Re: [w3ctag/design-reviews] Element Capture (Issue #954) from Elad Alon on 2024-09-10 (public-webapps-github@w3.org from September 2024)

From: Elad Alon <notifications@github.com>
Date: Tue, 10 Sep 2024 07:05:17 -0700
To: w3ctag/design-reviews <design-reviews@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <w3ctag/design-reviews/issues/954/2340918041@github.com>

(Note: Questions reordered to make the answers clearer, as later answers build on top of earlier ones.)

> It seems like the explainer is very lean.

I aimed to make the explainer brief, and [this article](https://developer.chrome.com/docs/web-platform/element-capture) goes into more details and is more "instructive" in its tone. HTH?

> You have a goal of avoiding occlusion, but what about elements that are partially-transparent?

Occluded content is "magic erased" from the capture as is occluding content. The article (link above) discusses this in detail, while the explainer, I acknowledge, only made passing and implicit reference to this fact ("frames produced on the restricted video track only consist of information from the target-element and its descendants"). Hope that's clear now. :-)

> what is the permissions flow for this scenario?
> [...]
> What would the user be prompted for in this case?

This API builds **on top** of existing screen-sharing API, meaning that the permission flow remains entirely unchanged. An application would first call `getDisplayMedia(...)` or `getViewportMedia()` or any other past/future screen-sharing API, and the user would go through the usual selection process associated with it. It's only after this completes, **if** the user shares the (entire) current tab, that the Element Capture API can be invoked.

> Can this be treated like an extension to ViewPortCapture?

That's an alternative approach that we have considered. But as of the time of writing, `getViewportMedia()` remains theoretical, several years after it was initially proposed. To ensure impact, we have shaped Element Capture to be agnostic of whether gDM, gVM or any other API produced the track which is being "restricted" by our new API.

> [...] have you considered ways to start with the specific part to be shared instead?

I actually think that starting with the entire current tab, is a strength of the current API shape, because we lean on established methods to prompt the user to share something they know is compromising, and avoid giving them the false sense of security, that they are sharing "less". Imagine a user, for instance, sharing "just the X iframe" and not realizing that it could, at any moment, be navigated, or load cross-origin resources... But sharing the entire current tab, that's a concept users already understand, and they know that it requires elevated trust.




-- 
Reply to this email directly or view it on GitHub:
https://github.com/w3ctag/design-reviews/issues/954#issuecomment-2340918041
You are receiving this because you are subscribed to this thread.

Message ID: <w3ctag/design-reviews/issues/954/2340918041@github.com>

Received on Tuesday, 10 September 2024 14:05:21 UTC