Re: [mediacapture-screen-share] API for Grabbing a Screenshot (#160) from Jan-Ivar Bruaroey via GitHub on 2021-04-19 (public-webrtc-logs@w3.org from April 2021)

From: Jan-Ivar Bruaroey via GitHub <sysbot+gh@w3.org>
Date: Mon, 19 Apr 2021 14:47:09 +0000
To: public-webrtc-logs@w3.org
Message-ID: <issue_comment.created-822525890-1618843627-sysbot+gh@w3.org>

> I am not sure yet if I am arguing for 1 or 3

@eladalon1983 This is making it hard to have a meaningful conversation about security, and risks confusing things. I propose we table this until we've made progress on the viewport capture security story. We still have lots to sort out there first.

> 1. I don't think cross-origin isolation and/or opt-in would remove the need for in-browser blacking out or otherwise censor content prior to handing it over to the application.

If that's true it would be a severe blow to the *getViewportMedia* security story. Would love to hear the threat model.

-- 
GitHub Notification of comment by jan-ivar
Please view or discuss this issue at https://github.com/w3c/mediacapture-screen-share/issues/160#issuecomment-822525890 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Monday, 19 April 2021 14:47:11 UTC