Understanding Browser Permissions: A Simple Webcam Demonstration

How a harmless‑looking webpage can teach us an important lesson about privacy.

Khadija Azam

~3 min read · March 16, 2026 (Updated: March 16, 2026) · Free: Yes

Introduction

We've all seen the pop‑up: "This website wants to use your camera." Most of us click "Allow" without thinking twice. But have you ever wondered what happens after you grant that permission? Can a site you visited weeks ago start recording you without your knowledge?

As part of my Information Security coursework, I built a simple web page that answers these questions safely and ethically. The page automatically activates the webcam when opened, records a short video, and stores it locally and (with explicit consent) in the cloud. The goal is not to trick anyone, but to raise awareness about how browser permissions work and why we should be more careful.

What the Project Does

The web page looks like a normal landing page — it even includes a calculator to make it look like a simple tool. But behind the scenes, it does three things:

Requests camera access as soon as the page loads.
Records a five‑second video silently after permission is given.
Saves the video in two ways:

First, it stores the video in the browser's local storage (a kind of digital "notebook" that websites can use).
Second, if the user chooses to log in with Google, it uploads the video to their own Google Drive.

After the recording finishes, a clear warning message appears, explaining exactly what happened and why it matters.

How It Works

Modern browsers have built‑in tools that let websites access your camera and microphone but only after you give permission. My project uses those same tools, the same way any video‑chat app does. The difference is that once permission is granted, the page starts recording immediately, with no further clicks.

The recording is saved as a small video file. For the local storage part, the video stays on your own computer , it never leaves your browser. For the Google Drive upload, the user must actively log in to their Google account and approve the upload. This mimics what a malicious site might do, but with full transparency and control.

Why This Matters for Your Privacy

This demonstration reveals a few important truths about online privacy:

Permissions are sticky. When you allow a website to use your camera, that permission stays active for future visits. The site doesn't need to ask again.
The camera LED is your friend. On any modern laptop, the camera's light is hardwired to the power, it cannot be turned off by software. If you see that light on when you're not using a video app, close the tab immediately.
Cloud uploads require extra consent. Services like Google Drive use an extra layer of permission (called OAuth) so that you always know what a website is trying to do with your files.

The project is designed to make these points obvious, not to hide anything.

A Note on Ethics

I want to be very clear: this project is for educational use only. It was built as part of a university assignment to help students and others understand browser security. The code includes prominent warnings, and it should never be used on anyone without their explicit consent.

Unauthorised access to someone's camera is illegal and a serious violation of privacy. If you are curious about web security, always experiment on your own devices and with your own accounts.

What I Learned

Building this project taught me several valuable lessons:

Browser APIs are powerful but safe , they require user permission at every step.
User awareness is the weakest link , many people click "Allow" without reading the prompt.
Cloud integration is easier than it looks using Google's developer tools to add Drive uploads was surprisingly straightforward once I understood the setup.
Security is a shared responsibility developers must design with privacy in mind, and users must stay informed.

Final Thoughts

The next time a website asks for camera access, pause for a moment. Ask yourself: Do I really need to use my camera here? Can I trust this site? And always keep an eye on that tiny LED next to your webcam — it's there to protect you.

Building this project was a fascinating journey into the world of browser security. I hope this article encourages you to think more critically about the permissions you grant online and to appreciate the built‑in safeguards that modern browsers provide.

#information-security #ethical-hacking #web-development #digital-awareness #privacy