admin管理员组文章数量:1334166
We are using google public stun server in one of our application in the test environment. And, we are also installed Turn server.
The issue is - When we run the app, in the javascript file, we have put username, password and server address of turn server in order to make connection.
But, it shows the credentials in the javascript debugger which is a security issue. Is anybody have a solution how we restrict showing credentials from the javascript file ?
We are using google public stun server in one of our application in the test environment. And, we are also installed Turn server.
The issue is - When we run the app, in the javascript file, we have put username, password and server address of turn server in order to make connection.
But, it shows the credentials in the javascript debugger which is a security issue. Is anybody have a solution how we restrict showing credentials from the javascript file ?
Share Improve this question edited May 8, 2015 at 14:17 deceze♦ 523k88 gold badges799 silver badges941 bronze badges asked May 7, 2015 at 18:57 Bhupinder SinghBhupinder Singh 2842 silver badges15 bronze badges1 Answer
Reset to default 9The TURN password is always exposed to Javascript. See https://datatracker.ietf/doc/html/draft-uberti-behave-turn-rest-00 for the most monly employed workaround.
本文标签: javascriptSecurity issue with exposing TURN server credentials in WebRTCStack Overflow
版权声明:本文标题:javascript - Security issue with exposing TURN server credentials in WebRTC - Stack Overflow 内容由网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://www.betaflare.com/web/1742364343a2460982.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。
发表评论