_quoted_7966785432">
<div style="font-family: "Helvetica Neue", Helvetica, Arial, sans-serif; font-size: 13px; color: rgb(38, 40, 42);">
<div>On Thursday, November 25, 2021, 03:30:52 p.m. EST, kaleem rehman <<a href="mailto:k4kaleem@gmail.com" target="_blank">k4kaleem@gmail.com</a>> wrote:</div>
<div><br>
</div>
<div><br>
</div>
<div>
<div id="gmail-m_488690031935877251gmail-m_5497511137806875249yiv2021605164">
<div dir="ltr">
<div>
<div dir="ltr">
<div dir="ltr"> Salaam Ehtasham,
<div><br>
</div>
<div>we are looking to use JSSIP or SIPJS, we are flexible and can look into SIPML if for any reason we have to.</div>
<div><br>
</div>
<div>Regards,</div>
<div>Kaleem<br>
<div><br>
</div>
</div>
</div>
<div dir="ltr">---------- Forwarded message ----------<br>
From: Ehtasham Ul-Haq <<a href="mailto:ehtasham.malik@expertflow.com" rel="noreferrer noopener" target="_blank">ehtasham.malik@expertflow.com</a>><br>
To: <span>FreeSWITCH</span> Users Help <<a href="mailto:freeswitch-users@lists.freeswitch.org" rel="noreferrer noopener" target="_blank"><span>freeswitch</span>-users@lists.<span>freeswitch</span>.org</a>><br>
Cc: Ahmed Hasan <<a href="mailto:ahmad.hasan@expertflow.com" rel="noreferrer noopener" target="_blank">ahmad.hasan@expertflow.com</a>><br>
Bcc: <br>
Date: Thu, 25 Nov 2021 15:28:31 +0500<br>
Subject: Re: [<span>Freeswitch</span>-users] WebRTC calls one way with custom sip messages UUI<br>
<div dir="ltr">Hi
<div>Which Library you are using to start a call from Website ? <br clear="all">
<div>
<div dir="ltr">
<div dir="ltr">
<div>
<div dir="ltr">
<div>
<div dir="ltr">
<p dir="ltr" style="font-size:12.8px; line-height:1.656; margin-top:0pt; margin-bottom:0pt">
<span style="font-family:Arial; vertical-align:baseline; white-space:pre-wrap">Malik Ehtasham, CTI Product Manager / Technical Lead (Mr. )
</span></p>
<p dir="ltr" style="font-size:12.8px; line-height:1.656; margin-top:0pt; margin-bottom:0pt">
<span style="font-size:14.6667px; font-family:Arial; vertical-align:baseline; white-space:pre-wrap"><img src="https://lh6.googleusercontent.com/yE5sw1FNhk7A8YXwHvqJ_1eoUhx6Rly7EZQn8JVLClQgesUimaC5FBhoqcjL_0TiGnF8-z4kSqJywWlkYPcySl1rLcS18hzt1PbCqtGbvbtl6TVHQlFadPziihRZ17vCkCMArghS" width="128" height="27" style="border:none"></span><span style="font-size:10.6667px; font-family:Arial; vertical-align:baseline; white-space:pre-wrap">
WWW:</span><span style="font-size:10.6667px; font-family:Arial; vertical-align:baseline; white-space:pre-wrap"><img src="https://lh4.googleusercontent.com/4Imm7d5fvTo1pttR1BIKC8HO8j5SLyBZTB8tWImJUvl8pOlWGLXnQW8yrpknZc1LXvs6Fh7Dqnb7364OiYyUY9k5ZrAhlHaERf2ydHCwilnMDEstZGguJryPOTargVvyKGpl6nE4" width="20" height="20" alt="domain2.png" style="border:none"></span><span style="font-size: 10.6667px; font-family: Arial; color: rgb(0, 0, 0); vertical-align: baseline; white-space: pre-wrap;">.</span><a href="http://www.expertflow.com/" rel="noreferrer noopener" target="_blank" style="text-decoration-line:none"><span style="font-size:10.6667px; font-family:Arial; text-decoration-line:underline; vertical-align:baseline; white-space:pre-wrap">expertflow.com</span></a><span style="font-size: 10.6667px; font-family: Arial; color: rgb(0, 0, 0); vertical-align: baseline; white-space: pre-wrap;">
FB: </span><span style="font-size: 10.6667px; font-family: Arial; color: rgb(0, 0, 0); vertical-align: baseline; white-space: pre-wrap;"><img src="https://lh4.googleusercontent.com/ZmZn4kweCNMrzi5Zjmsr2loQXwEvy7YJrbZwqYTWi4Bqup-UwrvpcQxq-A1YDFDCLhAkWNQYumaiQNG6afNtDeXaTw0yUBr2U-O2JJlDabZnS--zxd7yH30FH_IFUe1J9FlyrbGB" width="20" height="20" alt="FB-f-Logo__blue_29.png" style="border:none"></span><a href="https://www.facebook.com/Expertflow" rel="noreferrer noopener" target="_blank" style="text-decoration-line:none"><span style="font-size:10.6667px; font-family:Arial; text-decoration-line:underline; vertical-align:baseline; white-space:pre-wrap">/Expertflow</span></a><span style="font-size: 10.6667px; font-family: Arial; color: rgb(0, 0, 0); vertical-align: baseline; white-space: pre-wrap;">
LinkedIn: </span><span style="font-size: 10.6667px; font-family: Arial; color: rgb(0, 0, 0); vertical-align: baseline; white-space: pre-wrap;"><img src="https://lh5.googleusercontent.com/HzDSRgDd2E4VUiBy-0DSRNHL3QtiO9lr1fNhxei91YVvqS7DtXWRn7mNNXL1i0gNqft_P8XHwy7vgsyTpMkjGU7DyYWZqXWrBAMDYgBH8hdIxSK_pZHsOdl-m2EQguC-MM4Yr4WL" width="20" height="20" alt="linkedIn.png" style="border:none"></span><span style="font-size: 10.6667px; font-family: Arial; color: rgb(0, 0, 0); vertical-align: baseline; white-space: pre-wrap;">
