- From: Dominique Hazael-Massieux via GitHub <sysbot+gh@w3.org>
- Date: Fri, 26 Mar 2021 07:25:01 +0000
- To: public-webrtc-logs@w3.org
I don't think falling back to gDM when gVP fails is a good approach: * it assumes gDM will always be the right fallback; there may be cases when doing nothing or falling back to captureStream would be better alternative * as @jan-ivar says, the fallback option of gVP can't be a path to something that has weaker security characteristics than both gDM & gVP, esp since it's an easy to activate path for a possible attacker Regarding the fact that sharing a full-screen is as or more dangerous than sharing a tab in a single screen scenario, I think part of the reasoning is that users understand much better than sharing your entire screen is potentially scary, whereas they might think it is benign to share the tab that is asking for screen sharing. So it is not that it is safer, but that users will have more accurate understanding of the risks. And conversely, because developers might expect users will be offered a scary choice, it makes it a less attractive option for attackers. Separately, we've heard several times that the current lack of ability for developers to guide the capture surface in gDM leads to suboptimal UX - I wonder if we should look into reinstating a way for developers to give a hint, which UAs could choose whether and how to take into account (e.g. based on previous interactions of the user with the site, maybe based on the cross-origin isolation status of the tab if a tab is being requested, …) - but that would need to be a separate discussion. -- GitHub Notification of comment by dontcallmedom Please view or discuss this issue at https://github.com/w3c/mediacapture-screen-share/pull/148#issuecomment-808000657 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Friday, 26 March 2021 07:28:02 UTC