To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+...@chromium.org.
You get the feedback of the Chrome team and then you should probably go to the standards body and propose this feedback (unless you disagree). These do not conflict, they complete each other.The specification does not mention any permission that needs to be granted to enumerate the devices.Have you implemented the flow so that the returned list is empty if the origin has no granted permission for getUserMedia, if not, will if throw? What happens?
Last time promises tried to push their way into the getusermedia API, they were met with somewhat fierce resistance.
There are a number of instances of the call / success-callback / failure-callback pattern in the getusermedia API; it does not make any sense to depart from this pattern for the enumerateDevices call only. Either we convert none, or we convert them all.
I've been wondering which is easiest/hardest: Polyfill promises on top of call/success/failure or polyfill call/success/failure on top of promises. This might affect the decision on which pattern ends up as part of the platform and which ends up as a commonly used polyfill.
On Mon, Aug 18, 2014 at 1:52 PM, Ian Hickson <i...@hixie.ch> wrote:I would like to see something like this:
> Say I go to a site, and the site wants to get video from my USB cam, or
> play audio to my remote speakers. What's the expected interface?
1. Web content in (https, example.com, 443) creates a div, button, or
other element whose onclick handler calls getUserMedia. (Or whatever.)
2. The browser handles that call by opening up a chooser, in
trustworthy native UI (not web contents) giving the user a choice of
which input device (or pseudo-device, including still image/avatar,
null device, whatever) to expose to the origin. There is a checkbox to
the effect of: "[x] Remember this decision for [ Good HTTPS Icon ]
example.com".
On could argue, and in Chrome we generally try to, that broken HTTPS,
HTTP, or otherwise non-secure origins shouldn't get persistent access,
i.e. no [x] Remember checkbox. (Or even that non-secure origins don't
even get to ask, or only get access to pseudo-devices, or, or, ...)
On Aug 19, 2014 3:50 AM, "Harald Alvestrand" <h...@google.com> wrote:
> We had a chooser in an earlier version; UI people were not happy, we abandoned it. (I think Firefox still has it.)
> We also had a "remember this choice" on an earlier version; UI people were not happy; we abandoned it, and will now always remember for HTTPS and never remember for HTTP.
Can you be more specific about what people didn't like about it?
> So the difference between current Chrome and what Chris is suggesting is the amount of information and user choices presented in the permission-requesting prompt.
That's a pretty big difference. :)
I feel strongly that the current permissions system is a security UX anti-pattern and that we can serve users better.
On Aug 19, 2014 10:00 AM, "Ian Hickson"
> That site didn't work at all. It picked completely the wrong camera, and
> there was no obvious way for me to tell it the right one. Also, what about
> a site that requires a camera, but for which I just want to pass a looping
> stock video rather than giving the site access to my actual camera?
Indeeeeeed.
I think the flow Chris is describing *is* the current flow, to a close approximation.On Mon, Aug 18, 2014 at 11:34 PM, Chris Palmer <pal...@google.com> wrote:
On Mon, Aug 18, 2014 at 1:52 PM, Ian Hickson <i...@hixie.ch> wrote:I would like to see something like this:
> Say I go to a site, and the site wants to get video from my USB cam, or
> play audio to my remote speakers. What's the expected interface?
1. Web content in (https, example.com, 443) creates a div, button, or
other element whose onclick handler calls getUserMedia. (Or whatever.)This is the existing flow.
2. The browser handles that call by opening up a chooser, in
trustworthy native UI (not web contents) giving the user a choice of
which input device (or pseudo-device, including still image/avatar,
null device, whatever) to expose to the origin. There is a checkbox to
the effect of: "[x] Remember this decision for [ Good HTTPS Icon ]
example.com".This is the existing flow, with the prompt being "<website> would like to use your camera and microphone".We had a chooser in an earlier version; UI people were not happy, we abandoned it. (I think Firefox still has it.)We also had a "remember this choice" on an earlier version; UI people were not happy; we abandoned it, and will now always remember for HTTPS and never remember for HTTP.