W3C home > Mailing lists > Public > public-webrtc-logs@w3.org > May 2019

Re: [mediacapture-main] Should deviceId be partitioned by top level origin and document origin (#598)

From: Harald Alvestrand via GitHub <sysbot+gh@w3.org>
Date: Thu, 23 May 2019 19:24:13 +0000
To: public-webrtc-logs@w3.org
Message-ID: <issue_comment.created-495351983-1558639452-sysbot+gh@w3.org>
Firefox used to use double keying (top level & document) for permissions. The spec was written to permit both patterns to be conformant. I believe double keying has been abandoned by all - instead, we changed the default delegation to cross-origin iframes to "block" - one has to explicitly delegate permissions to an iframe if you want it to be able to use the invoker's permissisons.

I'm not sure I understand the implications of double keying on device ID - would that mean that a conferencing app that opened in an iframe on multiple sites would be unable to store device IDs between sessions on different top level origins?


-- 
GitHub Notification of comment by alvestrand
Please view or discuss this issue at https://github.com/w3c/mediacapture-main/issues/598#issuecomment-495351983 using your GitHub account
Received on Thursday, 23 May 2019 19:24:15 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:22:23 UTC