[whatwg] Do we really need to introduce a <device> element for giving access to webcams and mikes?

Julien Cayzac julien.cayzac at gmail.com
Mon May 3 19:37:44 PDT 2010


(forgot to do a Reply to all on this one. Sorry, Anne, for the duplicate)

On Tue, May 4, 2010 at 11:13 AM, Anne van Kesteren <annevk at opera.com> wrote:
> What is the model for protecting user privacy here?

It was in my message: "in both cases the browser should notify the
user the page is requesting permission to access these devices". The
same is done today with the geolocation feature, for instance. The
user has to give access permission to the page, in a browser-dependent
way.

> Large part of the motivation for something like the <device> element is that
> the user is actively involved in giving the website the ability to access
> the user's camera stream and use it. (E.g. manipulate it through <canvas> or
> transmit it over the wire using WebSocket.)

I am not sure if I get your point here: are you saying that using the
webcam locally in a canvas and somehow transmitting the webcam video
over the network are two independent permissions to grant? If so, how
would you detect the latter, since by allowing the page to manipulate
the video in <canvas> you would give it permission to use toDataURL()
too, so it could still transmit frames to the server or to other party
if a ConnectionPeer is involved?

Julien.
-- 
Julien Cayzac
http://julien.cayzac.name/
skype://jcayzac?chat



More information about the whatwg mailing list