--- a/encrypted-media/encrypted-media-respec.html Fri Oct 10 14:55:07 2014 -0700
+++ b/encrypted-media/encrypted-media-respec.html Fri Oct 10 15:15:27 2014 -0700
@@ -93,17 +93,18 @@
<body>
<section id="abstract">
- <p>This proposal extends <a def-id="htmlmediaelement"></a> [[!HTML5]] providing APIs to control playback of protected content.</p>
- <p>The API supports use cases ranging from simple clear key decryption to high value video (given an appropriate user agent implementation).
- License/key exchange is controlled by the application, facilitating the development of robust playback applications supporting a range of content decryption and protection technologies.</p>
- <p>This specification does not define a content protection or Digital Rights Management system. Rather, it defines a common API that may be used to discover, select and interact with
- such systems as well as with simpler content encryption systems. Implementation of Digital Rights Management is not required for compliance with this specification: only the
- Clear Key system is required to be implemented as a common baseline.</p>
- <p>The common API supports a simple set of content encryption capabilities, leaving application functions such as authentication and authorization to page authors. This is achieved by
- requiring content protection system-specific messaging to be mediated by the page rather than assuming out-of-band communication between the encryption system and a license
- or other server.</p>
+ <p>This proposal extends <a def-id="htmlmediaelement"></a> [[!HTML5]] providing APIs to control playback of protected content.</p>
+ <p>The API supports use cases ranging from simple clear key decryption to high value video (given an appropriate user agent implementation).
+ License/key exchange is controlled by the application, facilitating the development of robust playback applications supporting a range of content decryption and protection technologies.</p>
+ <p>This specification does not define a content protection or Digital Rights Management system. Rather, it defines a common API that may be used to discover, select and interact with
+ such systems as well as with simpler content encryption systems. Implementation of Digital Rights Management is not required for compliance with this specification: only the
+ Clear Key system is required to be implemented as a common baseline.</p>
+ <p>The common API supports a simple set of content encryption capabilities, leaving application functions such as authentication and authorization to page authors. This is achieved by
+ requiring content protection system-specific messaging to be mediated by the page rather than assuming out-of-band communication between the encryption system and a license
+ or other server.</p>
</section>
+
<section id="sotd">
<p>The working groups maintains <a href="http://w3.org/brief/MjY5">a list of all bug reports that the editors have not yet tried to address</a>. This draft highlights some of the pending issues that are still to be discussed in the working group. No decision has been taken on the outcome of these issues including whether they are valid.</p>
<p>Implementors should be aware that this specification is not stable. <strong>Implementors who are not taking part in the discussions are likely to find the specification changing out from under them in incompatible ways.</strong> Vendors interested in implementing this specification before it eventually reaches the Candidate Recommendation stage should join the mailing list mentioned below and take part in the discussions.</p>
@@ -120,1293 +121,1293 @@
-->
</section>
- <!-- TODO: Indent the contents of each <section>. -->
- <section id="introduction" class="informative">
- <h2>Introduction</h2>
- <p>
- This proposal allows JavaScript to select content protection mechanisms, control license/key exchange, and implement custom license management algorithms.
- It supports a wide range of use cases without requiring client-side modifications in each user agent for each use case.
- This also enables content providers to develop a single application solution for all devices.
- A generic stack implemented using the proposed APIs is shown below.
- This diagram shows an example flow: other combinations of API calls and events are possible.
- </p>
- <img src="stack_overview.svg" alt="A generic stack implemented using the proposed APIs" height="700"></img>
-
- <section id="definitions">
- <h3>Definitions</h3>
-
- <dl>
- <dt id="cdm">Content Decryption Module (CDM)</dt>
- <dd>
- <p>The Content Decryption Module (CDM) is a generic term for the client component that provides the functionality, including decryption, for one or more <a def-id="keysystems"></a>.</p>
- <p class="note">Implementations may or may not separate the implementations of CDMs or treat them as separate from the user agent.
- This is transparent to the API and application.</p>
- <p>A user agent MAY support one or more CDMs.</p>
- </dd>
-
- <dt id="key-system">Key System</dt>
- <dd>
- <p>A Key System is a generic term for a decryption mechanism and/or content protection provider.
- Key System strings provide unique identification of a Key System.
- They are used by the user agent to select a <a def-id="cdm"></a> and identify the source of a key-related event.
- The <a href="#common-key-systems">Common Key Systems</a> are supported by all user agents. User agents MAY also provide additional CDMs with corresponding Key System strings.
- </p>
-
- <p>A Key System string is always a reverse domain name.
- Key System strings are compared using case-sensitive matching. It is RECOMMENDED that CDMs use simple lower-case ASCII key system strings.</p>
- <p class="note">For example, "com.example.somesystem".</p>
-
- <p class="note">
- Within a given system ("somesystem" in the example), subsystems may be defined as determined by the key system provider.
- For example, "com.example.somesystem.1" and "com.example.somesystem.1_5".
- Key System providers should keep in mind that these will be used for comparison and discovery, so they should be easy to compare and the structure should remain reasonably simple.
- </p>
- </dd>
-
- <dt id="key-session">Key Session</dt>
- <dd>
- <p>A Key Session, or simply Session, provides a context for message exchange with the CDM as a result of which key(s) are made available to the <a def-id="cdm"></a>.
- Sessions are embodied as <a def-id="mediakeysession"></a> objects.
- Each Key session is associated with a single instance of <a def-id="initialization-data"></a> provided in the <a def-id="generateRequest"></a> call.
- </p>
- <p>Each Key Session is associated with a single <a def-id="mediakeys"></a> object, and only media element(s) associated with that object may access key(s) associated with the session.
- Other <a def-id="mediakeys"></a> objects, <a def-id="cdm"></a> instances, and media elements MUST NOT access the key session or use its key(s).
- Key sessions and the keys they contain are no longer usable by the CDM for decryption when the <a href="#algorithms-session-close">session is closed</a>, including when the <a def-id="mediakeysession"></a> object is destroyed.
- </p>
- </dd>
-
- <dt id="session-id">Session ID</dt>
- <dd>
- <p>A Session ID is a unique string identifier generated by the <a def-id="cdm"></a> that can be used by the application to identify <a def-id="mediakeysession"></a> objects.</p>
-
- <p>A new Session ID is generated each time the user agent and CDM successfully create a new session.</p>
-
- <p>Each Session ID SHALL be unique within the browsing context in which it was created.
- Session IDs for <a def-id="persistent-session"></a> sessions MUST be unique within the <a def-id="origin"></a> over time, including across browsing sessions.
- </p>
-
- <p class="note">The underlying content protection protocol does not necessarily need to support Session IDs.</p>
- </dd>
- <dt id="decryption-key">Key</dt>
- <dd>
- <p>Unless otherwise stated, key refers to a decryption key that can be used to decrypt blocks within <a def-id="media-data"></a>.
- Each such key is uniquely identified by a <a href="#decryption-key-id">key ID</a>.
- A key is associated with the <a href="#key-session">session</a> used to provide it to the CDM. (The same key may be present in multiple sessions.)
- Such keys MUST only be provided to the <a def-id="cdm"></a> via an <a def-id="update"></a> call. (They may later be loaded by <a def-id="load"></a> as part of the stored session data.)
- </p>
+ <section id="introduction" class="informative">
+ <h2>Introduction</h2>
+ <p>
+ This proposal allows JavaScript to select content protection mechanisms, control license/key exchange, and implement custom license management algorithms.
+ It supports a wide range of use cases without requiring client-side modifications in each user agent for each use case.
+ This also enables content providers to develop a single application solution for all devices.
