- From: Martin Thomson <martin.thomson@gmail.com>
- Date: Fri, 4 Dec 2015 16:03:19 +1100
- To: Adam Bergkvist <adam.bergkvist@ericsson.com>
- Cc: "public-media-capture@w3.org" <public-media-capture@w3.org>
The options would seem to be: 1. do nothing 2. add an allow-usermedia label to the sandbox attribute, which would block gUM calls if sandboxing was enabled, but leave it enabled otherwise 3. add a disallow-usermedia label to the sandbox attribute, which would block gUM calls only if the attribute and label were present 4. disable gUM by default and require the use of a new allow-usermedia attribute to enable it Note that 3 is quite irregular in that the sandbox attribute only has "allow-x" labels currently. I think that 2 is simplest. It's least disruptive to existing uses, while giving sites a way to prevent misuse. However, 4 is the most privacy-preserving and I can see a fairly good argument for it. Of course, choosing option 2 is easier if we choose option 4 for issue #267 (i.e., we key permissions on both top-level and iframe origin). On 3 December 2015 at 22:26, Adam Bergkvist <adam.bergkvist@ericsson.com> wrote: > Hi > > To make the discussion is this issue [1] more visible we move it to the > list. > > [1] https://github.com/w3c/mediacapture-main/issues/268 >
Received on Friday, 4 December 2015 05:03:50 UTC