- From: Elad Alon via GitHub <sysbot+gh@w3.org>
- Date: Thu, 23 Jun 2022 16:25:02 +0000
- To: public-webrtc-logs@w3.org
> With a UUID/String you have to do a lot more thinking about how it got to you before you decide to trust it. I don't think the benefit is sufficient for the risk. Why would it be more/less trustworthy if you got it as CropTarget or as string-which-is-a-UUID? Could you please lay out a concrete problematic case that developers would need to be wary of? > But this risks forcing apps to speculatively send their cropTargets to all the big players Or they could use [Capture Handle](https://developer.chrome.com/docs/web-platform/capture-handle/). 1. Expose to whomever. 2. Exposure can be done locally - quick and simple. 3. Capturer can ignore if they don't know and trust the capturee. (Capture Handle lets you know the origin of the capturee - if they opt-in - and you can just ignore otherwise.) -- GitHub Notification of comment by eladalon1983 Please view or discuss this issue at https://github.com/w3c/mediacapture-region/issues/46#issuecomment-1164622052 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Thursday, 23 June 2022 16:25:04 UTC