- From: Lenny via GitHub <sysbot+gh@w3.org>
- Date: Thu, 18 Nov 2021 16:45:57 +0000
- To: public-webrtc-logs@w3.org
To be honest, I find this approach kind of a hack and believe it's desirable to just prohibit creating `RTCPeerConnection` instances: 1. It's confusing that one can create a peer connection at all if WebRTC was _disabled_ (I know the policy is described differently now) in the CSP policy. I mean, what's the point? Or is there a use case I'm missing? 2. Harald makes a good example on how easy it is to miss something that still allows to ping somewhere via WebRTC. I'm imagining there are further loopholes if one is just crafty enough, potentially via the use of SDP, e.g. spoofing local mDNS ICE candidates. I'd rather not enter that rabbit hole and just fence it off entirely, at least with the on/off switch that it's supposed to be. -- GitHub Notification of comment by lgrahl Please view or discuss this issue at https://github.com/w3c/webrtc-extensions/pull/81#issuecomment-973046661 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Thursday, 18 November 2021 16:45:59 UTC