Requirements and Supported Browsers

Pipe officially supports the following browsers.

Embed Code v2.0

💻 On Desktop Devices:

Recording client
- webcam recording: Chrome 66+, Firefox 76+, Edge 79+ and Safari 14.1+^Beta on secure contexts (https, localhost, file://, etc.)
- screen + camera recording: Chrome 74+, Firefox 76+, Edge 79+ and Safari 14.1+^Beta on secure contexts (https, localhost, file://, etc.)

📱 On Mobile Devices:

Recording client:
- Chrome 66+ on secure contexts (https, localhost, file://, etc.) on Android
- Safari on iOS/iPadOS 14.5+^Beta on secure contexts (https, localhost, file://, etc.)
Legacy mobile recorder:
- Chrome on Android version 4.4 and up
- Safari on iOS 6 and up

Embed Code v1.0

❗

Starting with the 12th of March 2024, the 1.0 version of the embed code has officially become deprecated. Please use the 2.0 embed code.

💻 On Desktop Devices:

Recording client
- webcam recording: Chrome 63+, Firefox 52+ and Edge 79+ on some secure contexts (https, localhost, 127.0.0.1 and ::1)
- screen recording: Chrome 72+, Firefox 66+ and Edge 79+ on some secure contexts (https, localhost, 127.0.0.1 and ::1)

📱 On Mobile Devices:

Recording client:
- Not supported, use the 2.0 embed code instead
Legacy mobile recorder:
- Chrome on Android version 4.4 and up
- Safari on iOS 6 and up

👉

Important: only iOS 11.3+ consistently allows webcam access in web pages saved to the home screen as fullscreen apps or opened inside other apps using SFSafariViewController (source: Rick Mondello’s Tweet, Stack Overflow thread).

Secure Contexts

Many web APIs and features- including those used to access a device’s camera and microphone - are accessible only in a secure context. That’s why our recording client only works in secure contexts.

What Is a Secure Context?

A web page is considered to be in a secure context if:

it is served over https: the page is loaded via https://, ensuring data integrity and encryption.
it is a local resource: origins such as http://localhost, http://127.0.0.1, file://, etc. are also deemed secure.

For a detailed explanation and list of secure contexts, refer to MDN’s article on Secure Contexts.

Testing on Insecure Contexts With Chrome

Chrome has a flag that lets you force specific origins to be treated as secure: chrome://flags/#unsafely-treat-insecure-origin-as-secure . This can be used in development.

Recording Client Behaviour Over Insecure Contexts

If the 2.0 recording client is embedded in a non-secure context, it will display the following message, blocking functionality:

Recording is only possible over secure contexts (https, localhost, file://, etc.)

Here’s how the recording client shows the message:

Permissions-Policy Requirements and Common Browser Errors

The Permissions-Policy header is required to enable certain features such as camera, microphone, and synchronous XHR. If incorrectly configured, the browser console may display errors related to invalid policy settings or policy violations. This section details the required settings and common errors.

Required Permissions-Policy Settings

To ensure proper functionality of camera, microphone, and synchronous XHR, the Permissions-Policy HTTP header should be set correctly on your server. Below is the recommended configuration:

Permissions-Policy: camera=(*), microphone=(*), sync-xhr=(*)

* (wildcard) → Allows access to all origins.
self → Restricts access to the same origin.
Quoted URLs → Allows specific trusted origins.

Common Browser Console Errors and Their Causes

If the Permissions-Policy header is missing or incorrectly configured, you may encounter the following errors in the console:

Invalid Allowlist Item for Microphone or Camera (Permissions-Policy Header)

Pipe log messages:

Camera access is denied by page Permissions-Policy or user settings.
Microphone access is denied by page Permissions-Policy or user settings.

Warning Messages:

Error with Permissions-Policy header: Invalid allowlist item(*.addpipe.com) for feature microphone. Allowlist item must be *, self or quoted url.
Error with Permissions-Policy header: Invalid allowlist item(*.addpipe.com) for feature camera. Allowlist item must be *, self or quoted url.

Causes:

The Permissions-Policy header contains an invalid domain wildcard (e.g., *.addpipe.com is not allowed).
The allowlist is not set using *, self, or a quoted specific URL.

Solution:

Permissions-Policy: camera=(*), microphone=(*)

Policy Violation: Synchronous XHR is Disabled

Pipe log messages:

Synchronous XHR (sync-xhr) is blocked by page Permissions-Policy or browser settings.

Error Message:

[Violation] Permissions policy violation: Synchronous requests are disabled by permissions policy.

Cause:

The sync-xhr feature is blocked by the Permissions-Policy header.
Pipe attempts to make a synchronous XMLHttpRequest, which is restricted.

Solution:

Permissions-Policy: sync-xhr=(*)

Last Modified on April 1, 2025

Requirements and Supported Browsers

Embed Code v2.0 #

Embed Code v1.0 #

Secure Contexts #

What Is a Secure Context? #

Testing on Insecure Contexts With Chrome #

Recording Client Behaviour Over Insecure Contexts #

Permissions-Policy Requirements and Common Browser Errors #

Required Permissions-Policy Settings #

Common Browser Console Errors and Their Causes #

Invalid Allowlist Item for Microphone or Camera (Permissions-Policy Header) #

Policy Violation: Synchronous XHR is Disabled #