- From: youennf via GitHub <sysbot+gh@w3.org>
- Date: Sat, 27 Jul 2019 00:24:36 +0000
- To: public-webrtc-logs@w3.org
There does not seem to be any privacy issue since only mode 1 is allowing multiple interfaces and host candidates should already have exposed the IP address. I would tend though to make it consistent with other parts of the spec and state that this field must remain null as long as the corresponding address is not already exposed to the web page as a host candidate. This could for instance leak information in a weird case where only STUN/TURN is allowed but on multiple interfaces. It seems that Chrome might be implementing this, @alvestrand, @tQsW? Would it be possible to consider switching to a "DOMString? hostCandidate"? Also, is it too late to have the port as another member field for consistency with other places, hence hostAddress, hostPort? -- GitHub Notification of comment by youennf Please view or discuss this issue at https://github.com/w3c/webrtc-pc/issues/2230#issuecomment-515635157 using your GitHub account
Received on Saturday, 27 July 2019 00:24:37 UTC