Access camera and microphone in cross-origin iframe using getUserMedia and feature policy

default-user-image.png

If you try to access the camera and microphone using a cross-origin iframe with getUserMedia() on recent versions of Chrome, it will fail by default.

We’ve encountered this many times because users of the Pipe audio and video recording platform tried to embed Pipe into Wix sites or Google sites that used iframes to embed external HTML and JS code.

The reason stems from a series of security and privacy changes made to Chrome in 2017 and 2018:

  1. Chrome 60 introduces Feature Policies , giving developers a way to control the use of sensitive features within their sites
  2. Chrome 64 blocks cross-origin iframes by default

This article is reprinted from https://blog.p2hp.com/archives/8494
This site is for inclusion only, and the copyright belongs to the original author.

Leave a Comment