Re: Sandboxing usage of RTCPeerConnection?

Well, I don't see a problem with a change in behavior that only takes
effect when
a CSP directive is set...


On Mon, Aug 17, 2015 at 6:17 AM, Dominique Hazael-Massieux <>

> On 17/08/2015 15:15, Eric Rescorla wrote:
>>     How about a CSP directive that enables RTCPeerConnection for
>>     embedded contexts from specific origins and defaults to false for
>>     other than self?
>> Seems like a question for WebAppSec. It's not like this is the only
>> thing that's
>> problematic in IFRAMEs
> I'm happy to take the question to WebAppSec, but it would probably be
> useful to understand first if the group who owns WebRTC would be
> comfortable with such a policy change :)
> Dom

Received on Monday, 17 August 2015 13:22:52 UTC