Re: [mediacapture-screen-share] Consider exposing screen share state to websites. (#220) from NDevTK via GitHub on 2022-04-26 (public-webrtc-logs@w3.org from April 2022)

From: NDevTK via GitHub <sysbot+gh@w3.org>
Date: Tue, 26 Apr 2022 14:18:09 +0000
To: public-webrtc-logs@w3.org
Message-ID: <issue_comment.created-1109855491-1650982687-sysbot+gh@w3.org>

Im not trying to prevent the user but before showing an API key or the users emails that where navigated to from cross-site there should be some user acknowledgement unless not wanted.

Hiding parts of the UI means screen recording can still be done without sharing all the information from the site but the browser should make it an optional feature.

I think navigation attacks are more important however and agree there should be a confirmation for navigation when cross-origin maybe it should also include when a window becomes visible to avoid attacks with .focus();

-- 
GitHub Notification of comment by NDevTK
Please view or discuss this issue at https://github.com/w3c/mediacapture-screen-share/issues/220#issuecomment-1109855491 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Tuesday, 26 April 2022 14:18:10 UTC