Avoiding NavigatorUserMediaError “Only secure origins are allowed” on HTTP in Chrome

Question

I\'m trying to make some audio/video tests with a JavaScript library for SIP phones and since Chrome 47 I can no longer test in local development because of this error:

Answer 1

The unsafely-treat-insecure-origin-as-secure flag works for me as documented here.

On OS X this looks like:

$ /Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --user-data-dir=/tmp/foo --unsafely-treat-insecure-origin-as-secure=http://alt.local:8080

For various reasons, my local development server doesn't run on localhost or port 80. Specifying the alternative port appears to be necessary.

The user-data-dir directive appears to create a temporary sandbox profile in Chrome.

Answer 2

According to https://www.chromium.org/Home/chromium-security/prefer-secure-origins-for-powerful-new-features, localhost is supposed to be considered as a secure origin.

If you do not test on localhost but on a real domain, then you should enable an HTTPS access (you can get a free certificate with Let's Encrypt)