- From: Jan-Ivar Bruaroey <notifications@github.com>
- Date: Thu, 11 Oct 2018 19:00:14 -0700
- To: w3c/permissions <permissions@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Friday, 12 October 2018 02:00:36 UTC
jan-ivar commented on this pull request.
> + <section>
+ <h3 id="screen-capture">
+ Screen Capture
+ </h3>
+ <p>
+ The <dfn for="PermissionName" enum-value>"display"</dfn>
+ permission is the permission associated with the usage of
+ [[screen-capture]].
+ </p>
+ <dl>
+ <dt>
+ <a>permission state constraints</a>
+ </dt>
+ <dd>
+ Valid values for this descriptor's <a>permission state</a> are
+ {{"prompt"}} and {{"denied"}}. The user agent MUST NOT ever set this
Yes, it's a design requirement, due to [security risks](https://tools.ietf.org/html/draft-ietf-rtcweb-security-10#section-4.1.1) inherent with screen-capture.
[RTCWEB-SECURITY-ARCH](https://tools.ietf.org/html/draft-ietf-rtcweb-security-arch-15#section-5.2) says: *"Browsers MUST NOT permit permanent screen or application sharing permissions to be installed as a response to a JS request for permissions."*.
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/w3c/permissions/pull/184#discussion_r224652784
Received on Friday, 12 October 2018 02:00:36 UTC