- From: Nicholas Macias via GitHub <sysbot+gh@w3.org>
- Date: Fri, 03 May 2024 22:05:28 +0000
- To: public-webrtc-logs@w3.org
> You're also trusting Replit.com In this case, I *do* trust Replit (they have my credit card), and I also trust myself. In granting this permission, there is nothing but good faith. As a user, the unexpected gap in the trust model is that I have to trust everyone else creating content on Replit (not intuitive nor practical), in the event that Replit isn't taking (demonstrably uncommon) steps to isolate the permission. I think we're approaching clarity: 1. We agree there is a risk here? That a user is prompted to allow the use of the camera and/or microphone, and that permission has unexpectedly broad scope? 2. Sites that allow third-party use of the API do not commonly implement granular controls. I have personally not encountered any examples in the wild. 3. The technology exists to implement said protections, today, across browsers. It's a little clumsy in that each site host has to provide a bespoke interface for third-party code to request camera access (such as an authenticated flow, UX outside the iframe, or postMessage et al), but it is entirely possible. If those points are firm, I argue that they feel like a spec-shaped problem. In the sense that something is wrong, and no one is doing a currently-viable thing about it? -- GitHub Notification of comment by rockinghelvetica Please view or discuss this issue at https://github.com/w3c/mediacapture-main/issues/991#issuecomment-2093821443 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Friday, 3 May 2024 22:05:29 UTC