+ A generic stack implemented using the proposed APIs is shown below.
+ This diagram shows an example flow: other combinations of API calls and events are possible.
+ </p>
+ <img src="stack_overview.svg" alt="A generic stack implemented using the proposed APIs" height="700"></img>
+
+ <section id="definitions">
+ <h3>Definitions</h3>
- <p>A key is considered <em>usable</em> if the CDM is certain the key is currently usable for decryption.</p>
- <p class="note">For example, a key is not usable if its license has expired.</p>
- </dd>
-
- <dt id="decryption-key-id">Key ID</dt>
- <dd>
- <p>A <a href="#decryption-key">key</a> is associated with a key ID, which uniquely identifies a key.
- The container specifies the ID of the key that can decrypt a block or set of blocks within the <a def-id="media-data"></a>.
- <a def-id="initialization-data"></a> MAY contain key ID(s) to identify the keys that are needed to decrypt the media data.
- However, there is no requirement that Initialization Data contain any or all key IDs used in the <a def-id="media-data"></a> or <a def-id="media-resource"></a>.
- <a href="#license">Licenses</a> provided to the CDM associate each key with a key ID so the <a def-id="cdm"></a> can select the appropriate key when decrypting an encrypted block of media data.
- </p>
- </dd>
-
- <dt id="license">License</dt>
- <dd>
- <p>A license is key system-specific state information that includes one or more <a href="#decryption-key">key(s)</a> - each associated with a <a href="#decryption-key-id">key ID</a> - and potentially other information about key usage.</p>
- </dd>
-
- <dt id="initialization-data">Initialization Data</dt>
- <dd>
- <p class="note">
- <a def-id="keysystems"></a> usually require a block of initialization data containing information about the stream to be decrypted before they can construct a license request message.
- This block could be a simple key or content ID or a more complex structure containing such information.
- It should always allow unique identification of the key(s) needed to decrypt the content.
- This initialization information MAY be obtained in some application-specific way or provided with the <a def-id="media-data"></a>.
- </p>
+ <dl>
+ <dt id="cdm">Content Decryption Module (CDM)</dt>
+ <dd>
+ <p>The Content Decryption Module (CDM) is a generic term for the client component that provides the functionality, including decryption, for one or more <a def-id="keysystems"></a>.</p>
+ <p class="note">Implementations may or may not separate the implementations of CDMs or treat them as separate from the user agent.
+ This is transparent to the API and application.</p>
+ <p>A user agent MAY support one or more CDMs.</p>
+ </dd>
+
+ <dt id="key-system">Key System</dt>
+ <dd>
+ <p>A Key System is a generic term for a decryption mechanism and/or content protection provider.
+ Key System strings provide unique identification of a Key System.
+ They are used by the user agent to select a <a def-id="cdm"></a> and identify the source of a key-related event.
+ The <a href="#common-key-systems">Common Key Systems</a> are supported by all user agents. User agents MAY also provide additional CDMs with corresponding Key System strings.
+ </p>
+
+ <p>A Key System string is always a reverse domain name.
+ Key System strings are compared using case-sensitive matching. It is RECOMMENDED that CDMs use simple lower-case ASCII key system strings.</p>
+ <p class="note">For example, "com.example.somesystem".</p>
+
+ <p class="note">
+ Within a given system ("somesystem" in the example), subsystems may be defined as determined by the key system provider.
+ For example, "com.example.somesystem.1" and "com.example.somesystem.1_5".
+ Key System providers should keep in mind that these will be used for comparison and discovery, so they should be easy to compare and the structure should remain reasonably simple.
+ </p>
+ </dd>
+
+ <dt id="key-session">Key Session</dt>
+ <dd>
+ <p>A Key Session, or simply Session, provides a context for message exchange with the CDM as a result of which key(s) are made available to the <a def-id="cdm"></a>.
+ Sessions are embodied as <a def-id="mediakeysession"></a> objects.
+ Each Key session is associated with a single instance of <a def-id="initialization-data"></a> provided in the <a def-id="generateRequest"></a> call.
+ </p>
+ <p>Each Key Session is associated with a single <a def-id="mediakeys"></a> object, and only media element(s) associated with that object may access key(s) associated with the session.
+ Other <a def-id="mediakeys"></a> objects, <a def-id="cdm"></a> instances, and media elements MUST NOT access the key session or use its key(s).
+ Key sessions and the keys they contain are no longer usable by the CDM for decryption when the <a href="#algorithms-session-close">session is closed</a>, including when the <a def-id="mediakeysession"></a> object is destroyed.
+ </p>
+ </dd>
+
+ <dt id="session-id">Session ID</dt>
+ <dd>
+ <p>A Session ID is a unique string identifier generated by the <a def-id="cdm"></a> that can be used by the application to identify <a def-id="mediakeysession"></a> objects.</p>
+
+ <p>A new Session ID is generated each time the user agent and CDM successfully create a new session.</p>
+
+ <p>Each Session ID SHALL be unique within the browsing context in which it was created.
+ Session IDs for <a def-id="persistent-session"></a> sessions MUST be unique within the <a def-id="origin"></a> over time, including across browsing sessions.
+ </p>
+
+ <p class="note">The underlying content protection protocol does not necessarily need to support Session IDs.</p>
+ </dd>
+
+ <dt id="decryption-key">Key</dt>
+ <dd>
+ <p>Unless otherwise stated, key refers to a decryption key that can be used to decrypt blocks within <a def-id="media-data"></a>.
+ Each such key is uniquely identified by a <a href="#decryption-key-id">key ID</a>.
+ A key is associated with the <a href="#key-session">session</a> used to provide it to the CDM. (The same key may be present in multiple sessions.)
+ Such keys MUST only be provided to the <a def-id="cdm"></a> via an <a def-id="update"></a> call. (They may later be loaded by <a def-id="load"></a> as part of the stored session data.)
+ </p>
+
+ <p>A key is considered <em>usable</em> if the CDM is certain the key is currently usable for decryption.</p>
+ <p class="note">For example, a key is not usable if its license has expired.</p>
+ </dd>
+
+ <dt id="decryption-key-id">Key ID</dt>
+ <dd>
+ <p>A <a href="#decryption-key">key</a> is associated with a key ID, which uniquely identifies a key.
+ The container specifies the ID of the key that can decrypt a block or set of blocks within the <a def-id="media-data"></a>.
+ <a def-id="initialization-data"></a> MAY contain key ID(s) to identify the keys that are needed to decrypt the media data.
+ However, there is no requirement that Initialization Data contain any or all key IDs used in the <a def-id="media-data"></a> or <a def-id="media-resource"></a>.
+ <a href="#license">Licenses</a> provided to the CDM associate each key with a key ID so the <a def-id="cdm"></a> can select the appropriate key when decrypting an encrypted block of media data.
+ </p>
+ </dd>
+
+ <dt id="license">License</dt>
+ <dd>
+ <p>A license is key system-specific state information that includes one or more <a href="#decryption-key">key(s)</a> - each associated with a <a href="#decryption-key-id">key ID</a> - and potentially other information about key usage.</p>
+ </dd>
+
+ <dt id="initialization-data">Initialization Data</dt>
+ <dd>
+ <p class="note">
+ <a def-id="keysystems"></a> usually require a block of initialization data containing information about the stream to be decrypted before they can construct a license request message.
+ This block could be a simple key or content ID or a more complex structure containing such information.
+ It should always allow unique identification of the key(s) needed to decrypt the content.
+ This initialization information MAY be obtained in some application-specific way or provided with the <a def-id="media-data"></a>.
+ </p>
+
+ <p>
+ Initialization Data is a generic term for container-specific data that is used by a <a def-id="cdm"></a> to generate a license request.
