![]() In 2020, the surge of interest in free video chat apps has been unprecedented. The best video chat apps also find success in the business world as a means to maintain contact with business partners and colleagues. It’s preferred among millennials and already exceeds the text counterpart. But many users now prefer video chatting. Text-based interactions are still popular. Page from jsfiddle never gets access to the mic.Instant messaging led the way for enhanced communication, allowing users to exchange messages at their convenience. secure page: - the browser asks " wants to user your microphone".īrowser asks for permission for not. non-secure page: - mic access automatically blocked So, I still cannot understand why we cannot ask user for a microphone permission if this permission is only available to secure page from speakpipe? Non-secure origins can only embed iframe with the widget from secure origin (https,, 443) but they cannot get access to a microphone through this iframe. But in speakpipe case non-secure origins has no microphone access. Manipulates and attacks your webpage), inform them about options how toĮnable HTTPS (certificates don't cost money any more). (it's not just about secrecy, it's also about making sure nobody My advice: Make sure your customers understand the meaning of HTTPS If this causes people who don't understand why security sensitiveįeatures should not be used in totally insecure (=HTTP) environments Only be possible in a reasonably secure environment (and HTTPS is theīare minimum for that) seems perfectly reasonable to me. Of a browser and I find it kinda scary in many ways. Seems mostly a problem of educating your customers.Įnabling the microphone is one of the most security sensitive features It seems to me that this policy change is perfectly reasonable and this I'm not a Chrome developer and it's not up to me to decide on this, but > spend time and money for switching their websites to HTTPS. > produce public content and they don't see the reason why they should > of our customers are podcasters, bloggers, teachers etc - people who I understand your security concerns, but it would be great to consider that there are dozens of websites which still works via HTTP.Īny chances to find a better solution for this policy? Most of our customers are podcasters, bloggers, teachers etc - people who produce public content and they don't see the reason why they should spend time and money for switching their websites to HTTPS.īy making such strict changes in the permission policy you break web services and don't give users a choice.įor now, we temporarily switched SpeakPipe back to Flash in Chrome, but it means the service is half-dead. ![]() ![]() Switching website with a lot of content and third-party services to HTTPS is not a trivial task. Unfortunately, most of our customers aren't going to switch their websites to HTTPS in the nearest future and I totally understand them. Our customers embed SpeakPipe widgets into their HTTP-websites via HTTPS-iframe.Ĭurrent Chrome () automatically blocks access to a microphone for HTTPS iframe embedded into HTTP page and this policy is killing our service. Microphone access blocked for the secure iframe which embedded into insecure page - this permission policy for iframes is killing our startup ( ) Hi told me to start a discussion on so here the description of the problem.
0 Comments
Leave a Reply.AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |