We also seem to be hitting this. Our scenario (Using FF 80.0.1):

1. Check if we have permissions to access any devices (no on fist time)

2. Do a GUM with {audio: true, video: true}

3. Select Camera B and Mic B (non defaults) in the browser dialog.

4. We get streams for CamB and MicB (so far so good).

5. We save CamB and MicB DeviceIds in a cookie

6. We start a new "call".

7. Check we have permissions to access any devices (which we do now since last call)

8. Do a GUM with {audio: { deviceId: cookieValueOfLastUsedDevice(MicB) }, video: { deviceId: cookieValueOfLastUsedDevice(CamB) } }

9. Get streams for MicA and CamA (defaults)

If in step 8 we do a {audio: { deviceId: { exact: cookieValueOfLastUsedDevice(MicB) } }, video: { deviceId: { exact: cookieValueOfLastUsedDevice(CamB) } } } We get an OverConstrainedError.

If in the first call we allowed permissions to access CamB and MicB,, when we come to next request them via an exact or even just by non-exact deviceId request we should get streams from CamB and MicB, and not the defaults of CamA and MicA.

Seems to be a persistence of Permissions issue. I'm not familiar with how Firefox deals with saving Permissions for specific devices? Does it save a generic "Yeah you have permissions to use a camera and mic, but we don't know which one?"

This issue is still an issue on Firefox 83.

This is an extremely serious privacy issue: it allows a website to, without authorisation, activate and record on a user's webcam. I discovered this issue when a website suddenly rendered a camera I'd never given it access to.

This is pretty much the scariest type of issue that can exist, from a consumer perspective.

Reproduction steps:

1. Visit https://mozilla.github.io/webrtc-landing/gum_test.html.
2. Select "camera" on that page.
3. On Firefox, select a camera that is not the first. In my case, I selected a camera which has a physical lid on it.
4. Select "Remember me decision".
5. Reload the page.
6. Click webcam again.

Actual behaviour

The website can now access another webcam -- one that does not have a lid, and points to a location that it not okay for this website to see.

Expected behaviour

Websites should not have access to a webcam if they have never been given authorisation by the user.

Still in issue in Firefox 85.0, Feb 2021.

In addition, this issue can be reproduced with one hardware webcam + one software webcam. The software "Logitech Capture" uses your hardware webcam to make a software webcam available called "Logi Capture". So your system will have a choice of 2 webcams available.

1. Visit a website that will ask to use your webcam
2. Firefox dialog appears, click the drop-down to select the software webcam ("Logi Capture" in this case)
3. Click "Remember this decision" and click "Allow"
4. Leave page and visit it again. Firefox will use the wrong webcam, and I can't find a setting to make it choose the correct webcam.

There's a lot of confusion here, all from an incorrect interpretation of ☐ Remember this decision (based on what it does).

The "decision" is not the device choice. Firefox cannot remember which device you chose for next time, because that's the job of the site in the web model. Well-behaved sites will remember the device you chose every time whether you check this box or not.

The "decision" is whether to ask permission every time for this device category (all cameras or all microphones). ☑ = no more prompts = Chrome.

Untangling multiple issues from this confusion:

1. Site bugs (comment 0, comment 1, comment 11) — Well-behaved sites remember your choice even if you leave ☐ blank, as well as offer a ⚙️ settings page where you can switch devices. Fix your sites. Not a Firefox bug.
2. Pilot error — comment 9 works for me with https://jsfiddle.net/jib1/e89jp3hv. I suspect a bug in the example's cookie parsing.
3. Mismatched expectation — comment 10 expected Firefox to persist permission per-device. This is a great idea, but would be a new feature. Firefox is already the only browser to implement per-device permission, but only if you leave ☐ blank. It's all or nothing today; a tradeoff.

Options I see:

1. Close this as works as intended
2. Focus this issue on clarifying the UX. E.g. ☑ Ask every time (inverting the logic) though this still doesn't clear up one vs. all.
3. Focus this issue on requesting that Firefox implement persistent per-device permission, either instead of or in addition to persist all (Chrome).

(In reply to Jan-Ivar Bruaroey [:jib] (needinfo? me) from comment #13)

Options I see:

1. Close this as works as intended

The intention is for the user to understand the decision they make in response to the prompt, but users are not understanding, so option 2 at least would be addressing a defect.
"When asking the user’s permission, the User Agent MUST disclose whether permission will be granted only to the device chosen, or to all devices of that kind."

2. Focus this issue on clarifying the UX. E.g. ☑ Ask every time (inverting the logic) though this still doesn't clear up one vs. all.

This may be the issue in duplicates bug 1315890, bug 1410421, bug 1598359, and bug 1627744.

A solution could be as simple as changing the label on the check box. Options might include:

• Apply this permission to all microphone/camera devices
• Apply Block/Allow to all microphone devices

Or perhaps multiple buttons or radio-buttons, instead of a single checkbox:

• Allow
• Block
• Always allow all microphone devices
• Always block

3. Focus this issue on requesting that Firefox implement persistent per-device permission, either instead of or in addition to persist all (Chrome).

Yes, perhaps, or
4. Remember the choice made for each unique ordered list of "preferred" speakers, and provide a way to change or reset the decisions, and fix 2, or
5. Fix bug 1713292 and fix 2.

The severity field for this bug is relatively low, S3. However, the bug has 6 duplicates.
:pbz, could you consider increasing the bug severity?

For more information, please visit auto_nag documentation.