- From: Stefan Håkansson LK <stefan.lk.hakansson@ericsson.com>
- Date: Sat, 4 Oct 2014 12:54:45 +0000
- To: Anne van Kesteren <annevk@annevk.nl>
- CC: Mike West <mkwst@google.com>, "public-media-capture@w3.org" <public-media-capture@w3.org>, Chris Palmer <palmer@google.com>
On 04/10/14 14:41, Anne van Kesteren wrote: > On Sat, Oct 4, 2014 at 2:38 PM, Stefan Håkansson LK > <stefan.lk.hakansson@ericsson.com> wrote: >> I'm confused. Is your proposal that we reference >> https://w3c.github.io/webappsec/specs/mixedcontent/#is-origin-authenticated >> and only allow origins that come out as authenticated to access gUM, or >> is it something else? > > No, that is my proposal. Thanks for the clarification. Next part then: should each user agent decide whether or not it follows step four in the algorithm or not, or should it be documented in the gUM document something with the meaning "the UA could decide to not allow file URLs to access gUM in spite of it evaluating as an authenticated origin in [ref to the algorithm]"?
Received on Saturday, 4 October 2014 12:55:11 UTC