+ Initialization data found with the <a def-id="media-data"></a> is provided to the application in the <a def-id="encrypted-event-initdata-attribute"></a> attribute of the <a def-id="encrypted"></a> event.
+ </p>
+
+ <p>
+ The format of the initialization data depends upon the type of container, and containers MAY support more than one format
+ of initialization data. The <dfn id="initialization-data-type">initialization data type</dfn> is a string that indicates what
+ format the initialization data is provided in. Initialization data type strings are always matched case-sensitively. It is
+ RECOMMENDED that initialization data type strings are lower-case ASCII strings.
+ </p>
+
+ <p>
+ The Encrypted Media Extensions Stream Format and Initialization Data Format Registry [[EME-REGISTRY]]
+ provides the mapping from initialization data type string to the specification for each format.
+ </p>
+ </dd>
+
+ <dt id="cross-origin">Cross Origin Limitations</dt>
+ <dd>
+ <p>During playback, embedded media data is exposed to script in the embedding <a def-id="origin"></a>.
+ In order for the API to provide <a def-id="initialization-data"></a> in the <a def-id="encrypted"></a> event, <a def-id="media-data"></a> MUST be <a def-id="cors-same-origin"></a> with the embedding page.
+ If <a def-id="media-data"></a> is cross-origin with the embedding document, authors SHOULD use the <a def-id="media-crossorigin"></a> attribute
+ on the <a def-id="htmlmediaelement"></a> and CORS headers on the <a def-id="media-data"></a> response to make it <a def-id="cors-same-origin"></a>.
+ </p>
+ </dd>
+
+ <dt id="mixed-content">Mixed Content Limitations</dt>
+ <dd>
+ <p>During playback, embedded media data is exposed to script in the embedding <a def-id="origin"></a>.
+ In order for the API to provide <a def-id="initialization-data"></a> in the <a def-id="encrypted"></a> event, <a def-id="media-data"></a> MUST NOT be Mixed Content [[!MIXED-CONTENT]].
+ </p>
+ </dd>
+ </dl>
+ </section>
+ </section>
- <p>
- Initialization Data is a generic term for container-specific data that is used by a <a def-id="cdm"></a> to generate a license request.
- Initialization data found with the <a def-id="media-data"></a> is provided to the application in the <a def-id="encrypted-event-initdata-attribute"></a> attribute of the <a def-id="encrypted"></a> event.
- </p>
-
- <p>
- The format of the initialization data depends upon the type of container, and containers MAY support more than one format
- of initialization data. The <dfn id="initialization-data-type">initialization data type</dfn> is a string that indicates what
- format the initialization data is provided in. Initialization data type strings are always matched case-sensitively. It is
- RECOMMENDED that initialization data type strings are lower-case ASCII strings.
- </p>
-
- <p>
- The Encrypted Media Extensions Stream Format and Initialization Data Format Registry [[EME-REGISTRY]]
- provides the mapping from initialization data type string to the specification for each format.
- </p>
- </dd>
-
- <dt id="cross-origin">Cross Origin Limitations</dt>
- <dd>
- <p>During playback, embedded media data is exposed to script in the embedding <a def-id="origin"></a>.
- In order for the API to provide <a def-id="initialization-data"></a> in the <a def-id="encrypted"></a> event, <a def-id="media-data"></a> MUST be <a def-id="cors-same-origin"></a> with the embedding page.
- If <a def-id="media-data"></a> is cross-origin with the embedding document, authors SHOULD use the <a def-id="media-crossorigin"></a> attribute
- on the <a def-id="htmlmediaelement"></a> and CORS headers on the <a def-id="media-data"></a> response to make it <a def-id="cors-same-origin"></a>.
- </p>
- </dd>
-
- <dt id="mixed-content">Mixed Content Limitations</dt>
- <dd>
- <p>During playback, embedded media data is exposed to script in the embedding <a def-id="origin"></a>.
- In order for the API to provide <a def-id="initialization-data"></a> in the <a def-id="encrypted"></a> event, <a def-id="media-data"></a> MUST NOT be Mixed Content [[!MIXED-CONTENT]].
- </p>
- </dd>
- </dl>
- </section>
- </section>
<section id="mediakeys">
- <h2>MediaKeys Object</h2>
- <p>The MediaKeys object represents a set of keys that an associated HTMLMediaElement can use for decryption of <a def-id="media-data"></a> during playback.
- It also represents a CDM instance.
- </p>
- <p>For methods that return a promise, all errors are reported asynchronously by rejecting the returned Promise. This includes WebIDL type mapping errors.</p>
- <p>The steps of an algorithm are always aborted when resolving or rejecting a promise.</p>
-
- <p class="issue"><a href="https://www.w3.org/Bugs/Public/show_bug.cgi?id=25923">Bug 25923</a> - Feature detection, including isTypeSupported(), and MediaKeys creation may change significantly.</p>
- <dl title="enum IsTypeSupportedResult" class="idl">
- <dt>/* empty string */</dt><!-- TODO: Fix. -->
- <dd>
- The combination is not supported.
- </dd>
- <dt>maybe</dt>
- <dd>
- The combination may be supported.
- </dd>
- <dt>probably</dt>
- <dd>
- The combination is likely supported.
- </dd>
- </dl>
-
- <dl title="enum SessionType" class="idl">
- <dt>temporary</dt>
- <dd>
- A session for which a record of or data related to the session MUST NOT be persisted.
- The application need not worry about managing such storage.
- </dd>
- <dt>persistent</dt>
- <dd>
- A session for which a record of or data related to the session MAY be persisted.
- The application is responsible for managing any such storage that may be generated by the CDM.
- See <a def-id="session-storage"></a>.
- </dd>
- </dl>
-
- <dl title="interface MediaKeys" class='idl'>
- <dt>readonly attribute DOMString keySystem</dt>
- <dd>
- Identifies the <a def-id="keysystem"></a> being used.
