On Tue, Sep 3, 2013 at 2:01 PM, Robert O'Callahan <rob...@ocallahan.org> wrote: > Yes. For example there are plans to enable some kind of "private mode" for > WebRTC MediaStreams that protects stream contents from inspection by the > page. I don't know exactly how this is going to work, but if we allow > MediaStreams to span domains it may get more complicated.
This scenario sounds very different from the one you outline next. > More concretely, > in Gecko we have experimental code to pipe HTML media element output into > MediaStreams, so we already tag MediaStream data with origin information, > but it's implemented in such a way that getUserMedia from one domain would > be restricted in another domain (the other domain could render it in a media > element, but it would be treated as cross-origin and thus would taint > canvases it's drawn into, for example). It's not clear why if as a page I decide to share the MediaStream object I would not want all of that to be shared as I could share all of that regardless, it'd just require more hoops to jump through. > I think it may make sense to provide cross-origin MediaStream transfer at > some point in the future, but I think we have more important things to work > on first. Again, what I'm trying to understand is why we have origin ties in the first place. So far no objects carry origin information in this regard. -- http://annevankesteren.nl/