- From: Lennart Grahl via GitHub <sysbot+gh@w3.org>
- Date: Wed, 02 May 2018 14:44:10 +0000
- To: public-webrtc-logs@w3.org
@martinthomson The browser can also impersonate me. It's a question of how much you trust a specific part of the application and, granted, this level of trust can be different between sites and users. I've always advocated the opinion that if a site is compromised, there are no security guarantees for *what happens* on the site itself. It doesn't need to impersonate you. It can just create a new peer connection and send your data somewhere else. Nevertheless, I see your point that it is a rather large attack surface. -- GitHub Notification of comment by lgrahl Please view or discuss this issue at https://github.com/w3c/webrtc-pc/issues/1853#issuecomment-386002549 using your GitHub account
Received on Wednesday, 2 May 2018 14:44:13 UTC