Web SDK with WebCodecs on 1.9.8 not showing user/participant video

Hi @gianni.zoom, I’m adding mine into the index.html for the application that consumes the websdk in an Angular app. The only place I can see that meeting.html file is in the JS sample application.

Hi @lfrancia ,

We did not experience this issue during testing, but I am sorry to hear you are selectively experiencing these problems. When it fails, please take screenshots of what you’re seeing on the SDK/console, and email those along with a description of the behavior, meeting identification and affected participant info to developersupport@zoom.us.

This information will help us check specific logs to further investigate.

Thank you,
Gianni

Hi @mijodu,

Good point as we did test on the JS sample app. Is it working for you now?

Best,
Gianni

@gianni.zoom Unfortunately not. I’m adding the SharedArrayBuffer, WebCodecs and WebAssemblySIMD trials on initialisation on app start in the index.html as there is no meeting.html in the SPA implementation of the SDK from what I’m aware of?

Hi @mijodu ,

Hmm, can you please email developersupport@zoom.us with screenshots of what you’re seeing, affected meeting participants and console errors? We’ll follow up with our SDK engineers to investigate further.

Thank you,
Gianni

@gianni.zoom

I’m glad you’ve found a way to bypass the web isolation (the “advanced” guide is not really covering but bypassing the web isolation), but the provided example is certainly not covering most of integration cases your customers have. As an example: single web applications.

You are publishing an SDK, not an application, so you should provide more generic way of covering some aspects of the SDK.

Anyway, not here to add more critics, i have a couple of questions.

1/ The disableCORP property on init() call

disableCORP

This one is set to ‘true’ by default, so unless we deactivate this property (based on window.crossOriginIsolated as in the guide’s example) it means that communication within the Zoom SDK are not using web isolation (e.g not returning the expected headers)

  • Is my understanding correct ?
  • Why until now nobody talked about that parameter and its default value when it comes to web isolation ? If the understanding is correct, then that is definitely affecting tests & results performed.
  • Is there any relationship with the warning that popup on the console when the sharedArrayBuffer OT is used without the web isolation ?

2/ What about the COEP Credentialless OT ?

The mentioned guide do not mention the COEP credentialless origin trial which is there to authorize web isolation mode on pages that are not yet fully compliant with web isolation. (instead of using the method used in the guide to fake & deactivate it)
You can find more information about that in the reported thread here

Do you mind updating your guide to include this origin trial in the solutions ?

Hi @nvivot ,

Thank you for your in-depth observations and contributions to our collective learning and problem solving here. I will do some testing with my colleagues and connect with the SDK team specifically on the points you’ve made. :slightly_smiling_face:

Sincerely,
Gianni

Hi, following up on this topic. Removing WebCodecs fixes the video not showing with 1.9.8 on Chrome 93. But if I test with the Chrome 94 Beta it is broken again (no video for any participant). Is the zoom team planning on releasing an update before Sept. 22 when Chrome 94 launches?

Hi @IanIsDeveloping,

Happy to help and relay to our SDK team. Can you please attach screenshots of what you’re seeing with Chrome 94 Beta? You can send here or to developersupport@zoom.us if you feel more comfortable, with me addressed & a link to this thread. Thanks!

Gianni

We are also having the same issue.

Hi @gianni.zoom,

WebCodecs will be part of Chrome 94, which will be released on Sept. 21. If WebCodecs is causing the video issues with Web SDK 1.9.8, as many users reported here, will Zoom be releasing any fix for that? We have just released our app with Web SDK 1.9.8 last night without the WebCodecs origin trial, and we are afraid that we will encounter same issues once Chrome 94 is released.

Regards,
Lara

hello, ifrancia, are you use the mac chrome 93 & 94 ?

HI @JackYang,

The issues I reported here happened on Chrome 93 + Web SDK 1.9.8 + SIMD + SharedArrayBuffer + Web Codecs as mentioned in the following comment.

We will retest on Chrome 94 beta as well.

