disableThirdPartyRequests on embedded meet.jit.si conference

Can disableThirdPartyRequests be used in configOverwrite when using the External API of meet.jit.si? For my use case I need a slimmed down version of Jitsi Meet, without all the external integrations etc. I was hoping this config flag would help with that, while simultaneously disable Google Analytics. But at the moment it seems not to have any effect. Network tab in DevTools shows https://www.google-analytics.com/analytics.js is still loaded, as well as all the other third party stuff.

See simple fiddle here: https://jsfiddle.net/a7hpse6d/.

<!DOCTYPE html>
<html>
  <head>
    <meta charset="UTF-8" />
    <title>disableThirdPartyRequestsTest</title>
    <script src="https://meet.jit.si/external_api.js"></script>
    <style>
      * {
        margin: 0;
        padding: 0;
        border: 0;
      }

      html,
      body,
      #meet {
        width: 100vw;
        height: 100vh;
      }
    </style>
  </head>

  <body>
    <div id="meet"></div>
    <script>
      const domain = "meet.jit.si";
      const options = {
        roomName: "disableThirdPartyRequestsTest",
        parentNode: document.querySelector("#meet"),
        configOverwrite: { disableThirdPartyRequests: false }
      };
      const api = new JitsiMeetExternalAPI(domain, options);
    </script>
  </body>
</html>

Yes it can, there was a bug which Saul just fixed and that will land on meet.jit.si on next release. https://github.com/jitsi/jitsi-meet/pull/5450

Awesome! Looking forward to trying it out once it’s available on meet.jit.si. One question though. Would it also stop using (Google) STUN servers when third party requests are disabled?

I’d like to limit tracking and third party integration as much as possible but not at the expense of being able to establish connections.

I will bring that to the team and will discuss it.

meet.jit.si clients don’t use google stun servers. You can see the stun/turn servers in use in chrome://webrtc-internals/

Boris

Aah yes I see now, that’s great. :slight_smile:

I thought it would be using the Google stun servers because of this entry in config.js.

    p2pStunServers: [
        { urls: "stun:stun.l.google.com:19302" },
        { urls: "stun:stun1.l.google.com:19302" },
        { urls: "stun:stun2.l.google.com:19302" }
    ],
    enableP2P: true, // flag to control P2P connections
    // New P2P options
    p2p: {
        enabled: true,
        preferH264: true,
        disableH264: true,
        useStunTurn: true, // use XEP-0215 to fetch STUN and TURN server for the P2P connection
        stunServers: [
            { urls: "stun:stun.l.google.com:19302" },
            { urls: "stun:stun1.l.google.com:19302" },
            { urls: "stun:stun2.l.google.com:19302" }
        ]
    },

Are those entries no longer relevant?