> Is there a permission for network access, and is it allowed or denied by default?
WebRTC data channels are allowed by default.
> Does the browser do anything to protect the user against something like this?
A nefarious website can already use the fetch() API to upload or download massive amounts of data if their goal is waste bandwidth. WebRTC doesn't introduce any new vulnerability here.
WebRTC data channels are allowed by default.
> Does the browser do anything to protect the user against something like this?
A nefarious website can already use the fetch() API to upload or download massive amounts of data if their goal is waste bandwidth. WebRTC doesn't introduce any new vulnerability here.