result of enumerateDevices when there is no origin

[guidou]

Sections 9.2 and 9.3 establish a security model based on a page's origin.
Device IDs are unique per origin and so on.
However, behavior is not defined for the case when there is no origin. For example, what should happen if a user calls enumerateDevices from a JavaScript console and the page is "about:blank", or something equivalent, without any defined origin?

[ShijunS]

For case associated with an origin, the deviceID persists as with other storage such as cookies.  For cases without origin, I'd expect no cookies are stored, so the deviceID should be unique per session and will not be persistent across sessions. Would that make sense?

[guidou]

That would make sense.
Do you think rejecting the promise would make sense too?

[ShijunS]

I think we should treat the API like all others, for example, it'd be nice to keep the JavaScript console as a valid test option for web developers.

[alvestrand]

No change to the spec needed; closing.