Microphone and camera access is no longer permitted on insecure origins starting with Chrome 60.
A Bit of History
Initially reported as a potential bug by users that were using the development channel of Chrome for testing new features, it was confirmed in the linked thread that this worked as expected, being a deliberate decision to deprecate camera and microphone access on insecure origins.
The closing of a Chromium issue, that was referring to flipping the
kRequireSecureOriginsForPepperMediaRequests to be enabled by default, confirms this. Pepper is the variant of Flash plugin used by Chrome, Pepper Flash to be more exact.
According to this article, along with the camera and microphone access, other powerful features have been deprecated on insecure origins: geolocation, device motion/orientation, EME, AppCache and notifications.
The change was not visible to the majority of users until the release of Chrome 60 on the stable channel on the 25th of July.
Now when trying to access the camera and microphone from insecure origins, a message is shown in Chrome’s developer console:
What Can Be Done
We strongly recommend switching your website, where you have Pipe embeded, to secure origins (https).