On Fri, May 19, 2023 at 6:56 AM Simon Hangl <simo...@chromium.org> wrote:
> Contact emails > > simo...@chromium.org > > Explainer > > https://github.com/screen-share/capture-all-screens/blob/main/explainer.md > > Specification > > https://screen-share.github.io/capture-all-screens/ > > Design docs > > https://screen-share.github.io/capture-all-screens > > https://github.com/screen-share/capture-all-screens/blob/main/explainer.md > > > https://docs.google.com/document/d/1p8hhW8cp1PbhEClMTWzYGjfTkBxaNcD34170F60FRpg/edit?resourcekey=0-gLQD4Q6bPVJlZ3gEyZ4_mA#heading=h.qxjlhbc2utcv > > Summary > > Web apps will be able to capture multiple surfaces at once. > > This feature introduces a new API "getAllScreensMedia()" that allows > developers to request several surfaces at once (instead of only one with > "getDisplayMedia()"). This API will auto-accept capture requests (for > managed sessions only), guarded by policies that have to be explicitly set > by the device owners and with clear usage indicators so that users are > aware of capturing at all times. > Do you have an Alternatives Considered section somewhere <https://github.com/screen-share/capture-all-screens/blob/main/explainer.md> that explains why the bikeshed is painted this color? e.g. this could be `getMultipleDisplayMedia()` and be identical to `getDisplayMedia()` except that it returns a sequence<> and lets the user pick more than one screen to present. The UI could have a checkbox for "all screens" if that's a common option. There could be an enterprise policy to auto-accept requests from a particular origin, but such an API could also be useful on the open web, as Elad argued in https://github.com/w3c/mediacapture-screen-share/issues/204. Blink component > > Blink <https://bugs.chromium.org/p/chromium/issues/list?q=component:Blink> > > TAG review > > None > > TAG review status > > Pending > > Risks > > Interoperability and Compatibility > > This API rejects requests from pages that are not allow-listed through an > administrator. The likelihood of this API being adopted by a browser that > does not provide administrators mechanisms to manage clients is low. > > > Gecko: N/A - given that the API is limited to managed configurations, > it's not clear that requesting a position is needed > > WebKit: N/A - given that the API is limited to managed configurations, > it's not clear that requesting a position is needed > Have we ever asked their position on a managed-only API? Firefox and Safari do have support for enterprise policies, so it's not obvious that they'd have no opinion about this API. Web developers: Positive ( > https://github.com/screen-share/capture-all-screens/issues/9) > > Other signals: > > Ergonomics > > No > > Security > > - > > Malicious sites exploiting the API and stealing sensitive information > shown on the users device: Prevented by enabling the API only for pages > allowlisted by the device’s admin. > - > > Users exposing private information on managed devices: Prevented by > notifying the user that 1) capture *may* happen in the session, 2) showing > a notification when capturing *is* happening and 3) showing a system tray > icon when capturing *is* happening (c.f. Privacy comments and approval on > https://bugs.chromium.org/p/chromium/issues/detail?id=1300881). > > FWIW, my framework for this is at https://w3ctag.github.io/privacy-principles/#device-administrators, and I think you've done a reasonably good job of handling the tradeoff. My one concern is whether complete screen capture is actually reasonable for device owners' legitimate concerns. Certainly they _want_ to completely surveil their employees or students, and they'll say they need to, but do they really? Do you want to work with your screen always being recorded? WebView application risks > > Does this intent deprecate or change behavior of existing APIs, such that > it has potentially high risk for Android WebView-based applications? > > None > > > Goals for experimentation > > Learn about the experience of web developers and how this API fulfills > their needs. > > Ongoing technical constraints > > None > > Will this feature be supported on all six Blink platforms (Windows, Mac, > Linux, Chrome OS, Android, and Android WebView)? > > No > > Right now this API is only supported on ChromeOS. The privacy measures > (e.g. the right way to notify users on login / API users) will have to be > developed for other platforms first. Data from the ChromeOS platform will > help to design this on other platforms. > > > Is this feature fully tested by web-platform-tests > <https://chromium.googlesource.com/chromium/src/+/main/docs/testing/web_platform_tests.md> > ? > > No, as WPTs don’t support setting of managed policies. The API is tested > by a number of unit- and browser- tests (Test files > <https://source.chromium.org/search?q=getallscreensmedia%20f:test.cc%20-f:out%2F&sq=> > ). > > DevTrial instructions > > https://github.com/screen-share/capture-all-screens/blob/main/HOWTO.md > > Flag name > > enable-get-all-screens-media > > Requires code in //chrome? > > True. To support this API, embedders need to implement the > ContentBrowserClient::ContentCreateScreenEnumerator > <https://source.chromium.org/chromium/chromium/src/+/refs/heads/main:content/public/browser/content_browser_client.h;l=1377;drc=9c68f2c46912577bf73bcf032c0f8c00379a0bca> > interface. > > Tracking bug > > https://bugs.chromium.org/p/chromium/issues/detail?id=1300883 > > Launch bug > > https://bugs.chromium.org/p/chromium/issues/detail?id=1300881 > > Estimated milestones > > DevTrial on desktop > > 116 > > > Link to entry on the Chrome Platform Status > > https://chromestatus.com/feature/6284029979525120 > > Links to previous Intent discussionsIntent to prototype: > https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAEdDZo9N354i6eST0x19TXwpeBtgs5_gJUYVF%2BTKLpiJySDADg%40mail.gmail.com > > > -- > You received this message because you are subscribed to the Google Groups > "blink-dev" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to blink-dev+unsubscr...@chromium.org. > To view this discussion on the web visit > https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAEdDZo91PLDMpuKuUBbqTtWvA9KRBAAJW6MxozCKcaipaGOTbQ%40mail.gmail.com > <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAEdDZo91PLDMpuKuUBbqTtWvA9KRBAAJW6MxozCKcaipaGOTbQ%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+unsubscr...@chromium.org. To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CANh-dX%3DiFY_rCmN%3DOMsJfFGybhTRAG3jajLRn9FS5cActJGjkw%40mail.gmail.com.
