Re: WebUSB question in Chrome 54

28 views
Skip to first unread message

Reilly Grant

unread,
Oct 4, 2016, 2:47:51 AM10/4/16
to Dhaval Patel, owe...@chromium.org, jun...@chromium.org, web...@chromium.org
Thank you for your interest in trying out WebUSB. You can join the WebUSB discussion list by visiting its Google Groups page.

The issues faced by third party developers like you are something we want to try to address. The plan right now is to implement a way to manually whitelist a particular origin for a particular device. This feature request is tracked as issue 598766. The goal is to provide a barrier that is high enough to deter phishing but low enough to enable developers to build interesting things.

On Tue, Oct 4, 2016 at 12:06 PM Dhaval Patel <dha...@tscripts.com> wrote:

First, I would like to apologize if this is not the right place to ask this. I am kinda confused about this because I am not quite sure how to join the list web...@chromium.org so if you would like me to post there, can an admin of that list please subscribe me?

We are participating in the Origin Trials for WebUSB. There is a specific USB foot pedal that we are trying to use. We are currently in the proof-of-concept phase and have noticed something that would block us from using WebUSB with the way things are implemented in Chrome 54.

- I can see that Chrome 54 detects the USB devices by going to chrome://device-log/ and viewing the messages.

- I have setup a page (https://dev.tscripts.com/dhaval/webusb/) which will ask to connect to the foot pedal if it is plugged into the workstation.

The problem is that I need to run Chrome with the  "--disable-webusb-security" flag in order for the page to access the device. I have read that WebUSB will require the device to provide a whitelist of sites that can connect to the device. I am assuming I am out of luck unless I can convince the manufacturer to release a firmware update and allow me to update this devices so it has * for allowed sites.

If this is the case, I wanted to point out all the USB devices out on the market that should be used with various websites (joysticks for gaming) but will not be accessible because of this requirement. I completely understand the security part but there should be a way for the web developer to make this work for the end users without being held back by the manufacturer.

I hope that I missed something during my research and there is an easy solution around this.

I appreciate your help.


Thanks,

Dhaval


Reply all
Reply to author
Forward
0 new messages