- From: Dominique Hazael-Massieux <dom@w3.org>
- Date: Thu, 28 Aug 2014 11:37:24 +0200
- To: Harald Alvestrand <harald@alvestrand.no>
- Cc: public-media-capture@w3.org
Le jeudi 03 juillet 2014 à 10:56 +0200, Harald Alvestrand a écrit : > I think the web developers mostly will read books and pages written by > people who (hopefully) read the spec - and those people will hopefully > read it from end to end, so it doesn't matter much where. > > I think putting it in the (non-normative) security considerations > section will do nicely. This sounds reasonable; I've put a pull request to that effect. https://github.com/w3c/mediacapture-main/pull/9 But I wonder if we could not do more to make that footgun less likely to be triggered. We could for instance prevent getUserMedia from operating without an "engagement gesture" (see https://dvcs.w3.org/hg/pointerlock/raw-file/default/index.html#glossary ). For an ad that would embed an app that would have stored permissions, we may also link the stored permissions to the stack of embedding origins, not just the origin from where the script operates (although I don't know if there is any model we can follow for this). Finally, we may also want to avoid any random app to be able to trigger a getUserMedia prompt when embedded in a Web page (which could easily confuse users); in this case, we should get a new value added to the sandbox attribute in iframe element http://www.w3.org/html/wg/drafts/html/master/embedded-content.html#attr-iframe-sandbox Dom
Received on Thursday, 28 August 2014 09:37:43 UTC