Giter Club home page Giter Club logo

Comments (3)

alastor0325 avatar alastor0325 commented on August 19, 2024

This is a great question. As we know, every user-agent has different ways to handle blocking autoplay. Allowing autoplay on foo.com doesn't mean that user explicitly set foo.com in their user setting. It could be

  • a user-agent uses the user-gesture activation and a user clicks on foo.com
  • a user-agent uses the user-gesture activation and will propagate the allow permission to all its child frames, then a user clicks on bar.com and foo.com is a child frame embedded inside bar.com
  • a user-agent uses a special way (eg. chrome's media engagament index) which indicates media on foo.com would be allowed to autoplay
  • a user explictly allow foo.com to autoplay by adding it to a user-agent specific setting list
  • a user explicitly disallow foo.com to autoplay. But a user performs a supported behavior on the page (eg. user gesture activation, or click on certain media element) which allows foo.com to be allowed to autoplay.

There might still be more different situations depending on a user-agent's implementation. Considering so many different situations can happen on one result, I think it's very low risk that this API can be used for fingerprinting.

from autoplay.

alastor0325 avatar alastor0325 commented on August 19, 2024

For the reference, MediaWG had discussed this issue on March last year.

In short, this API doesn't expose any new information to the web. It's just simplify how web developers can query the result without using different kind of workarounds. All the information they can know via the new API will be equal to what they can know now, which is performed by observing the media element's events and statues (eg. playing, timeupdate).

In addition, here is the privacy review I requested in case anyone is interested in.

from autoplay.

alastor0325 avatar alastor0325 commented on August 19, 2024

In the MediaWG minutes I posted above, the conclusion is that there is no major concern about privacy for this API, because web developers can use current existing media element API to get the same result. It's also hard to mitigate privacy concerns in all cases for media for the current existing API.

Therefore, I'm going to mark this issue as closed.

from autoplay.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.