ddbeck
commented
3 years ago Thanks for reporting this, @pinobatch. Unfortunately, I don't expect the note text to change. It's generated content used across many pages; customizing this text imposes maintenance and consistency problems across all of the API references which outweighs the benefit of modifying this particular instance.
That said, I'll leave this open. Perhaps there's some value in adding a security considerations section or similar to this area of the docs. I'll leave it someone with more domain expertise to make a judgement about that.
sideshowbarker
MDN URL: https://developer.mozilla.org/en-US/docs/Web/API/AudioWorklet
What information was incorrect, unhelpful, or incomplete?
The hatnote fails to hint at why
AudioWorkletis restricted to secure contexts.Specific section or headline?
Hatnote
What did you expect to see?
"secure" and "because" in the same sentence.
The hatnote on
AudioWorkletlinks to Secure contexts, which states that affected APIs are "powerful APIs that could further compromise the victim of an attack." I expected to see, either on theAudioWorkletpage or on the "Secure contexts" page, some sort of explanation, or a link to an explanation, of what problems could be caused if browsers were to allow use ofAudioWorkletover cleartext HTTP. One context that I have run into that is hard to make secure is between a web server on a desktop computer on a home LAN and a web browser on a mobile device on the same LAN.Did you test this? If so, how?
No testing was performed inside any web browser.
MDN Content page report details
* Folder: `en-us/web/api/audioworklet` * MDN URL: https://developer.mozilla.org/en-US/docs/Web/API/AudioWorklet * GitHub URL: https://github.com/mdn/content/blob/main/files/en-us/web/api/audioworklet/index.md * Last commit: https://github.com/mdn/content/commit/2279e5ae6c229c707a014a22aa1ec4635a0f981f * Document last modified: 2021-09-14T18:08:09.000Z