There is concern from Chrome Privacy that the "hardware" hint presents a drive-by fingerprinting risk, by exposing information about the user's default audio hardware buffer size.
Proposed mitigation:
- Do not allow reading the actual value until the AudioContext transitions to "running" (potentially returning 0 in the meantime)
- Reject "hardware" hint if the microphone permission is not granted
I think it may also be better to move retrieving the "hardware" buffer size to a different API that can be called (with appropriate privacy mitigation) before the AudioContext is constructed. This would also simplify the AudioContextOptions and OfflineAudioContextOptions: renderSizeHint could be a simple number similar to sample rate.
There is concern from Chrome Privacy that the "hardware" hint presents a drive-by fingerprinting risk, by exposing information about the user's default audio hardware buffer size.
Proposed mitigation:
I think it may also be better to move retrieving the "hardware" buffer size to a different API that can be called (with appropriate privacy mitigation) before the AudioContext is constructed. This would also simplify the AudioContextOptions and OfflineAudioContextOptions: renderSizeHint could be a simple number similar to sample rate.