Summary: | [MediaStream] Don't reveal device IDs until the user has granted permission to capture | ||||||||
---|---|---|---|---|---|---|---|---|---|
Product: | WebKit | Reporter: | Eric Carlson <eric.carlson> | ||||||
Component: | WebRTC | Assignee: | Eric Carlson <eric.carlson> | ||||||
Status: | RESOLVED FIXED | ||||||||
Severity: | Normal | CC: | commit-queue, webkit-bug-importer, youennf | ||||||
Priority: | P2 | Keywords: | InRadar | ||||||
Version: | Other | ||||||||
Hardware: | Unspecified | ||||||||
OS: | Unspecified | ||||||||
Attachments: |
|
Description
Eric Carlson
2018-10-31 07:44:01 PDT
This patch will make device IDs empty until permission to capture has been granted, another patch will make the IDs stable. Created attachment 353496 [details]
Patch
Comment on attachment 353496 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=353496&action=review > LayoutTests/fast/mediastream/MediaStreamTrack-getCapabilities.html:90 > + .then(stream => mediaStream = stream); mediaStream = await navigator.mediaDevices.getUserMedia({ audio:true, video:true }); > LayoutTests/fast/mediastream/get-user-media-device-id.html:18 > + assert_true(device.deviceId.length == 0 , "device.deviceId is empty before permission to capture"); Should we go with empty device ids or undefined device ids? The spec seems to forbid empty device ids as they must be unique. In terms of breakage, empty string device ids might be a bit better except if used for hashes. Comment on attachment 353496 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=353496&action=review >> LayoutTests/fast/mediastream/get-user-media-device-id.html:18 >> + assert_true(device.deviceId.length == 0 , "device.deviceId is empty before permission to capture"); > > Should we go with empty device ids or undefined device ids? > The spec seems to forbid empty device ids as they must be unique. > In terms of breakage, empty string device ids might be a bit better except if used for hashes. I think empty ids will cause fewer problems for scripts, so lets go with this for now at least. Created attachment 353501 [details]
Patch for landing
(In reply to Eric Carlson from comment #5) > Comment on attachment 353496 [details] > Patch > > View in context: > https://bugs.webkit.org/attachment.cgi?id=353496&action=review > > >> LayoutTests/fast/mediastream/get-user-media-device-id.html:18 > >> + assert_true(device.deviceId.length == 0 , "device.deviceId is empty before permission to capture"); > > > > Should we go with empty device ids or undefined device ids? > > The spec seems to forbid empty device ids as they must be unique. > > In terms of breakage, empty string device ids might be a bit better except if used for hashes. > > I think empty ids will cause fewer problems for scripts, so lets go with > this for now at least. I filed a corresponding issue there: https://github.com/w3c/mediacapture-main/issues/551 Comment on attachment 353501 [details] Patch for landing Clearing flags on attachment: 353501 Committed r237643: <https://trac.webkit.org/changeset/237643> All reviewed patches have been landed. Closing bug. |