[Webkit-unassigned] [Bug 182638] Iframe allow="geolocation; microphone; camera; midi; encrypted-media; "
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu Apr 5 10:55:16 PDT 2018
https://bugs.webkit.org/show_bug.cgi?id=182638
--- Comment #14 from kenma <kenma9123 at gmail.com> ---
Isn't that's the original thread creator was referring to? Anyway here's a sample from JotForm (https://www.jotform.com/80945014172957). They have widgets, and widgets are served from a different domain. That widget access the microphone to make a recording. On Safari 11 when you record, check the console it will log about "Trying to call getUserMedia from a document with a different security origin than its top-level frame." and when you load this on STP the error is "SecurityError: The operation is insecure."
This started happening when the webkit policy on iframe have been applied (https://dev.chromium.org/Home/chromium-security/deprecating-permissions-in-cross-origin-iframes) - just like the thread creator was referring to.
Other browsers like Chrome and Firefox has no problem just with Safari.
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20180405/cc4cc871/attachment-0002.html>
More information about the webkit-unassigned
mailing list