To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+...@chromium.org.
Can such an API crash the entire system? If so, what do you intend to do to prevent that?
Can this be used as a channel between two isolated processes? Is it possible for intentionally insert a USB device into a persons PC without them knowing that advertises a USB device as allowed from the * origin; and all it does is transfer data from that process to another to accomplish something malicious?
Are there any privacy concerns here? Specifically around the serial number being able to be read and user tracking? Sure it is white-listed domains but perhaps some vendor gives you a discount if you connect this "USB device" to your computer (kind of like the insurance company car discounts).
On Tue, May 26, 2015 at 12:51 PM, 'λ Ken Rockot' via blink-dev <blin...@chromium.org> wrote:
On Tue, May 26, 2015 at 9:34 AM, PhistucK <phis...@gmail.com> wrote:Can such an API crash the entire system? If so, what do you intend to do to prevent that?Only insofar as any other API can crash the entire system. The implementation runs entirely in user space.
☆PhistucK
On Tue, May 26, 2015 at 7:31 PM, 'λ Ken Rockot' via blink-dev <blin...@chromium.org> wrote:
rei...@chromium.org,rockot@chromium.org Editor's draft: http://reillyeon.github.io/webusb/ The web platform API to support programming USB devices.
This gives developers the ability to enumerate devices, claim device interfaces, and initiate low-level I/O in the form of bulk, interrupt, isochronous, and control transfers. To give hardware vendors the ability to develop and deliver hardware drivers on the open web platform.Firefox: No public signals Internet Explorer: No public signals Safari: No public signals Web developers: No signalsThere have been past public discussions about a WebUSB API for other browsers, but there has been no perceivable progress on any of those fronts. We intend to initiate a public discussion around this proposal and reach a consensus among any interested vendors.We believe the compatibility risk in adding this to Blink is relatively low. USB is an established hardware protocol with a well-defined scope of operations, and there are currently no other web platform features or proposals in active development which aim to provide overlapping functionality.None. Initially we will target all platforms except Android/WebView because at the moment there are relatively few practical use cases for Android devices acting as USB hosts. We do intend to support Android and WebView eventually.https://crbug.com/492204 https://www.chromestatus.com/features/5651917954875392 No. Runtime flag only, at the moment.
To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+unsubscribe@chromium.org.To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+unsubscribe@chromium.org.
The privacy concern is one of the reasons for whitelisting. Requiring the user to connect a device to their system seems similar to requiring that they log in. For example, a page in incognito mode requesting to connect to a device would require user permission to be regranted.
This spec has NoInterfaceObject on nearly every interface which doesn't look correct. Please define constructors for all the simple types and remove it from the others.
This spec has NoInterfaceObject on nearly every interface which doesn't look correct. Please define constructors for all the simple types and remove it from the others.
> What's the benefit of adding properties to Window for each interface
> in the spec?
Two things come to mind offhand:
1) It allows instanceof tests.
2) It allows getting hold of the prototype to extend it without having to get your hands on an actual instance.
-Boris