proposed change for #402 #407
Conversation
the first attempt to fix #402
| <p>When new media input and/or output devices are made available, and if either the | ||
| <a data-lt="retrieve the permission state">permission state</a> of the | ||
| "list-devices" permission is "granted" or any of the local devices are | ||
| attached to an active MediaStream in the current browsing context, then |
There was a problem hiding this comment.
This removes all permission requirements for the devicechange event, which I don't think we agreed to.
I think we need to keep this, and an exception for the active tab that has input focus. Something like:
", or the active document in the current browsing context is fully active and has focus, then"
There was a problem hiding this comment.
@jan-ivar, I'll update this part based on your input.
There was a problem hiding this comment.
I still haven't figured out a situation where protecting the devicechange event gives any real protection (see previous discussion). Until I see such a scenario, I am in favor of removing all coupling between the devicechange event and the deviceinfo permission.
There was a problem hiding this comment.
@alvestrand arguing for going further than this PR, is not a reason to hold up this PR I think.
This PR removes permission for the active tab and aligns enumerateDevices with the firing of the event, like we do with other events.
There was a problem hiding this comment.
@alvestrand I would be against going further. If I have, say, 100 tabs open across 3 separate brand browsers, and pull out my USB device, and we signal all tabs about that immediately, that's a fairly strong timing signal to all those tabs' JS that I might be the same user, in spite of every other precaution I might have taken to be anonymous (including using separate browsers, VPNs, denying cookies, and any tracking-protecting private browsing modes).
There was a problem hiding this comment.
I should add virtual machines to that list, if they have USB hooked up.
| the User Agent MUST run the following steps:</p> | ||
| <ol> | ||
| <li> | ||
| <p>If <var>storedDeviceList</var> exists, then delete <var>storedDeviceList</var>.</p> |
There was a problem hiding this comment.
Needs to be a [[storedDeviceList]] internal slot on the global object in the current realm I think, and set to an empty array.
There was a problem hiding this comment.
@jan-ivar, thought about that, an "empty" list is still a valid list, i.e. before the event is fired.
There was a problem hiding this comment.
@ShijunS Good point. Let's initialize it to undefined then, as "existence" can be ambiguous.
| @@ -3018,6 +3023,10 @@ | |||
| <p>Run the following steps in parallel:</p> | |||
| <ol> | |||
| <li> | |||
| <p>If <var>storedDeviceList</var> exists, then let <var>resultList</var> | |||
There was a problem hiding this comment.
[[storedDeviceList]] is not undefined,
| @@ -3018,6 +3023,10 @@ | |||
| <p>Run the following steps in parallel:</p> | |||
| <ol> | |||
| <li> | |||
| <p>If <var>storedDeviceList</var> exists, then let <var>resultList</var> | |||
| be a copy of <var>storedDeviceList</var>, and skip steps 2-5 below.</p> | |||
There was a problem hiding this comment.
Since step 5 sets storedDeviceList to resultList, I think we can invert this condition and say:
"If [[storedDeviceList]] is empty, then execute the following steps:"
and move steps 2-5 in to be conditional sub-steps this step which culminate in setting [[storedDeviceList]].
There was a problem hiding this comment.
@jan-ivar, if storedDeviceList exists, we still need to copy storedDeviceList to resultList. We might need more changes if we want to move 2-5 to sub-steps.
There was a problem hiding this comment.
Or s/resultList/storedDeviceList/ in step 8 and 9.
There was a problem hiding this comment.
I would prefer not to have explicit step numbers in the algorithms, since they need to be updated when a new step is added. You could either use a label and jump to it (see Permission Failure: in the gUM() steps), or restructure as @jan-ivar suggests.
There was a problem hiding this comment.
Thanks @adam-be for the feedback. I made a few more edits, PTAL.
| the User Agent MUST run the following steps:</p> | ||
| <ol> | ||
| <li> | ||
| <p>If <var>storedDeviceList</var> exists, then delete <var>storedDeviceList</var>.</p> | ||
| <p>If <var>storedDeviceList</var> is not undefined, then delete <var>storedDeviceList</var> |
There was a problem hiding this comment.
The scope of storedDeviceList isn't clear here IMHO. Usually, var refers to local vars made in-algorithm with let.
I still think it needs to be an internal slot, which we now have several of.
There was a problem hiding this comment.
What is it tied to then? As I understand it, an internal slot can be set to undefined just like any other value.
There was a problem hiding this comment.
If we need to tie this to an object, the MediaDevices will be the best match. @jan-ivar, any suggestion on at what point an internal slot could be allocated for MediaDevices?
There was a problem hiding this comment.
Yes, I put mine on page load here.
There was a problem hiding this comment.
@jan-ivar, please take another look with the new commit. I also replaced "undefined" with "null" to indicate the absence of a usable value.
as suggested by @jan-ivar.
| <p>If <var>storedDeviceList</var> is not undefined, then delete <var>storedDeviceList</var> | ||
| so it becomes undefined.</p> | ||
| <p>If [[\storedDeviceList]] is not null, then set [[\storedDeviceList]] | ||
| to null.</p> |
There was a problem hiding this comment.
Or maybe just: "Set [[storedDeviceList]] to null." ?
| @@ -3093,7 +3099,7 @@ | |||
| </ol> | |||
| </li> | |||
| <li> | |||
| <p>Update <var>storedDeviceList</var> to be same as | |||
| <p>Update [[\storedDeviceList]] to be same as | |||
There was a problem hiding this comment.
Or maybe: "set [[storedDeviceList]] to resultList." ?
| relevant global object</a>, run the following steps:</p> | ||
| <ol> | ||
| <li> | ||
| <p>create three internal slots: [[\devicesLiveMap]], [[\devicesAccessibleMap]], and |
| <code><a>MediaDevices</a></code> object. The User Agent MAY fire just a | ||
| <p>When new media input and/or output devices are made available, if either the | ||
| <a data-lt="retrieve the permission state">permission state</a> of the | ||
| "list-devices" permission is "granted", or any of the local devices are |
s/list-devices/device-info/ s/create/Create replace step numbers with a label
|
This LGTM now. Time to merge? |
|
@ShijunS can you resolve the conflicts? We'll then merge. |
|
I had problem when resolving merge conflict in this PR patch, so replacing with PR #412. |
the first attempt to fix #402