- </dd>
-
- <dt>MediaKeySession createSession(optional SessionType sessionType = "temporary")</dt>
- <dd>
- <!-- TODO: Fix indentation here and for all other methods. -->
- <p>Returns a new <a def-id="mediakeysession"></a> object.</p>
-
- <ol class="method-algorithm">
- <!-- TODO: Reference the CDM loaded during initialization instead of "<a def-id="cdm"></a> corresponding to the <a def-id="keySystem-attribute"></a> attribute". Here and elsewhere. -->
- <li><p>If <var title="true">sessionType</var> is not supported by the <a def-id="cdm"></a> corresponding to the <a def-id="keySystem-attribute"></a> attribute, throw <a def-id="new-domexception-named"></a> <a def-id="NotSupportedError"></a>.</p></li>
- <li><p>Let <var title="true">session</var> be a new <a def-id="mediakeysession"></a> object, and initialize it as follows:</p>
- <ol>
- <li><p>Let the <a def-id="sessionId"></a> attribute be the empty string.</p></li>
- <li><p>Let the <a def-id="expiration"></a> attribute be <code>NaN</code>.</p></li>
- <li><p>Let the <a def-id="closed"></a> attribute be a new promise.</p></li>
- <li><p>Let the <var title="true">session type</var> be <var title="true">sessionType</var>.</p></li>
- <li><p>Let <var title="true">uninitialized</var> be true.</p></li>
- <li><p>Let <var title="true">callable</var> be false.</p></li>
- </ol>
- </li>
- <li><p>Return <var title="true">session</var>.</p></li>
- </ol>
- </dd>
-
- <dt>Promise<void> setServerCertificate((ArrayBuffer or ArrayBufferView) serverCertificate)</dt>
- <dd>
- <p id="server-certificate">Provides a server certificate to be used to encrypt messages to the license server.</p>
- <p class="note">The contents of <var title="true">serverCertificate</var> are <a def-id="keysystem"></a>-specific.</p>
- <p class="note">Key systems that use such certificates should also support requesting the certificate from the server via an additional round trip. This simplifies interoperability for applications that are not designed to provide certificates to specific key systems.</p>
-
- <ol class="method-algorithm">
- <li><p>If <var title="true">serverCertificate</var> is an empty array, return a promise rejected with a new <a def-id="new-domexception-named"></a> <a def-id="InvalidAccessError"></a>.</p></li>
- <li><p>If the <a def-id="cdm"></a> corresponding to the <a def-id="keySystem-attribute"></a> attribute does not support server certificates, return a promise rejected with <a def-id="new-domexception-named"></a> <a def-id="NotSupportedError"></a>.</p></li>
- <li><p>Let <var>certificate</var> be a copy of the contents of the <var title="true">serverCertificate</var> parameter.</p></li>
- <li><p>Let <var>promise</var> be a new promise.</p></li>
- <li><p>Run the following steps asynchronously:</p>
- <ol>
- <li><p>Let <var title="true">cdm</var> be the <var title="true">cdm</var> during the <a def-id="mediakeys-initialization">initialization</a> of this object.</p></li>
- <li><p>Use the <var title="true">cdm</var> to process <var>certificate</var>.</p></li>
- <li><p>If any of the preceding steps failed, reject <var>promise</var> with <a def-id="new-domexception-named"></a> <a def-id="appropriate-error-name"></a>.</p></li>
- <li><p>Resolve <var>promise</var>.</p></li>
- </ol>
- </li>
- <li><p>Return <var>promise</var>.</p></li>
- </ol>
- </dd>
-
- <dt>static Promise<MediaKeys> create(DOMString keySystem)</dt>
- <dd>
- <p>Creates a new <a def-id="mediakeys"></a> object for <var title="true">keySystem</var>.</p>
-
- <ol class="method-algorithm">
- <li><p>If <var title="true">keySystem</var> is an empty string, return a promise rejected with <a def-id="new-domexception-named"></a> <a def-id="InvalidAccessError"></a>.</p></li>
- <li><p>If <var title="true">keySystem</var> is not one of the <a def-id="keysystems"></a> supported by the user agent, return a promise rejected with <a def-id="new-domexception-named"></a> <a def-id="NotSupportedError"></a>. String comparison is case-sensitive.</p></li>
- <li><p>If <var title="true">keySystem</var> is not supported or not allowed in the <a def-id="origin"></a> of the calling context's <a def-id="document-concept"></a>, return a promise rejected with <a def-id="new-domexception-named"></a> <a def-id="NotSupportedError"></a>.</p></li>
- <li><p>Let <var>promise</var> be a new promise.</p></li>
- <li><p>Run the following steps asynchronously:</p>
- <ol>
- <li><p>Let <var title="true">cdm</var> be the <a def-id="cdm"></a> corresponding to <var title="true">keySystem</var>.</p></li>
- <li><p>Load and initialize the <var title="true">cdm</var> if necessary.</p></li>
- <li><p>If <var title="true">cdm</var> fails to load or initialize, reject <var>promise</var> with <a def-id="new-domexception-named"></a> <a def-id="appropriate-error-name"></a>.</p></li>
-
- <li>
- <p>Let <var title="true">media keys</var> be a new <a def-id="mediakeys"></a> object, and initialize it as follows:</p>
- <ol>
- <li><p>Set the <a def-id="keySystem-attribute"></a> attribute to <var title="true">keySystem</var>.</p></li>
- </ol>
- </li>
- <li><p>Resolve <var>promise</var> with <var title="true">media keys</var>.</p></li>
- </ol>
- </li>
- <li><p>Return <var>promise</var>.</p></li>
- </ol>
- </dd>
-
- <dt>static IsTypeSupportedResult isTypeSupported(DOMstring keySystem, optional DOMString initDataType, optional DOMString contentType, optional DOMString capability)</dt>
- <dd>
- <p>Returns whether <var title="true">keySystem</var> is supported with the <var title="true">initDataType</var>, container and codec(s) specified by <var title="true">contentType</var>, and <var title="true">capability</var>.</p>
- <p>The following list shows some examples.</p>
- <ul>
- <dl>
- <dt>Returns whether the Some System <a def-id="keysystem"></a> may be supported. Specific containers and codecs may or may not be supported with Some System.</dt>
- <dd><div class="example">MediaKeys.isTypeSupported("com.example.somesystem")</div</dd>
- <dt>Returns whether the Some System <a def-id="keysystem"></a> may be supported and is capable of parsing the <a def-id="initialization-data-type"></a> format "keyids". Specific containers and codecs may or may not be supported with Some System.</dt>
- <dd><div class="example">MediaKeys.isTypeSupported("com.example.somesystem", "keyids")</div></dd>
- <dt>Returns whether the Some System <a def-id="keysystem"></a> may be supported and is capable of parsing the <a def-id="initialization-data-type"></a> format <var title="true">initDataType</var>, the user agent is capable of demuxing the container specified by <var title="true">mimeType</var>, and the codec(s) specified by <var title="true">mimeType</var> are supported, all as specified by capability "foo".</dt>
- <dd><div class="example">MediaKeys.isTypeSupported("com.example.somesystem", <var title="true">initDataType</var>, <var title="true">mimeType</var>, "foo")</div></dd>
- <dt>Returns whether the user agent <em>probably</em> supports <a href="#clear-key">Clear Key</a> using the <a def-id="initialization-data-type"></a> format <var title="true">initDataType</var> and the container and codec(s) specified by <var title="true">mimeType</var>.</dt>
- <dd><div class="example">"probably" == MediaKeys.isTypeSupported("org.w3.clearkey", <var title="true">initDataType</var>, <var title="true">mimeType</var>)</div></dd>
+ <h2>MediaKeys Object</h2>
+ <p>The MediaKeys object represents a set of keys that an associated HTMLMediaElement can use for decryption of <a def-id="media-data"></a> during playback.
+ It also represents a CDM instance.
+ </p>
+ <p>For methods that return a promise, all errors are reported asynchronously by rejecting the returned Promise. This includes WebIDL type mapping errors.</p>
+ <p>The steps of an algorithm are always aborted when resolving or rejecting a promise.</p>
+
+ <p class="issue"><a href="https://www.w3.org/Bugs/Public/show_bug.cgi?id=25923">Bug 25923</a> - Feature detection, including isTypeSupported(), and MediaKeys creation may change significantly.</p>
+ <dl title="enum IsTypeSupportedResult" class="idl">
+ <dt>/* empty string */</dt><!-- TODO: Fix. -->
+ <dd>
+ The combination is not supported.
+ </dd>
+ <dt>maybe</dt>
+ <dd>
+ The combination may be supported.
+ </dd>
+ <dt>probably</dt>
+ <dd>
+ The combination is likely supported.
+ </dd>
</dl>
- </ul>
-
- <ol class="method-algorithm">
- <li><p>If <var title="true">keySystem</var> is an empty string or contains an unrecognized or unsupported <a def-id="keysystem"></a>, return <a def-id="IsTypeSupportedResult-empty"></a> and abort these steps. String comparison is case-sensitive.</p></li>
- <li><p>If the <var title="true">keySystem</var> implementation is not available and usable, return <a def-id="IsTypeSupportedResult-empty"></a> and abort these steps.</p></li>
- <li><p>Follow the steps for the first matching condition from the following list:</p>
- <dl class="switch">
- <dt>If <var title="true">keySystem</var> is a value that may be successfully passed to <a def-id="mediakeys-create"></a></dt>
- <dd>Let <var title="true">probably result</var> be <a def-id="IsTypeSupportedResult-probably"></a>.</dd>
- <dt>Otherwise</dt>
- <dd>Let <var title="true">probably result</var> be <a def-id="IsTypeSupportedResult-maybe"></a>.</dd>
- <p class="note">This may, for example, be the case for strings that are only used for discovery.</p>
- </dl>
- </li>
+
+ <dl title="enum SessionType" class="idl">
+ <dt>temporary</dt>
+ <dd>
+ A session for which a record of or data related to the session MUST NOT be persisted.
+ The application need not worry about managing such storage.
+ </dd>
+ <dt>persistent</dt>
+ <dd>
+ A session for which a record of or data related to the session MAY be persisted.
+ The application is responsible for managing any such storage that may be generated by the CDM.
+ See <a def-id="session-storage"></a>.
+ </dd>
+ </dl>
+
+ <dl title="interface MediaKeys" class='idl'>
+ <dt>readonly attribute DOMString keySystem</dt>
+ <dd>
+ Identifies the <a def-id="keysystem"></a> being used.
+ </dd>
+
+ <dt>MediaKeySession createSession(optional SessionType sessionType = "temporary")</dt>
+ <dd>
+ <p>Returns a new <a def-id="mediakeysession"></a> object.</p>
- <li><p>If <var title="true">initDataType</var> was not provided, follow the steps for the first matching condition from the following list and abort these steps:</p>
- <dl class="switch">
- <dt>If the user agent is <em>not</em> confident that the <var title="true">keySystem</var> implementation is available and usable</dt>
- <dd>Return <a def-id="IsTypeSupportedResult-maybe"></a>.</dd>
- <dt>Otherwise</dt>
- <dd>Return <var title="true">probably result</var>.</dd>
- </dl>
- </li>
-
- <li><p>If <var title="true">initDataType</var> is an empty string or contains an unrecognized or unsupported <a def-id="initialization-data-type"></a>, return <a def-id="IsTypeSupportedResult-empty"></a> and abort these steps. String comparison is case-sensitive.</p></li>
- <li><p>If <var title="true">initDataType</var> is not an <a def-id="initialization-data-type"></a> supported by the <var title="true">keySystem</var> implementation, return <a def-id="IsTypeSupportedResult-empty"></a> and abort these steps.</p></li>
- <li><p>If the <var title="true">keySystem</var> implementation supporting <var title="true">initDataType</var> is not available and usable, return <a def-id="IsTypeSupportedResult-empty"></a> and abort these steps.</p></li>
- <li><p>If <var title="true">contentType</var> was not provided, follow the steps for the first matching condition from the following list and abort these steps:</p>
- <dl class="switch">
- <dt>If the user agent is <em>not</em> confident that the <var title="true">keySystem</var> implementation supporting <var title="true">initDataType</var> is available and usable</dt>
- <dd>Return <a def-id="IsTypeSupportedResult-maybe"></a>.</dd>
- <dt>Otherwise</dt>
- <dd>Return <var title="true">probably result</var>.</dd>
- </dl>
- </li>
-
- <li><p>If <var title="true">contentType</var> is an empty string or contains an invalid or unrecognized MIME type, return <a def-id="IsTypeSupportedResult-empty"></a> and abort these steps.</p></li>
- <li><p>Let <var title="true">container</var> be the container type specified by <var title="true">contentType</var>.</p></li>
- <li><p>Let <var title="true">parameters</var> be the RFC 6381 [[!RFC6381]] parameters, if any, specified by <var title="true">contentType</var>.</p></li>
- <li><p>Let <var title="true">media types</var> be the set of media types specified by <var title="true">parameters</var>. It MAY be empty. The case-sensitivity of string comparisons is determined by the appropriate RFC or other specification.</p>
- <p class="note">For example, all of the codecs. Case-sensitive string comparison is RECOMMENDED because RFC 6381 [[RFC6381]] says, "Values are case sensitive" for some formats.</p>
- </li>
- <li><p>If the user agent does not support <var title="true">container</var>, return <a def-id="IsTypeSupportedResult-empty"></a> and abort these steps. The case-sensitivity of string comparisons is determined by the appropriate RFC.</p>
- <p class="note">Per RFC 6838 [[RFC6838]], "Both top-level type and subtype names are case-insensitive."</p>
- </li>
- <li><p>If the user agent and <var title="true">keySystem</var> implementation do not support playback of encrypted <a def-id="media-data"></a> for all <var title="true">media types</var>, return <a def-id="IsTypeSupportedResult-empty"></a> and abort these steps.</p></li>
- <li><p>If <var title="true">capability</var> was not provided, follow the steps for the first matching condition from the following list and abort these steps:</p>
- <dl class="switch">
- <dt>If the user agent is <em>not</em> confident that the <var title="true">keySystem</var> implementation supporting <var title="true">initDataType</var> is available and usable to decrypt and enable playback of support playback of encrypted <a def-id="media-data"></a> for all <var title="true">media types</var></dt>
- <dd>Return <a def-id="IsTypeSupportedResult-maybe"></a>.</dd>
- <dt>If the user agent did <em>not</em> recognize one or more <var title="true">parameters</var></dt>
- <dd>Return <a def-id="IsTypeSupportedResult-maybe"></a>.</dd>
- <dt>Otherwise</dt>
- <dd>Return <var title="true">probably result</var>.</dd>
- </dl>
- </li>
+ <ol class="method-algorithm">
+ <!-- TODO: Reference the CDM loaded during initialization instead of "<a def-id="cdm"></a> corresponding to the <a def-id="keySystem-attribute"></a> attribute". Here and elsewhere. -->
+ <li><p>If <var title="true">sessionType</var> is not supported by the <a def-id="cdm"></a> corresponding to the <a def-id="keySystem-attribute"></a> attribute, throw <a def-id="new-domexception-named"></a> <a def-id="NotSupportedError"></a>.</p></li>
+ <li><p>Let <var title="true">session</var> be a new <a def-id="mediakeysession"></a> object, and initialize it as follows:</p>
+ <ol>
+ <li><p>Let the <a def-id="sessionId"></a> attribute be the empty string.</p></li>
+ <li><p>Let the <a def-id="expiration"></a> attribute be <code>NaN</code>.</p></li>
+ <li><p>Let the <a def-id="closed"></a> attribute be a new promise.</p></li>
+ <li><p>Let the <var title="true">session type</var> be <var title="true">sessionType</var>.</p></li>
+ <li><p>Let <var title="true">uninitialized</var> be true.</p></li>
+ <li><p>Let <var title="true">callable</var> be false.</p></li>
+ </ol>
+ </li>
+ <li><p>Return <var title="true">session</var>.</p></li>
+ </ol>
+ </dd>
+
+ <dt>Promise<void> setServerCertificate((ArrayBuffer or ArrayBufferView) serverCertificate)</dt>
+ <dd>
+ <p id="server-certificate">Provides a server certificate to be used to encrypt messages to the license server.</p>
+ <p class="note">The contents of <var title="true">serverCertificate</var> are <a def-id="keysystem"></a>-specific.</p>
+ <p class="note">Key systems that use such certificates should also support requesting the certificate from the server via an additional round trip. This simplifies interoperability for applications that are not designed to provide certificates to specific key systems.</p>
- <li><p>If <var title="true">capability</var> is an empty string, return <a def-id="IsTypeSupportedResult-empty"></a> and abort these steps.</p></li>
- <li><p>If the <var title="true">keySystem</var> implementation does not support <var title="true">capability</var>, return <a def-id="IsTypeSupportedResult-empty"></a> and abort these steps. String comparison is case-sensitive.</p></li>
- <li><p>Follow the steps for the first matching condition from the following list:</p>
- <dl class="switch">
- <dt>If the user agent is <em>not</em> confident that the <var title="true">keySystem</var> implementation supporting <var title="true">initDataType</var> is available and usable to decrypt and enable playback of support playback of encrypted <a def-id="media-data"></a> for all <var title="true">media types</var> as specified by <var title="true">capability</var></dt>
- <dd>Return <a def-id="IsTypeSupportedResult-maybe"></a>.</dd>
- <dt>If the user agent did <em>not</em> recognize one or more <var title="true">parameters</var></dt>
- <dd>Return <a def-id="IsTypeSupportedResult-maybe"></a>.</dd>
- <dt>Otherwise</dt>
- <dd>Return <var title="true">probably result</var>.</dd>
- </dl>
- </li>
- </ol>
- </dd>
- </dl>
+ <ol class="method-algorithm">
+ <li><p>If <var title="true">serverCertificate</var> is an empty array, return a promise rejected with a new <a def-id="new-domexception-named"></a> <a def-id="InvalidAccessError"></a>.</p></li>
+ <li><p>If the <a def-id="cdm"></a> corresponding to the <a def-id="keySystem-attribute"></a> attribute does not support server certificates, return a promise rejected with <a def-id="new-domexception-named"></a> <a def-id="NotSupportedError"></a>.</p></li>
+ <li><p>Let <var>certificate</var> be a copy of the contents of the <var title="true">serverCertificate</var> parameter.</p></li>
+ <li><p>Let <var>promise</var> be a new promise.</p></li>
+ <li><p>Run the following steps asynchronously:</p>
+ <ol>
+ <li><p>Let <var title="true">cdm</var> be the <var title="true">cdm</var> during the <a def-id="mediakeys-initialization">initialization</a> of this object.</p></li>
+ <li><p>Use the <var title="true">cdm</var> to process <var>certificate</var>.</p></li>
+ <li><p>If any of the preceding steps failed, reject <var>promise</var> with <a def-id="new-domexception-named"></a> <a def-id="appropriate-error-name"></a>.</p></li>
+ <li><p>Resolve <var>promise</var>.</p></li>
+ </ol>
+ </li>
+ <li><p>Return <var>promise</var>.</p></li>
+ </ol>
+ </dd>
+
+ <dt>static Promise<MediaKeys> create(DOMString keySystem)</dt>
+ <dd>
+ <p>Creates a new <a def-id="mediakeys"></a> object for <var title="true">keySystem</var>.</p>
+
+ <ol class="method-algorithm">
+ <li><p>If <var title="true">keySystem</var> is an empty string, return a promise rejected with <a def-id="new-domexception-named"></a> <a def-id="InvalidAccessError"></a>.</p></li>
+ <li><p>If <var title="true">keySystem</var> is not one of the <a def-id="keysystems"></a> supported by the user agent, return a promise rejected with <a def-id="new-domexception-named"></a> <a def-id="NotSupportedError"></a>. String comparison is case-sensitive.</p></li>
+ <li><p>If <var title="true">keySystem</var> is not supported or not allowed in the <a def-id="origin"></a> of the calling context's <a def-id="document-concept"></a>, return a promise rejected with <a def-id="new-domexception-named"></a> <a def-id="NotSupportedError"></a>.</p></li>
+ <li><p>Let <var>promise</var> be a new promise.</p></li>
+ <li><p>Run the following steps asynchronously:</p>
+ <ol>
+ <li><p>Let <var title="true">cdm</var> be the <a def-id="cdm"></a> corresponding to <var title="true">keySystem</var>.</p></li>
+ <li><p>Load and initialize the <var title="true">cdm</var> if necessary.</p></li>
+ <li><p>If <var title="true">cdm</var> fails to load or initialize, reject <var>promise</var> with <a def-id="new-domexception-named"></a> <a def-id="appropriate-error-name"></a>.</p></li>
+
+ <li>
+ <p>Let <var title="true">media keys</var> be a new <a def-id="mediakeys"></a> object, and initialize it as follows:</p>
+ <ol>
+ <li><p>Set the <a def-id="keySystem-attribute"></a> attribute to <var title="true">keySystem</var>.</p></li>
+ </ol>
+ </li>
+ <li><p>Resolve <var>promise</var> with <var title="true">media keys</var>.</p></li>
+ </ol>
+ </li>
+ <li><p>Return <var>promise</var>.</p></li>
+ </ol>
+ </dd>
+
+ <dt>static IsTypeSupportedResult isTypeSupported(DOMstring keySystem, optional DOMString initDataType, optional DOMString contentType, optional DOMString capability)</dt>
+ <dd>
+ <p>Returns whether <var title="true">keySystem</var> is supported with the <var title="true">initDataType</var>, container and codec(s) specified by <var title="true">contentType</var>, and <var title="true">capability</var>.</p>
+ <p>The following list shows some examples.</p>
+ <ul>
+ <dl>
+ <dt>Returns whether the Some System <a def-id="keysystem"></a> may be supported. Specific containers and codecs may or may not be supported with Some System.</dt>
+ <dd><div class="example">MediaKeys.isTypeSupported("com.example.somesystem")</div</dd>
+ <dt>Returns whether the Some System <a def-id="keysystem"></a> may be supported and is capable of parsing the <a def-id="initialization-data-type"></a> format "keyids". Specific containers and codecs may or may not be supported with Some System.</dt>
+ <dd><div class="example">MediaKeys.isTypeSupported("com.example.somesystem", "keyids")</div></dd>
+ <dt>Returns whether the Some System <a def-id="keysystem"></a> may be supported and is capable of parsing the <a def-id="initialization-data-type"></a> format <var title="true">initDataType</var>, the user agent is capable of demuxing the container specified by <var title="true">mimeType</var>, and the codec(s) specified by <var title="true">mimeType</var> are supported, all as specified by capability "foo".</dt>
+ <dd><div class="example">MediaKeys.isTypeSupported("com.example.somesystem", <var title="true">initDataType</var>, <var title="true">mimeType</var>, "foo")</div></dd>
+ <dt>Returns whether the user agent <em>probably</em> supports <a href="#clear-key">Clear Key</a> using the <a def-id="initialization-data-type"></a> format <var title="true">initDataType</var> and the container and codec(s) specified by <var title="true">mimeType</var>.</dt>
+ <dd><div class="example">"probably" == MediaKeys.isTypeSupported("org.w3.clearkey", <var title="true">initDataType</var>, <var title="true">mimeType</var>)</div></dd>
+ </dl>
+ </ul>
+
+ <ol class="method-algorithm">
+ <li><p>If <var title="true">keySystem</var> is an empty string or contains an unrecognized or unsupported <a def-id="keysystem"></a>, return <a def-id="IsTypeSupportedResult-empty"></a> and abort these steps. String comparison is case-sensitive.</p></li>
+ <li><p>If the <var title="true">keySystem</var> implementation is not available and usable, return <a def-id="IsTypeSupportedResult-empty"></a> and abort these steps.</p></li>
+ <li><p>Follow the steps for the first matching condition from the following list:</p>
+ <dl class="switch">
