Re: New uri type for language around blob, filesystem...

I just ran into this today when I was trying to figure out why getUserMedia wasn’t working with Content Security Policy.

I wrote up a series of media-src testcases with getUserMedia. You can run them in your browser at http://csp-and-gum.herokuapp.com/ and you can see the source code at https://github.com/jbuck/csp-and-gum

To have getUserMedia work with CSP in Chrome and Firefox I needed to set my policy to "media-src: 'self' mediastream:”

I’ve documented the mediastream: type on MDN at https://developer.mozilla.org/en-US/docs/Security/CSP/CSP_policy_directives#Data but it probably should be documented in the spec as well, because it wasn’t documented at all from Goggling for my specific issue.

Received on Tuesday, 3 December 2013 07:01:39 UTC