Re: [webrtc-pc] `getCapabilities` seems to leak hardware capabilities w/o a permission (#2460)

The spec already has the [following text about `getCapabilities`](https://w3c.github.io/webrtc-pc/webrtc.html#methods-6):
> These capabilities provide generally persistent cross-origin information on the device and thus increases the fingerprinting surface of the application. In privacy-sensitive contexts, browsers can consider mitigations such as reporting only a common subset of the capabilities.

-- 
GitHub Notification of comment by dontcallmedom
Please view or discuss this issue at https://github.com/w3c/webrtc-pc/issues/2460#issuecomment-582281512 using your GitHub account

Received on Wednesday, 5 February 2020 07:45:10 UTC