W3C home > Mailing lists > Public > public-audio@w3.org > October to December 2012

[Bug 17417] Define a security model for requesting access to the MIDIAccess interface

From: <bugzilla@jessica.w3.org>
Date: Tue, 25 Dec 2012 23:14:02 +0000
To: public-audio@w3.org
Message-ID: <bug-17417-5429-fajOBBClTB@http.www.w3.org/Bugs/Public/>
https://www.w3.org/Bugs/Public/show_bug.cgi?id=17417

--- Comment #12 from Chris Wilson <cwilso@gmail.com> ---
(In reply to comment #11)
> Created attachment 1304 [details]
> Mockup of permissioning model (site preferences)
> 
> (of course, this won't go into the spec)... this is what I was thinking for
> the permission model, except the lists would be broken into inputs and
> outputs. Permissioning then just becomes part of the site preferences of a
> UA. 
> 
> I've been working on implementing a mockup of this (based Chris'
> implementation):
>  
> http://marcoscaceres.github.com/WebMIDIAPIShim/
> 
> Though I have not yet added the ability for the user to select individual
> inputs and outputs. Will add that over next few days.

This level of tweakiness is exactly what I'm worried about.  I don't think any
sane user will walk through the list of their available MIDI ports and
carefully select which they're comfortable "sharing" with a web application -
they'll either say OK or not OK.  And even that, I'd like to minimize as much
as possible, and I want the spec to continue to make it clear that the
implementation does not NEED to prompt the user with UI; this may come inside a
web app that has permissions already set, or in a loose environment that has
already had MIDI access approved.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
Received on Tuesday, 25 December 2012 23:14:03 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:50:04 UTC