Re: [mediacapture-main] Should deviceId be partitioned by top level origin and document origin (#598)

Firefox used to use double keying (top level & document) for permissions. The spec was written to permit both patterns to be conformant. I believe double keying has been abandoned by all - instead, we changed the default delegation to cross-origin iframes to "block" - one has to explicitly delegate permissions to an iframe if you want it to be able to use the invoker's permissisons.

I'm not sure I understand the implications of double keying on device ID - would that mean that a conferencing app that opened in an iframe on multiple sites would be unable to store device IDs between sessions on different top level origins?


-- 
GitHub Notification of comment by alvestrand
Please view or discuss this issue at https://github.com/w3c/mediacapture-main/issues/598#issuecomment-495351983 using your GitHub account

Received on Thursday, 23 May 2019 19:24:15 UTC