unsafely-treat-insecure-origin-as-secure no longer working in Chrome 63
836 views
Skip to first unread message
Phil Behrenberg
Dec 21, 2017, 3:50:11 PM12/21/17
to Security-dev
After Chrome updated to version 63, I can no longer locally test my WebRTC app using the unsafely-treat-insecure-origin-as-secure flag. Despite using the flag, like I have been for months, I'm now receiving the "[Deprecation] getUserMedia() no longer works on insecure origins...." error in my console.
The exact command I'm using:
/Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --user-data-dir=/Users/[user]/ChromeTestProfile --ignore-certificate-errors --unsafely-treat-insecure-origin-as-secure="http://app.[hostname].local:5000" >& /Users/[user]/ChromeTestProfile/stdout.txt
Eric Lawrence
Dec 21, 2017, 4:12:13 PM12/21/17
to ph...@roll20.net, Security-dev
Sorry about that. Unfortunately, this flag is broken in Chrome 63: https://bugs.chromium.org/p/chromium/issues/detail?id=792993#c12
-Eric Lawrence
Chrome Security
Daniel Vogelheim
Dec 21, 2017, 4:12:47 PM12/21/17
to Phil Behrenberg, security-dev
https://bugs.chromium.org/p/chromium/issues/detail?id=792993
tl/dr: bug is known; only affects M63; M64+ work; probably no fix for 63.
Joe Mason
Dec 27, 2017, 1:12:52 PM12/27/17
to Daniel Vogelheim, Phil Behrenberg, Security-dev
You can get M64 for testing by installing the Beta or Dev channels (https://www.chromium.org/getting-involved/dev-channel)
ramyar...@gmail.com
Mar 13, 2020, 1:06:30 PM3/13/20
to Security-dev
Reply all
Reply to author
Forward
0 new messages