zenhack
commented
3 years ago Relevant changes to the specs have been merged:
- https://github.com/w3c/mediacapture-extensions/pull/21
- https://github.com/w3c/webrtc-extensions/pull/78
Once those are actually implemented in browsers, we can use postMessage() to transfer media devices and individual data channels.
Related to #12, it would be nice if blocking the exfiltration hole provided by webrtc didn't prevent apps from making legitimate use of the functionality. Furthermore, right now (even without a block for that in place) if someone wanted to write a video conferencing app, they would run into the problem that iframes can't request mic & camera access, so I'd like to have some answer for how apps can do that sort of thing.
My ideal for this is that we'd be able to use postMessage() to transfer the relevant browser objects, so apps could request access to these from Sandstorm, much like they do for powerbox requests.
Related issue with w3c folks: https://github.com/w3c/webrtc-extensions/issues/64