Re: [mediacapture-region] Why expose produceCropTarget at MediaDevices level? (#11)

> > > the iframe was ok with being embedded into the page, maybe this is a good enough restriction?
> > 
> > ... that seems to be a very liberal restriction when dealing with cross-origin iframe's internal structure..
> Probably ... there are ways to fix this (opt-in via requiring to pass the environment id in cropTo, or additional API...

I was suggesting opt-in  as well, but it leaves the core problem unaddressed though, which @alvestrand expressed:

> the page author has no reason to believe that those elements[' ids] are cross-origin exposed.

This seems true and surprising even with opt-in. By not accepting element id as input to `cropTo` we avoid this class of problems, which seems beneficial regardless of other classes of (bigger¹) problems. I'm convinced.

<sub>1. The "bigger problem" being: the same page author has no reason to believe data and resources they render are cross-origin exposed — Hopefully our concerns for page authors will be applied equally here and to speeding up implementation and migration to the safer [getViewportMedia](!</sub>

GitHub Notification of comment by jan-ivar
Please view or discuss this issue at using your GitHub account

Sent via github-notify-ml as configured in

Received on Friday, 13 May 2022 22:50:08 UTC