Re: [webrtc-extensions] Add a CSP check to RTCPeerConnection.addIceCandidate(). (#81) from Anne van Kesteren via GitHub on 2021-11-19 (public-webrtc-logs@w3.org from November 2021)

From: Anne van Kesteren via GitHub <sysbot+gh@w3.org>
Date: Fri, 19 Nov 2021 08:16:26 +0000
To: public-webrtc-logs@w3.org
Message-ID: <issue_comment.created-973853662-1637309784-sysbot+gh@w3.org>

The model I aimed for is consistency with the other networking APIs. All failures there are essentially surfaced as if there was a network error. This could be a DNS error, a CORS failure, a CSP failure, blocking of Mixed Content, etc.

It seemed to me that if we put this check in the same place that we block ports and such, it should be okay, but apparently there's other ways? Do those other ways end up bypassing other checks they shouldn't?

-- 
GitHub Notification of comment by annevk
Please view or discuss this issue at https://github.com/w3c/webrtc-extensions/pull/81#issuecomment-973853662 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Friday, 19 November 2021 08:16:28 UTC