[mediacapture-region] Prevent uncropping (#76)

eladalon1983 has just created a new issue for https://github.com/w3c/mediacapture-region:

== Prevent uncropping ==

Consider an application that self-captures, crops to a region of interest, and then posts the track on to a cross-origin iframe. One typical scenario for this would be when a general application embeds a third-party service that provides video-conferencing capabilities.

![image](https://user-images.githubusercontent.com/22117736/218730143-f8ecde54-2e81-4e82-8fd4-d9ef0e4f2b29.png)

Because it's possible to change crop-targets, and even undo cropping altogether, the cross-origin iframe was basically given permission to capture the entire tab, which might be more than the original owner of the track intended. The receiver would even be able to embed third-party content and then re-crop to only capture that content!

It would be good if a mechanism existed to "lock-in" a track to its current crop-target, disallowing further calls to cropTo().

I propose:
```webidl
void lockCropTarget();
```

I think this is the MVP. Theoretically, we could specify an unlock() mechanism, to be available only in the origin of the original locker. But I think we don't need to do that yet; the original could polyfill this by keeping an uncropped clone. We can revisit if the need arises.

Please view or discuss this issue at https://github.com/w3c/mediacapture-region/issues/76 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Tuesday, 14 February 2023 11:52:28 UTC