Asterisk webrtc sipml5 client

i have succesfully tried the combination
Asterisk --> WebRTC --> SIPML5 to make call between Browser and remote IP phone
I noticed that if i would like to avoid caller to fill data to make call i’ll have to compile Sip stack with all data included IP,extension and password.Is there a way to avoid this security threat?

If i wish to put a button on a web page to call an extension on a remote asterisk pbx is there a safe way?

Secure the peer via dialplan, allowing only certaind internal extens, yo dont want to give it acces to the whole dialplan.

Yes…i knew…
but i would always have the sensation to left the door open… :blush: :blush: :blush: