|
5575 | 5575 | Security Considerations{#security-considerations} |
5576 | 5576 | ================================================= |
5577 | 5577 |
|
| 5578 | +<div class=non-normative> |
| 5579 | +This section is non-normative. |
| 5580 | + |
5578 | 5581 | The primary security impact is that features of this API make it easier for an |
5579 | 5582 | attacker to exploit vulnerabilities in the underlying platform codecs. |
5580 | 5583 | Additionally, new abilities to configure and control the codecs can allow for |
|
5603 | 5606 | exploits being able to read user data. |
5604 | 5607 |
|
5605 | 5608 | An additional concern is exposing the underlying codecs to input mutation race |
5606 | | -conditions. Specifically, it <em class="rfc2119">SHOULD</em> not be possible for |
5607 | | -a site to mutate a codec input or output while the underlying codec is still |
5608 | | -operating on that data. This concern is mitigated by ensuring that input and |
5609 | | -output interfaces are immutable. |
| 5609 | +conditions, such as allowing a site to mutate a codec input or output while |
| 5610 | +the underlying codec is still operating on that data. This concern is mitigated |
| 5611 | +by ensuring that input and output interfaces are immutable. |
5610 | 5612 |
|
5611 | 5613 | Privacy Considerations{#privacy-considerations} |
5612 | 5614 | =============================================== |
5613 | 5615 |
|
| 5616 | +<div class=non-normative> |
| 5617 | +This section is non-normative. |
| 5618 | + |
5614 | 5619 | The primary privacy impact is an increased ability to fingerprint users by |
5615 | 5620 | querying for different codec capabilities to establish a codec feature profile. |
5616 | 5621 | Much of this profile is already exposed by existing APIs. Such profiles are very |
|
0 commit comments