Comment by robbiemitchell
6 years ago
I mean _with_ their local webserver, can they implement their own, simple confirmation of some kind?
6 years ago
I mean _with_ their local webserver, can they implement their own, simple confirmation of some kind?
“This [local webserver] is a workaround to a change introduced in Safari 12 that requires a user to confirm that they want to start the Zoom client prior to joining every meeting.”
https://blog.zoom.us/wordpress/2019/07/08/response-to-video-...
According to Zoom the intended purpose of the local webserver is specifically to avoid the confirmation step.
Well - Safari asks you for confirmation. They built the local, exploitable web-server to avoid the confirmation message. Why would they go to that trouble, only to reimplement what they were trying to avoid?