NalaGinrut
commented
4 years ago hi @svgeesus! I'm one of IE in PING. I'd like to ask a few questions:
This will require asking the user for permission in an appropriate way, probably via the getUserMedia() API.
Is it possible to add API to just give an oneshot session-based permission for accessing MIC? Or maybe it's already included? I haven't learned the current WebAudio further. What I'm concerning here is that once the permission was given, will it be withdrawn locally when I drop the session? I think the server can do it properly, but if the local client still keeps the permission to access the MIC by certain ID of the origin site, it seems possible to be hijacked to monitor users' privacy secretly. Sometimes we just need oneshot permission without trusting some sites forever.
No. AudioWorklet does not persist across browsing sessions.
This seems related to what I proposed, but I'm not sure if it's what I thought.
Thanks!
svgeesus
samuelweiler
Audio WG requests privacy re-review of the Web Audio API. This specification has already had a round of Privacy review; however we are readying an updated CR, and would like to be sure that the changes since the 18 September 2018 CR do not introduce any new privacy concerns.
The changes are primarily clarifications and bugfixes; no new features have been added since the previous CR.
The Security and Privacy Considerations from the last review remains available.
We are happy to visit you in in Yoh, 3F for a brief meeting at TPAC, if any issues are noticed (we are in Kashi, 1F). Alternatively, if you agree that the changes are all minor and don't introduce any new privacy issues, please feel free to close this issue so we can reference it in our CR transition request.
Many thanks!