- From: Lenny via GitHub <sysbot+gh@w3.org>
- Date: Thu, 25 Nov 2021 08:57:42 +0000
- To: public-webrtc-logs@w3.org
> Are you suggesting there are code paths specifically for non-blocked ports? That sounds rather wonky. It could very well be that I'm wrong on that. What I did was look at it from a top-down perspective. There's just a lot more places in WebRTC where connections are spawned than for example in the usual HTTP client implementation. Maybe Harald or Jan-Ivar can clarify better if that would be hard to implement. > It's not clear to me we want to reveal the CSP restrictions directly to a potential attacker. If the website wanted to convey its CSP policy it can already, right? Ok, fair. -- GitHub Notification of comment by lgrahl Please view or discuss this issue at https://github.com/w3c/webrtc-extensions/pull/81#issuecomment-978976713 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Thursday, 25 November 2021 08:57:43 UTC