Re: Screen capture

Actually, I got some really good feedback on this feature in a
discussion last night.  The security concerns over giving access to a
screen capture are pretty serious.  There is a very good reason that
applications are prevented from sampling any part of the page that are
not from the same origin.  Screen capture would circumvent that.  It
may be that a simple user confirmation/permission question is
insufficient to convince some people that capture is safe to permit
for this reason.

It's actually very simple.  I load an iframe to your bank, using your
login cookie, briefly display some highly sensitive resource, capture
the screen, ???, profit.

I knew this was a problem, but I didn't realize the strength of the reaction.

On 31 January 2013 21:11, Harald Alvestrand <harald@alvestrand.no> wrote:
>> Why then does one not exist yet?
>
> It's "just" a matter of defining the constraints, if the WG agrees to follow
> this convention.

:)  I know you know that it's never that easy.

> I don't know what API we should use to generate the identifiers for "things
> that can be used in a screen capture". The cameras and microphones can be
> "listed" with the VideoDeviceIds / AudioDeviceIds in Travis' "v6" proposal,
> but with "things that can be used in a screen capture", I don't know a) how
> to list them, or b) what the privacy restrictions should be on listing them.

Oh, maybe you don't need to list these along with other "devices".  If
the feature exists, then you don't need to be that specific (unless
you want to do per-window capture and identity the same window over
time, which I think isn't really that useful).  The identifiers that
the resulting objects are given could be allocated in a similar
fashion to devices, with a single "capture" device ID.  You wouldn't
be able to learn that device ID a priori, hence the suggestion to have
another constraint for this purpose.  (screen: true, or a generalized
videoDeviceType: capture/camera/file)

Received on Thursday, 31 January 2013 22:00:39 UTC