Lara

Hi @JackYang,

Our team has just tested our application, which is using Web SDK 1.9.8 + SIMD + SharedArrayBuffer Origin Trial, on Chrome v94.0.4606.38 Beta on the following devices. Please refer below for the result.

  • Macbook (v11 and v10.15) - Camera did not work for both built-in and external camera
  • Chromebook - Built-in camera did not work but external usb camera worked
  • Chromebox 4 - external usb camera worked
  • Chromebox 3 - external usb camera worked
  • Windows PC - built-in camera worked

And below is the screenshot of how it looks. The “client” took this screenshot.

This will be a critical issue for us as soon as Chrome Browser v.94 is released so, we would really appreciate it if you can fix it before Chrome 94 is released.

Please let us know if you need more information.

Regards,
Lara

Hi @mijodu,

May I know what device did you use? Did you use mac?

Regards,
Lara

Hey @lfrancia ,

Thanks for sharing your findings. We are looking into this. :slight_smile:

@nvivot ,

Yes.

We will update our docs to mention this property here: https://marketplace.zoom.us/docs/sdk/native-sdks/web/advanced/web-isolation (DEVELOPERS-1819)

Console warning for SAB shows up using OT, but it works the same way as with CORP headers

To our understanding there is no reason to use COEP Credentials. It seems less secure than using SAB + WebCodecs and does not provide any advantage over the other two.

-Tommy

We have the same issue with the video on Mac only, and we have cross-origin isolation enabled. Here are some logs

macOS 11.5.2 | Chrome v94.0.4606.38 Beta

Windows 11 | Chrome v94.0.4606.38 Beta

Same as @lfrancia, the camera does work on Windows

To our understanding there is no reason to use COEP Credentials. It seems less secure than using SAB + WebCodecs and does not provide any advantage over the other two.

It’s not a question of being more or less secure, but to be able to use features required by Zoom without the web isolation strict mode.
Looks like either you did not realize that he SAB will ends in December and that after that, unless web isolation is set, the Zoom Web SDK will not work anymore.

So it’s all about being able to implement web isolation on time, before that SAB OT ends, and credentialless bring another mode for the web isolation, more permissive yes but that unblock the situation where it’s impossible to implement web isolation in its strict mode.

I understand that you - Zoom - within your very simple example application do not need it as you are not using anything else than your own services, but we - Zoom’s client - are doing integration of your products inside another larger application scope that potentially uses other services (like Datadog in our example) that cannot be used - yet - with the web isolation mode setup.

This is why in our cases the credentialless mode seems to be a good temporary solution to have features requiring web isolation mode to continue to work, but without the pain to be forced to implement the web isolation everywhere, especially when it comes to request this web isolation implementation to 3rd party vendors (they also have their own agenda that might not match with our or your)

I asked that question, because from our test, it’s obvious that the Web SDK do not care at all about the credentialless mode right now, since when we use it, the SharedArrayBuffer warning log saying “hey, you have to implement web isolation before…” still popup. I bet the current code check the value of the web isolation mode for the strict mode only since it was published before the OT for the credentialless mode being public.

Would be great if the SDK is a bit more flexible and take the credentialless mode into consideration. And because it’s a feature allowed by Google (after so many customers complained about them forcing this web isolation everywhere at last minute), you should de-facto support it and include that in the guide & your tests as your customers may use it - again, as a temporary solution, we all agree this is not a long term solution.

PS: if you don’t know what is the Credentialless mode for the web isolation, i invite you to read this. This mode will be definitively part of Chrome 96 by the way, so it’s real & official, not just an OT.
And let me quote this here to make sure this reply to your original answer:

With COEP: credentialless, we want to find a robust-enough protection against accidental cross-process leakage, without requiring an explicit opt-in from every subresource.

Seems this issues is only for Mac on both Chrome 93 and 94?

We also encountered issue on a windows machine and chromebox when we tested web sdk 1.9.8 + SIMD + SharedArrayBuffer + Web Codecs on Chrome v.93 as I have mentioned here Web SDK with WebCodecs on 1.9.8 not showing user/participant video - #7 by lfrancia but it just not happen all the time.