Re: [mediacapture-region] Why expose produceCropTarget at MediaDevices level? (#11) from Harald Alvestrand via GitHub on 2022-05-11 (public-webrtc-logs@w3.org from May 2022)

From: Harald Alvestrand via GitHub <sysbot+gh@w3.org>
Date: Wed, 11 May 2022 06:42:24 +0000
To: public-webrtc-logs@w3.org
Message-ID: <issue_comment.created-1123246177-1652251342-sysbot+gh@w3.org>

The "no new API" method suggested i nhttps://github.com/w3c/mediacapture-region/issues/11#issuecomment-1123235239 (allowing the capturer to CropTo() to an ID that has not previously been sent to it) will allow a capturer to explore the inner structure of the captured page, without the cooperation of the page (by attempting CropTo() to IDs that are known to be in use by the captured "victim" application and seeing if it succeeds). This may reveal information that is otherwise not available to the capturer.

This is the kind of side effect without a security evaluation that I've been warning about when arguing in favor of a new ID scheme.

-- 
GitHub Notification of comment by alvestrand
Please view or discuss this issue at https://github.com/w3c/mediacapture-region/issues/11#issuecomment-1123246177 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Wednesday, 11 May 2022 06:42:25 UTC