W3C home > Mailing lists > Public > public-media-capture@w3.org > December 2015

Re: Issue #268: Iframe sandboxing options for gUM

From: Martin Thomson <martin.thomson@gmail.com>
Date: Sat, 5 Dec 2015 20:36:31 +1100
Message-ID: <CABkgnnU_cqNYUd125nN7WV7DOWFuzN7bnn3rskO9FuaxfbXibw@mail.gmail.com>
To: Harald Alvestrand <harald@alvestrand.no>
Cc: "public-media-capture@w3.org" <public-media-capture@w3.org>
On 5 December 2015 at 02:40, Harald Alvestrand <harald@alvestrand.no> wrote:
> Would choosing double-keyed permission mean that if an iframe appears in
> 7 different contexts, the permissions will have to be stored 7 different
> times?

Yes, and showing the iframe as a top-level context would produce the 8th.

> Note that permission keying affects whether we're able to unify our
> permissions model with the Permissions API model - that model doesn't
> appear to consider iframes separately at all at the moment.

Yes, and I think that's a very relevant question to raise over there,
and I will do that right now.  If an origin makes a query of the
Permissions API with the expectation that the answer is the same no
matter how it is framed, it might be surprised.  At a minimum, the API
should establish expectations about what to expect here.  (I'm not
sure that it's possible to *see* what the top-level browsing context
is from an iframe.)
Received on Saturday, 5 December 2015 09:37:00 UTC

This archive was generated by hypermail 2.3.1 : Saturday, 5 December 2015 09:37:00 UTC