27989 – Should audio and video tracks be exposed cross-origin?

This is an archived snapshot of W3C's public bugzilla bug tracker, decommissioned in April 2019. Please see the home page for more details.

Bug 27989 - Should audio and video tracks be exposed cross-origin?

Summary: Should audio and video tracks be exposed cross-origin?

Status:	RESOLVED MOVED

Alias:	None

Product:	WHATWG
Classification:	Unclassified
Component:	HTML (show other bugs)
Version:	unspecified
Hardware:	Other All

Importance:	P3 normal
Target Milestone:	Unsorted
Assignee:	Ian 'Hixie' Hickson
QA Contact:	contributor

URL:	https://html.spec.whatwg.org/#loading...
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2015-02-10 04:29 UTC by contributor
Modified:	2019-03-29 21:37 UTC (History)
CC List:	5 users (show)

See Also:

Attachments

Description contributor 2015-02-10 04:29:24 UTC

Specification: https://html.spec.whatwg.org/
Multipage: https://html.spec.whatwg.org/multipage/#loading-the-media-resource
Complete: https://html.spec.whatwg.org/#loading-the-media-resource
Referrer: 

Comment:
Should audio and video tracks be exposed cross-origin?

Posted from: 14.162.108.112
User agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/40.0.2214.94 Safari/537.36 OPR/27.0.1689.66

Comment 1 Philip Jägenstedt 2015-02-10 04:30:55 UTC

In-band text tracks are not exposed cross-origin, with this spec note: "Cross-origin videos do not expose their subtitles, since that would allow attacks such as hostile sites reading subtitles from confidential videos on a user's intranet"

The same is not true for in-band audio and video tracks. Is this an oversight or per design? The *Track objects expose a bunch of metadata...

Comment 2 Ian 'Hixie' Hickson 2015-03-04 19:34:52 UTC

Yeah I guess the id/kind/label/language metadata should be blocked.

Comment 3 Domenic Denicola 2019-03-29 21:37:45 UTC

https://github.com/whatwg/html/issues/1735