Re: [mediacapture-screen-share] Avoid Hall-of-Mirrors (#209) from Jan-Ivar Bruaroey via GitHub on 2022-03-10 (public-webrtc-logs@w3.org from March 2022)

From: Jan-Ivar Bruaroey via GitHub <sysbot+gh@w3.org>
Date: Thu, 10 Mar 2022 22:29:32 +0000
To: public-webrtc-logs@w3.org
Message-ID: <issue_comment.created-1064571776-1646951370-sysbot+gh@w3.org>

To echo @martinthomson, I'm OK with this idea.

My long-view is [getViewportMedia](https://w3c.github.io/mediacapture-viewport/#dom-mediadevices-getviewportmedia) is for self-capture, and [getDisplayMedia](https://w3c.github.io/mediacapture-viewport/#dom-mediadevices-getviewportmedia) is for everything else. So anything that weans users off of expecting the current tab in the picker early seems good.

@jesup I agree there's no security improvement here. While I'm slightly concerned this change might lull users into not expecting the current tab to be in the picker ever, turning this into a marginal social engineering advantage for a malicious site (e.g. "See, the browser even has special rules for us asking you this"), I don't think it outweighs the benefits.

```idl
boolean excludeCurrentTab = ?; // Default value - let's discuss.
```
I'd like `= true`, based on where we'd like to end up.

But to follow the [TAG's "see also" design principle:](https://w3ctag.github.io/design-principles/#prefer-dict-to-bool) ["APIs that have boolean arguments defaulting to true"](https://lists.w3.org/Archives/Public/public-script-coord/2013OctDec/0302.html) it'd have to be:
```idl
boolean includeCurrentTab = false;
```

> ... some legitimate applications currently use self-capture, and some existing browser would be apprehensive of breaking them (e.g. Chrome).

Do you have a list of these apps? If it's from [here](https://developer.chrome.com/origintrials/#/view_trial/3654671097611157505), they should be unaffected.

Anecdotally based on every video meeting I've been in, capture of other tabs dwarfs self-capture. So without further data, I'd guess the few apps that rely on socially engineering their users to select a specific choice in the picker, are industrious enough to add `includeCurrentTab: true` to keep their apps working.

--
GitHub Notification of comment by jan-ivar
Please view or discuss this issue at https://github.com/w3c/mediacapture-screen-share/issues/209#issuecomment-1064571776 using your GitHub account

--
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Thursday, 10 March 2022 22:29:34 UTC