- From: Elad Alon via GitHub <sysbot+gh@w3.org>
- Date: Thu, 25 Mar 2021 15:52:50 +0000
- To: public-webrtc-logs@w3.org
> > If either of these conditions does not hold at the time when gCBCM is called, we would like to specify that the user agent SHOULD (or MAY) fall back to gDM-like behavior. > > I'd rather keep this separate from gDM, even using a [separate permissions policy](https://docs.google.com/presentation/d/1CeNeno5XuDhm1mpnVyE9eT14YKZgZUtgQsJfC8uqEpA/edit?ts=5fc7fcd2#slide=id.gaef31c926d_1_124), since the security properties are quite different. Requiring a separate permission policy is fine by me. Let's assume that `getViewportMedia` is called from a context that has both the old `display-capture` permission that gates `getDisplayMedia`, as well as the new permission that we end up introducing. I think in this case, calls to `getViewportMedia` should still result in some gDM-like user-prompt if [either site-isolation or the new header] is missing. Rationale - we expect this to happen >99% of the time, at least in the early days, and we don't believe the feature will be useful without it. The compromise that Chrome has reached internally between the demands from Security and the needs of potential feature-customers, is that a confirmation-only dialog is displayed if all of the new security requirements are satisfied, and an explicit-selection dialog is shown otherwise, which is generally gDM-like, but highlights in some spec-compliant way that the application would like to get the current tab. (For example, consider a UA that normally offers windows as the first option if gDM is called, but offers tabs as the first option if gVM-fallback-mode is used.) At the bottom of my comment is an illustration of what Chrome thinks of using. I mention Chrome-specifics only so as to explain our motivation. Spec-wise, Chrome's specific dialog is of course out of scope. For the spec-change, I think the right way to go about it is to say that the user agent SHOULD/MAY fall back to any behavior that complies with the restrictions placed on gDM, but that this behavior MAY differ from the specific UA's usual gDM behavior. (Or maybe we can leave this "MAY differ..." part implicit.) Lastly, we can make this fallback behavior temporary, giving sites time to adopt the security requirements that we introduce. Here's what a gDM-like fall back can look like:  -- GitHub Notification of comment by eladalon1983 Please view or discuss this issue at https://github.com/w3c/mediacapture-screen-share/pull/148#issuecomment-806989007 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Thursday, 25 March 2021 15:52:52 UTC