W3C home > Mailing lists > Public > public-webrtc@w3.org > November 2013

Re: Why does screen sharing require a browser extension?

From: cowwoc <cowwoc@bbs.darktech.org>
Date: Tue, 26 Nov 2013 18:57:42 -0500
Message-ID: <52953576.6000202@bbs.darktech.org>
To: Martin Thomson <martin.thomson@gmail.com>
CC: Justin Uberti <juberti@google.com>, "public-webrtc@w3.org" <public-webrtc@w3.org>
On 26/11/2013 6:52 PM, Martin Thomson wrote:
> On 26 November 2013 15:46, cowwoc <cowwoc@bbs.darktech.org> wrote:
>> If the default is "don't share" (similar to CORS) then I don't think this
>> approach scales.
> If the choice here is between "some sites don't work" and "user's get
> screwed and don't understand why", I think that I know where I stand.
>
> There is a possibility that the default for the top-level frame can be
> made permissive.  That's something that might need some extra thought.
>   I don't think that you can say that iframes are ever safe to allow.

I'm in favor of that approach (top-level frame is permissive and nested 
iframes are not).

Gili
Received on Tuesday, 26 November 2013 23:58:43 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 15:19:36 UTC