+ <dt>If <var title="true">keySystem</var> is a value that may be successfully passed to <a def-id="mediakeys-create"></a></dt>
+ <dd>Let <var title="true">probably result</var> be <a def-id="IsTypeSupportedResult-probably"></a>.</dd>
+ <dt>Otherwise</dt>
+ <dd>Let <var title="true">probably result</var> be <a def-id="IsTypeSupportedResult-maybe"></a>.</dd>
+ <p class="note">This may, for example, be the case for strings that are only used for discovery.</p>
+ </dl>
+ </li>
+
+ <li><p>If <var title="true">initDataType</var> was not provided, follow the steps for the first matching condition from the following list and abort these steps:</p>
+ <dl class="switch">
+ <dt>If the user agent is <em>not</em> confident that the <var title="true">keySystem</var> implementation is available and usable</dt>
+ <dd>Return <a def-id="IsTypeSupportedResult-maybe"></a>.</dd>
+ <dt>Otherwise</dt>
+ <dd>Return <var title="true">probably result</var>.</dd>
+ </dl>
+ </li>
+
+ <li><p>If <var title="true">initDataType</var> is an empty string or contains an unrecognized or unsupported <a def-id="initialization-data-type"></a>, return <a def-id="IsTypeSupportedResult-empty"></a> and abort these steps. String comparison is case-sensitive.</p></li>
+ <li><p>If <var title="true">initDataType</var> is not an <a def-id="initialization-data-type"></a> supported by the <var title="true">keySystem</var> implementation, return <a def-id="IsTypeSupportedResult-empty"></a> and abort these steps.</p></li>
+ <li><p>If the <var title="true">keySystem</var> implementation supporting <var title="true">initDataType</var> is not available and usable, return <a def-id="IsTypeSupportedResult-empty"></a> and abort these steps.</p></li>
+ <li><p>If <var title="true">contentType</var> was not provided, follow the steps for the first matching condition from the following list and abort these steps:</p>
+ <dl class="switch">
+ <dt>If the user agent is <em>not</em> confident that the <var title="true">keySystem</var> implementation supporting <var title="true">initDataType</var> is available and usable</dt>
+ <dd>Return <a def-id="IsTypeSupportedResult-maybe"></a>.</dd>
+ <dt>Otherwise</dt>
+ <dd>Return <var title="true">probably result</var>.</dd>
+ </dl>
+ </li>
+
+ <li><p>If <var title="true">contentType</var> is an empty string or contains an invalid or unrecognized MIME type, return <a def-id="IsTypeSupportedResult-empty"></a> and abort these steps.</p></li>
+ <li><p>Let <var title="true">container</var> be the container type specified by <var title="true">contentType</var>.</p></li>
+ <li><p>Let <var title="true">parameters</var> be the RFC 6381 [[!RFC6381]] parameters, if any, specified by <var title="true">contentType</var>.</p></li>
+ <li><p>Let <var title="true">media types</var> be the set of media types specified by <var title="true">parameters</var>. It MAY be empty. The case-sensitivity of string comparisons is determined by the appropriate RFC or other specification.</p>
+ <p class="note">For example, all of the codecs. Case-sensitive string comparison is RECOMMENDED because RFC 6381 [[RFC6381]] says, "Values are case sensitive" for some formats.</p>
+ </li>
+ <li><p>If the user agent does not support <var title="true">container</var>, return <a def-id="IsTypeSupportedResult-empty"></a> and abort these steps. The case-sensitivity of string comparisons is determined by the appropriate RFC.</p>
+ <p class="note">Per RFC 6838 [[RFC6838]], "Both top-level type and subtype names are case-insensitive."</p>
+ </li>
+ <li><p>If the user agent and <var title="true">keySystem</var> implementation do not support playback of encrypted <a def-id="media-data"></a> for all <var title="true">media types</var>, return <a def-id="IsTypeSupportedResult-empty"></a> and abort these steps.</p></li>
+ <li><p>If <var title="true">capability</var> was not provided, follow the steps for the first matching condition from the following list and abort these steps:</p>
+ <dl class="switch">
+ <dt>If the user agent is <em>not</em> confident that the <var title="true">keySystem</var> implementation supporting <var title="true">initDataType</var> is available and usable to decrypt and enable playback of support playback of encrypted <a def-id="media-data"></a> for all <var title="true">media types</var></dt>
+ <dd>Return <a def-id="IsTypeSupportedResult-maybe"></a>.</dd>
+ <dt>If the user agent did <em>not</em> recognize one or more <var title="true">parameters</var></dt>
+ <dd>Return <a def-id="IsTypeSupportedResult-maybe"></a>.</dd>
+ <dt>Otherwise</dt>
+ <dd>Return <var title="true">probably result</var>.</dd>
+ </dl>
+ </li>
+
+ <li><p>If <var title="true">capability</var> is an empty string, return <a def-id="IsTypeSupportedResult-empty"></a> and abort these steps.</p></li>
+ <li><p>If the <var title="true">keySystem</var> implementation does not support <var title="true">capability</var>, return <a def-id="IsTypeSupportedResult-empty"></a> and abort these steps. String comparison is case-sensitive.</p></li>
+ <li><p>Follow the steps for the first matching condition from the following list:</p>
+ <dl class="switch">
+ <dt>If the user agent is <em>not</em> confident that the <var title="true">keySystem</var> implementation supporting <var title="true">initDataType</var> is available and usable to decrypt and enable playback of support playback of encrypted <a def-id="media-data"></a> for all <var title="true">media types</var> as specified by <var title="true">capability</var></dt>
+ <dd>Return <a def-id="IsTypeSupportedResult-maybe"></a>.</dd>
+ <dt>If the user agent did <em>not</em> recognize one or more <var title="true">parameters</var></dt>
+ <dd>Return <a def-id="IsTypeSupportedResult-maybe"></a>.</dd>
+ <dt>Otherwise</dt>
+ <dd>Return <var title="true">probably result</var>.</dd>
+ </dl>
+ </li>
+ </ol>
+ </dd>
+ </dl>
</section>
<section id="mediakeysession">
- <h2>MediaKeySession Object</h2>
- <p>The MediaKeySession object represents a <a href="#key-session">key session</a>.</p>
-
- <p>For methods that return a promise, all errors are reported asynchronously by rejecting the returned Promise. This includes WebIDL type mapping errors.</p>
- <p>The steps of an algorithm are always aborted when resolving or rejecting a promise.</p>
-
- <dl title="interface MediaKeySession : EventTarget" class='idl'>
- <dt>readonly attribute DOMString sessionId</dt>
- <dd>
- <p>The <a def-id="session-id"></a> for this object and the associated key(s) or license(s).</p>
- </dd>
-
- <dt>readonly attribute unrestricted double expiration</dt>
- <dd>
- <p>The time, in milliseconds since 01 January, 1970 UTC, after which the key(s) in the session will no longer be usable to decrypt <a def-id="media-data"></a>, or <code>NaN</code> if no such time exists, as determined by the CDM.</p>
- </dd>
-
- <dt>readonly attribute Promise<void> closed</dt>
- <dd>
- <p>Signals when object becomes closed as a result of the <a def-id="session-close-algorithm"></a> being run.
- This promise can only be fulfilled and is never rejected.</p>
- </dd>
-
- <dt>Promise<void> generateRequest(DOMString initDataType, (ArrayBuffer or ArrayBufferView) initData)</dt>
- <dd>
- <p>Generates a request based on the <var title="true">initData</var>.</p>
- <p><var title="true">initData</var> is <a def-id="initialization-data"></a>, and
- <var title="true">initDataType</var> is an <a def-id="initialization-data-type"></a> that indicates how to interpret <var title="true">initData</var>.
