- From: hills via GitHub <sysbot+gh@w3.org>
- Date: Tue, 08 Sep 2020 10:36:35 +0000
- To: public-webrtc-logs@w3.org
> Let's say a device is always broken and page somehow knows it. > A page could try to call getUserMedia with exact constraints on that device. > Without the change, the getUserMedia call would fail and the page would be granted enumerateDevice permission. > User has no way to notice this information leakage. In any sane system this case does not exist, because returning failure (or success) must take place **after** the permissions check. Leaving the user well aware; because they either confirmed then and there, or specifically asked the browser to remember this choice. So, before I continue, it seems you are clarifying that the failure case you are concerned about happens before permissions check? -- GitHub Notification of comment by hills Please view or discuss this issue at https://github.com/w3c/mediacapture-main/issues/709#issuecomment-688780979 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Tuesday, 8 September 2020 10:36:37 UTC