</span><a href="https://www.linkedin.com/company/expertflow" rel="noreferrer noopener" target="_blank" style="text-decoration-line:none"><span style="font-size:10.6667px; font-family:Arial; text-decoration-line:underline; vertical-align:baseline; white-space:pre-wrap">/company/expertflow</span></a><span style="font-size: 10.6667px; font-family: Arial; color: rgb(0, 0, 0); vertical-align: baseline; white-space: pre-wrap;">
Youtube: </span><span style="font-size: 10.6667px; font-family: Arial; color: rgb(0, 0, 0); vertical-align: baseline; white-space: pre-wrap;"><img src="https://lh3.googleusercontent.com/GKiZ4L3ynQ1utfAyUYDanJa3m5fBMvvx103k3F6mAoy-AFAmB5W551GUF5T5lrtFglf_59-Mr4Pop-aJNTVrErEf7iPUbdF-BiAu0Vf-XVfyH6lyG6eElH9KERA5F_n1O81aorHZ" width="20" height="20" alt="YouTube-social-square_red_128px.png" style="border:none"></span><a href="https://www.youtube.com/user/expertflow" rel="noreferrer noopener" target="_blank" style="text-decoration-line:none"><span style="font-size:10.6667px; font-family:Arial; text-decoration-line:underline; vertical-align:baseline; white-space:pre-wrap">/user/expertflow</span></a><span style="font-size: 10.6667px; font-family: Arial; color: rgb(0, 0, 0); vertical-align: baseline; white-space: pre-wrap;">
Twitter: </span><span style="font-size: 10.6667px; font-family: Arial; color: rgb(0, 0, 0); vertical-align: baseline; white-space: pre-wrap;"><img src="https://lh4.googleusercontent.com/f_tOrZI3b6KehzlZtPBbTKluAO4evCj-GQJfR0GuA75aAOa2vqTQG2UENzBbumoI4efX9xwqYNe6k0vV25_KxTPSjWeE69wvKaaKbd41Fdg42ljQkLsjvHC4_oaN5KFFMz9me_SB" width="20" height="20" alt="twitter.JPG" style="border:none"></span><a href="https://twitter.com/Expertflow" rel="noreferrer noopener" target="_blank" style="text-decoration-line:none"><span style="font-size:10.6667px; font-family:Arial; text-decoration-line:underline; vertical-align:baseline; white-space:pre-wrap">/Expertflow</span></a></p>
<span style="font-size:10.6667px; font-family:Arial; vertical-align:baseline; white-space:pre-wrap"><font color="#0000ff" style="">361 Model Town Lahore Pakistan</font> ; Mobile +</span><span style="font-size: 10.6667px; font-family: Arial; color: rgb(17, 85, 204); vertical-align: baseline; white-space: pre-wrap;">92
3347815664</span><span style="font-size:10.6667px; font-family:Arial; vertical-align:baseline; white-space:pre-wrap">; email, Cisco Spark and Google Talk:
<font color="#0000ff" style="">ehtasham.malik</font></span><span style="font-size:10.6667px; font-family:Arial; vertical-align:baseline; white-space:pre-wrap"><a href="mailto:andreas.stuber@expertflow.com" rel="noreferrer noopener" target="_blank"><font color="#0000ff" style="">@expertflow.com</font></a></span><span style="font-size:10.6667px; font-family:Arial; vertical-align:baseline; white-space:pre-wrap">;
Skype:</span><span style="font-size:10.6667px; font-family:Arial; vertical-align:baseline; white-space:pre-wrap"><font color="#0000ff" style=""><a href="http://andreas.stuber.expertflow.com/" rel="noreferrer noopener" target="_blank" style="text-decoration-line:none; font-size:12.8px">
</a><u>shani.awan3</u></font></span><br>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<br>
</div>
</div>
<br>
<div>
<div dir="ltr">On Thu, Nov 25, 2021 at 4:16 AM kaleem rehman <<a href="mailto:k4kaleem@gmail.com" rel="noreferrer noopener" target="_blank">k4kaleem@gmail.com</a>> wrote:<br>
</div>
<blockquote style="margin:0px 0px 0px 0.8ex; border-left:1px solid rgb(204,204,204); padding-left:1ex">
<div dir="ltr">Hi All,
<div><br>
</div>
<div>our requirement is simple, we will have CALL US button on website</div>
<div><br>
</div>
<div>when they click, we want a call generated to our FS Server via WebRTC (no need for calls from FS to Users, it will be one way only from User to Server.</div>
<div><br>
</div>
<div>With call we want to send additional data like URL of page they on, login if they are logged in.</div>
<div>we can get data like URL and userlogin but want to sent it with SIP call as SIP Message (Probably as USER to USER Information) so we can pull at other end.</div>
