- From: Jan-Ivar Bruaroey via GitHub <sysbot+gh@w3.org>
- Date: Thu, 24 Oct 2024 13:48:47 +0000
- To: public-webrtc-logs@w3.org
Permissions are necessary when undesirable behaviors are indistinguishable from desirable ones (microphone capture for example). Undesirable behaviors: - Attempts to click-jack scrolling input from the user, through techniques such as - div covering entire page - transparent element - element following the mouse - element larger than visible preview video - element not visible to the user - Attempts to induce over-scroll - no preview video - delayed preview video - inauthentic preview video If UAs detect these behaviors, they can simply disable forwarding. No trust needed. Desirable behaviors: - User-visible, live and stable preview area the user can comfortably interact with (doesn't jump around) - Emojis on top > The MVP to me is to forward user gestures for a video element that is fully displayed and without any other element above it. This seems to satisfy the desirable behaviors except emojis. It seems implementable without relying on users trusting the website, provided the UA detects the undesirable behaviors that remain possible (last-second moving of the element, pausing playback etc.). I'm open to extending MVP to solving emojis. As I proposed in https://github.com/w3c/mediacapture-screen-share-extensions/issues/13#issuecomment-2429352632: _"CSS [or]... a div.enableGestureForwarding to forward gestures to the video element underneath."_ -- GitHub Notification of comment by jan-ivar Please view or discuss this issue at https://github.com/w3c/mediacapture-screen-share-extensions/issues/14#issuecomment-2435351548 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Thursday, 24 October 2024 13:48:48 UTC