W3C home > Mailing lists > Public > public-device-apis@w3.org > January 2015

Re: Re ACTION-723 user denial of captured file leading to no capture

From: <chaals@yandex-team.ru>
Date: Tue, 13 Jan 2015 18:11:53 +0300
To: "Kostiainen, Anssi" <anssi.kostiainen@intel.com>, "Zhang, Zhiqiang" <zhiqiang.zhang@intel.com>, W3C Device APIs WG <public-device-apis@w3.org>
Message-Id: <82371421161913@webcorp02g.yandex-team.ru>

13.01.2015, 17:29, "Kostiainen, Anssi" <anssi.kostiainen@intel.com>:
> Hi All,
>> šOn 13 Jan 2015, at 07:15, Zhang, Zhiqiang <zhiqiang.zhang@intel.com> wrote:
>> šI tried to create some tests to check the "user denial of captured file leading to no capture" (ACTION-723) and the spec update "When the capture attribute is specified, the user agent MUST NOT save the captured media to any data storage, local or remote"; but found it is difficult to figure out a good pass/fail criteria for these tests; so I haven't submitted them to the w-p-t repo.
> Given it appears this assertion (see above) is hard to test reliably (thanks Zhiqiang for experimenting with test cases), I plan to revert the following change I made to the spec in the coming weeks unless I hear otherwise:
> ššhttp://dev.w3.org/cvsweb/2009/dap/camera/Overview.src.html.diff?r1=1.13;r2=1.14;f=h
> The change was done in an attempt to address this concern raised on the mailing list some time ago (see the thread for details):
> ššhttp://lists.w3.org/Archives/Public/public-device-apis/2014Oct/0022.html

I don't think the fact that this is difficult to test is a reason to remove this constraint. It *may* be the case that it doesn't do anything useful, since a script can already collect data, but I think it is reasonable in for example a private browsing mode, and additionally it may be a security consideration that browsers store things in predictable ways. Closing this hole won't produce perfection, but it might narrow the attack surfaces usefully. And it gives someone a clear basis, if their browser *does* record information, to point out that this is unreasonable behaviour in a case that should clearly have been anticipated by implementors.



> -Anssi

Charles McCathie Nevile - web standards - CTO Office, Yandex
chaals@yandex-team.ru - - - Find more at http://yandex.com
Received on Tuesday, 13 January 2015 15:12:25 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:33:15 UTC