<div><br>
</div>
<div>any ideas of achieving this</div>
<div>Thanks,</div>
<div>Kaleem</div>
</div>
_________________________________________________________________________<br>
<br>
The <span>FreeSWITCH</span> project is sponsored by SignalWire <a href="https://signalwire.com/" rel="noreferrer noopener" target="_blank">https://signalwire.com</a><br>
Enhance your <span>FreeSWITCH</span> install with disruptive priced SMS and PSTN services.<br>
Build your next product on our scalable cloud platform.<br>
<br>
Join our online community to chat in real time <a href="https://signalwire.community/" rel="noreferrer noopener" target="_blank">https://signalwire.community</a><br>
<br>
Professional <span>FreeSWITCH</span> Services<br>
<a href="mailto:sales@freeswitch.com" rel="noreferrer noopener" target="_blank">sales@<span>freeswitch</span>.com</a><br>
<a href="https://freeswitch.com/" rel="noreferrer noopener" target="_blank">https://<span>freeswitch</span>.com</a><br>
<br>
Official <span>FreeSWITCH</span> Sites<br>
<a href="https://freeswitch.com/oss" rel="noreferrer noopener" target="_blank">https://<span>freeswitch</span>.com/oss</a><br>
<a href="https://freeswitch.org/confluence" rel="noreferrer noopener" target="_blank">https://<span>freeswitch</span>.org/confluence</a><br>
<a href="https://cluecon.com/" rel="noreferrer noopener" target="_blank">https://cluecon.com</a><br>
<br>
<span>FreeSWITCH</span>-users mailing list<br>
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org" rel="noreferrer noopener" target="_blank"><span>FreeSWITCH</span>-users@lists.freeswitch.org</a><br>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" rel="noreferrer noopener" target="_blank">http://lists.<span>freeswitch</span>.org/mailman/listinfo/<span>freeswitch</span>-users</a><br>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" rel="noreferrer noopener" target="_blank">http://lists.<span>frees</span><span>witch</span>.org/mailman/options/<span>free</span><span>switch</span>-users</a><br>
<a href="https://freeswitch.com/" rel="noreferrer noopener" target="_blank">https://<span>freeswitch</span>.com</a></blockquote>
</div>
_________________________________________________________________________<br>
<br>
The <span>FreeSWITCH</span> project is sponsored by SignalWire <a href="https://signalwire.com/" rel="noreferrer noopener" target="_blank">https://signalwire.com</a><br>
Enhance your <span>FreeSWITCH</span> install with disruptive priced SMS and PSTN services.<br>
Build your next product on our scalable cloud platform.<br>
<br>
Join our online community to chat in real time <a href="https://signalwire.community/" rel="noreferrer noopener" target="_blank">https://signalwire.community</a><br>
<br>
Professional <span>FreeSWITCH</span> Services<br>
<a href="mailto:sales@freeswitch.com" rel="noreferrer noopener" target="_blank">sales@<span>freeswitch</span>.com</a><br>
<a href="https://freeswitch.com/" rel="noreferrer noopener" target="_blank">https://<span>freeswitch</span>.com</a><br>
<br>
Official <span>FreeSWITCH</span> Sites<br>
<a href="https://freeswitch.com/oss" rel="noreferrer noopener" target="_blank">https://<span>freeswitch</span>.com/oss</a><br>
<a href="https://freeswitch.org/confluence" rel="noreferrer noopener" target="_blank">https://<span>freeswitch</span>.org/confluence</a><br>
<a href="https://cluecon.com/" rel="noreferrer noopener" target="_blank">https://cluecon.com</a><br>
<br>
<span>FreeSWITCH</span>-users mailing list<br>
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org" rel="noreferrer noopener" target="_blank"><span>FreeSWITCH</span>-users@lists.<span>freeswitch</span>.org</a><br>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" rel="noreferrer noopener" target="_blank">http://lists.<span>freeswitch</span>.org/mailman/listinfo/<span>freeswitch</span>-users</a><br>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" rel="noreferrer noopener" target="_blank">http://lists.<span>frees</span><span>witch</span>.org/mailman/options/<span>free</span><span>switch</span>-users</a><br>
<a href="https://freeswitch.com/" rel="noreferrer noopener" target="_blank">https://<span>freeswitch</span>.com</a></div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</blockquote>
</div>
</div>
</div>
</div>
</body>
</html>