W3C home > Mailing lists > Public > public-webrtc-logs@w3.org > December 2020

Re: [mediacapture-screen-share] Add getCurrentBrowsingContextMedia (#148)

From: Jan-Ivar Bruaroey via GitHub <sysbot+gh@w3.org>
Date: Fri, 04 Dec 2020 02:15:40 +0000
To: public-webrtc-logs@w3.org
Message-ID: <issue_comment.created-738512873-1607048138-sysbot+gh@w3.org>
Thanks @eladalon1983 for the summary.

> We've agreed that a capture-this-tab API would be useful, and that we should proceed in our efforts to define that.

To clarify: I recognize capture of the visible top-level viewport has desirable security properties (no oversharing), and, due to CSS, seems simpler to specify than what capturing an embedded iframe or even full document might mean. It's ultimately up to the WG to choose though, so I look forward to your presentation. Btw, I think we should call it `getTabMedia` again, with a `"tab-capture"` permissions policy.

> Question - are there any figures available on the adoption of COEP by web-developers?

I prefer to think of [COEP](https://web.dev/coop-coep/) as _enabling technology_, a solution to security problems allowing web-developers to have things they want, like `sharedArrayBuffer` and `performance.measureMemory()`. I have no doubt `getTabMedia` will be similarly desirable. I plan to present [slides](https://docs.google.com/presentation/d/17Z_vR4pOXn-9wthiqbM9GC7JE7vfbdNffEedBPqj1Mw/edit#slide=id.gaec44d0fdd_2_24) on COEP for capture, which means some more specification work for sure, but at least it wouldn't require COOP.

> I think that it's reasonable that the capture-ability of videos and images is controlled by the document that embeds them. Jan-Ivar, could you explain again why you don't think that would be enough?

A history of security bugs documents the importance of cross-origin image protections ($4000 in Chrome, $3500 in Firefox):
- WebGL https://blog.chromium.org/2011/07/using-cross-domain-images-in-webgl-and.html
- WebRTC https://bugs.chromium.org/p/chromium/issues/detail?id=761622
- SVG https://bugzilla.mozilla.org/show_bug.cgi?id=1559715
- fillText https://bugzilla.mozilla.org/show_bug.cgi?id=1540221

GitHub Notification of comment by jan-ivar
Please view or discuss this issue at https://github.com/w3c/mediacapture-screen-share/pull/148#issuecomment-738512873 using your GitHub account

Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Friday, 4 December 2020 02:15:42 UTC

This archive was generated by hypermail 2.4.0 : Saturday, 6 May 2023 21:19:52 UTC