- From: Jan-Ivar Bruaroey via GitHub <sysbot+gh@w3.org>
- Date: Fri, 03 May 2024 17:17:22 +0000
- To: public-webrtc-logs@w3.org
Ah sorry I misunderstood. I agree it's good to narrow down the problem. I didn't mean to diminish the problem by pointing to it going beyond camera and microphone. On the contrary, this likely needs addressing (call-out or changes) at a higher level, which would be the [permissions](https://github.com/w3c/permissions-policy/issues/new) or [permissions-policy](https://github.com/w3c/webappsec-permissions-policy/issues/new) or spec. > 3. The immediate side-effect is now that other third party code in Figma can launch my webcam. Each plugin within Figma has its own auth flow to interact with my files, but there's no platform review of the relevant utility & an offending plugin could e.g. have useful utility without obvious expectation of camera use. It is Figma that breaks the trust chain here. 1. End-users grant OS permissions to web browsers (level 1 prompt) 2. In the web model, end-users grant permission to the website (level 2 prompt), which in turn is responsible for which third parties it delegates that permission to, and how. 3. It's Figma's job to figure out a model that scales past that to support its complexity (it's unobvious a 3rd level prompt is the answer) Reviewing the tools available today, websites can manage permission delegation to its iframes by (sub)domains using [allowlists](https://www.w3.org/TR/permissions-policy-1/#ascii-serialization): ```js <iframe allow="camera https://vimeo.figma.net https://sub2.figma.net" src="iframe.html"> ``` Central to such a scheme, "plugins" would run in different sub-domains and not have automatic access to `navigator.mediaDevices.getUserMedia` by default, which seems to be the problem here. Configuring which plugins get camera access could be part of the "auth flow" when you "install" the plugin (no need for a 3rd level prompt). -- GitHub Notification of comment by jan-ivar Please view or discuss this issue at https://github.com/w3c/mediacapture-main/issues/991#issuecomment-2093442835 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Friday, 3 May 2024 17:17:23 UTC