Re: [mediacapture-record] Improvements to Privacy & Security Considerations (#196) from guest271314 via GitHub on 2020-07-01 (public-webrtc-logs@w3.org from July 2020)

From: guest271314 via GitHub <sysbot+gh@w3.org>
Date: Wed, 01 Jul 2020 20:03:54 +0000
To: public-webrtc-logs@w3.org
Message-ID: <issue_comment.created-652619945-1593633833-sysbot+gh@w3.org>

> FWIW I can't think of a reason why a third-party iframe should have access to this API by default.

Would that include jsfiddle and plnkr?

> We could probably add a `media-recorder` permissions policy and make it `SecureContext` without much breakage.

Is that really necessary? Would that impact usage at `file:` protocol https://github.com/w3c/webappsec-secure-contexts/issues/66? `file:` protocol, though might be considered "insecure" per  langauge in one or more specifications, is far more "secure" that any online protocol.

What primary source definition of `SecureContext` is being relied on?

-- 
GitHub Notification of comment by guest271314
Please view or discuss this issue at https://github.com/w3c/mediacapture-record/issues/196#issuecomment-652619945 using your GitHub account

Received on Wednesday, 1 July 2020 20:05:27 UTC