On 4/17/2012 11:31 AM, Zack Weinberg wrote: > On 2012-04-14 9:57 PM, Lucas Adamski wrote: >> On Apr 13, 2012, at 8:20 PM, Zack Weinberg wrote: >> >>> On 2012-04-13 6:37 PM, Adrienne Porter Felt wrote: >>>> I'm trying to brainstorm a new way to fit trusted UI into the >>>> user's normal flow that would enable preview modification, >>>> without throwing up a standard dialog. If anyone buys my case >>>> that we need such a thing, suggestions for how to get around the >>>> preview problem would be awesome. :) >>> >>> The API could let the app apply arbitrary WebGL operations to the >>> feed from the camera, but not allow the result to go anywhere but >>> the screen until the user hits the button. >> >> I won't pretend to know WebGL enough to understand its full >> capabilities, but is it feasible to apply such effects to images >> without being able to read the data? > > Shader programs are Turing-complete and run in a sandbox with exactly the > security properties we need here. I'm pretty > sure all of the examples you gave can be done under the constraint I > described.
Good to know, thanks! > I do know a use case that won't fit into this paradigm: Photosynth ( > http://itunes.apple.com/us/app/photosynth/id430065256?mt=8 ) lets you > construct a panoramic image simply by waving your > phone around. It automatically positions photos on a virtual sphere based on > orientation sensor data plus image > analysis, and automatically takes photos to fill in gaps. The image analysis > here could (in principle) be done in a > shader, but taking additional photos at appropriate times based on the > analysis can't. > > But we have an alternative ready-to-hand, without falling back to permissions > dialogs: video recording mode. If > WebGL-preview-until-user-authorizes-still isn't good enough, ask for > permission to record video; that gives access to > the raw video stream (until the user presses the button again) and an API to > take stills whenever you want. I'm guessing by "video recording mode" you really mean "full camera access"? I ask because video frame capture is not comparable to photo capture from a quality standpoint, but we could grant the app the ability to take unlimited pictures for that period of time. Lucas. _______________________________________________ dev-security mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security
