Re: [webrtc-extensions] Add a CSP check to RTCPeerConnection.constructor(). (#81)

My rationale was that putting it here makes everything simpler -- there's one entry point, so this just cuts the whole thing off at the source, which is easier to reason about than if we had to track down all of the places where network activity might happen lazily. Though this opens up the question of what should we do if we find ourselves wanting to add finer-grained permissions?

This is  perhaps another argument in favor of using Permissions-Policy or such instead of CSP, though that doesn't solve the practical problem of errors where apps don't expect them.

-- 
GitHub Notification of comment by zenhack
Please view or discuss this issue at https://github.com/w3c/webrtc-extensions/pull/81#issuecomment-853257894 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Wednesday, 2 June 2021 17:51:42 UTC