- </p>
-
- <ol class="method-algorithm">
- <li><p>If this object's <var title="true">uninitialized</var> value is false, return a promise rejected with <a def-id="new-domexception-named"></a> <a def-id="InvalidStateError"></a>.</p></li>
- <li><p>Let this object's <var title="true">uninitialized</var> be false.</p></li><!-- For simplicity and consistency, this object cannot be reused after any failure. -->
- <li><p>If <var title="true">initDataType</var> is an empty string, return a promise rejected with <a def-id="new-domexception-named"></a> <a def-id="InvalidAccessError"></a>.</p></li>
- <li><p>If <var title="true">initData</var> is an empty array, return a promise rejected with <a def-id="new-domexception-named"></a> <a def-id="InvalidAccessError"></a>.</p></li>
- <li><p>Let <var title="true">media keys</var> be the <a def-id="mediakeys"></a> object that created this object.</p></li>
- <li><p>If the <a def-id="cdm"></a> corresponding to <var title="true">media keys</var>'s <a def-id="keySystem-attribute"></a> attribute does not support <var title="true">initDataType</var> as an <a def-id="initialization-data-type"></a>, return a promise rejected with <a def-id="new-domexception-named"></a> <a def-id="NotSupportedError"></a>. String comparison is case-sensitive.</p></li>
- <li><p>Let <var>init data</var> be a copy of the contents of the <var title="true">initData</var> parameter.</p></li>
- <li><p>Let <var title="true">session type</var> be this object's <var title="true">session type</var>.</p></li>
- <li><p>Let <var>promise</var> be a new promise.</p></li>
- <li><p>Run the following steps asynchronously:</p>
- <ol>
- <li><p>If the <var>init data</var> is not valid for <var title="true">initDataType</var>, reject <var>promise</var> with <a def-id="new-domexception-named"></a> <a def-id="InvalidAccessError"></a>.</p></li>
- <li><p>Let <var>sanitized init data</var> be a validated and/or sanitized version of <var>init data</var>.</p>
- <p class="note">The user agent should thoroughly validate the Initialization Data before passing it to the CDM.
- This may include verifying values are within reasonable limits, stripping irrelevant data or fields, pre-parsing it, sanitizing it, and/or generating a fully sanitized version.
- The user agent should check that the length and values of fields are reasonable.
- Unknown fields should be rejected or removed.
- For Initialization Data formats that support multiple entries, the user agent should remove entries that are not needed by the CDM.
- </p>
- </li>
- <li><p>If the previous step failed, reject <var>promise</var> with <a def-id="new-domexception-named"></a> <a def-id="InvalidAccessError"></a>.</p></li>
- <li><p>Let <var title="true">session id</var> be the empty string.</p></li>
- <li><p>Let <var title="true">message</var> be null.</p></li>
- <li><p>Let <var title="true">cdm</var> be the CDM loaded during the <a def-id="mediakeys-initialization">initialization</a> of <var title="true">media keys</var>.</p></li>
- <li><p>Use the <var title="true">cdm</var> to execute the following steps:</p>
- <ol>
- <li><p>If the <var>init data</var> is not supported by the <var title="true">cdm</var>, reject <var>promise</var> with <a def-id="new-domexception-named"></a> <a def-id="NotSupportedError"></a>.</p></li>
- <li><p>Follow the steps for the first matching condition from the following list:</p>
- <dl class="switch">
- <dt>If <var title="true">session type</var> is <a def-id="temporary-session"></a></dt>
- <dd>Let <var title="true">requested session type</var> be a temporary non-persisted session.</p>
- <p class="note">The returned license must not be persistable.</p>
- </dd>
- <dt>If <var title="true">session type</var> is <a def-id="persistent-session"></a></dt>
- <dd>Let <var title="true">requested session type</var> be a persistable session.<p>
- <p class="note">The returned license may be persistable.)</p>
- </dd>
- </dl>
- <p class="note">The license server determines the type of license that is returned, either persistent or non-persistent. A persistent license cannot be added to a non-persistable session.</p>
- </li>
-
- <li><p>Let <var title="true">session id</var> be a unique <a def-id="session-id"></a> string.</p>
- <p>If <var title="true">session type</var> is <a def-id="persistent-session"></a>, the ID MUST be unique within the the <a def-id="origin"></a> of this object's <a def-id="document-concept"></a> over time, including across Documents and browsing sessions.</p>
- </li>
- <li><p>Let <var title="true">message</var> be a request for the <var title="true">requested session type</var> generated based on the <var>init data</var>, which is interpreted per <var title="true">initDataType</var>.</p>
- <p class="note">For example, a license request.</p>
- <p>The <var title="true">cdm</var> MUST NOT use any stream-specific data, including <a def-id="media-data"></a>, not provided via the <var>init data</var>.</p>
- <p>The <var title="true">cdm</var> SHOULD NOT store session data, including the session ID, at this point. See <a def-id="session-storage"></a>.</p>
- </li>
- </ol>
- </li>
- <li><p>If any of the preceding steps failed, reject <var>promise</var> with <a def-id="new-domexception-named"></a> <a def-id="appropriate-error-name"></a>.</p></li>
- <li><p>Set the <a def-id="sessionId"></a> attribute to <var title="true">session id</var>.</p></li>
- <li><p>Let this object's <var title="true">callable</var> be true.</p></li>
- <li><p>Run the <a def-id="queue-message-algorithm"></a> on the <var title="true">session</var>, providing <a def-id="message-type-licenserequest"></a> and <var title="true">message</var>.</p></li>
- <li><p>Resolve <var>promise</var>.</p></li>
- </ol>
- </li>
- <li><p>Return <var>promise</var>.</p></li>
- </ol>
- </dd>
-
- <dt>Promise<boolean> load(DOMString sessionId)</dt>
- <dd>
- <p>Loads the data stored for the <var title="true">sessionId</var> into the session represented by the object.</p>
-
- <ol class="method-algorithm">
- <li><p>If this object's <var title="true">uninitialized</var> value is false, return a promise rejected with <a def-id="new-domexception-named"></a> <a def-id="InvalidStateError"></a>.</p></li>
- <li><p>Let this object's <var title="true">uninitialized</var> be false.</p></li><!-- For simplicity and consistency, this object cannot be reused after any failure. -->
- <li><p>If <var title="true">sessionId</var> is an empty string, return a promise rejected with <a def-id="new-domexception-named"></a> <a def-id="InvalidAccessError"></a>.</p></li>
- <li><p>If this object's <var title="true">session type</var> is not <a def-id="persistent-session"></a>, return a promise rejected with <a def-id="new-domexception-named"></a> <a def-id="InvalidAccessError"></a>.</p></li>
- <li><p>Let <var title="true">media keys</var> be the <a def-id="mediakeys"></a> object that created this object.</p></li>
- <li><p>If the <a def-id="cdm"></a> corresponding to <var title="true">media keys</var>'s <a def-id="keySystem-attribute"></a> attribute does not support loading previous sessions, return a promise rejected with <a def-id="new-domexception-named"></a> <a def-id="NotSupportedError"></a>.</p></li>
- <li><p>Let <var>promise</var> be a new promise.</p></li>
- <li><p>Run the following steps asynchronously:</p>
- <ol>
- <li><p>Let <var>sanitized session ID</var> be a validated and/or sanitized version of <var title="true">sessionId</var>.</p>
- <p class="note">The user agent should thoroughly validate the sessionId value before passing it to the CDM.
- At a minimum, this should include checking that the length and value (e.g. alphanumeric) are reasonable.
- </p>
- </li>
- <li><p>If the previous step failed, reject <var>promise</var> with <a def-id="new-domexception-named"></a> <a def-id="InvalidAccessError"></a>.</p></li>
- <li><p>Let <var title="true">expiration time</var> be <code>NaN</code>.</p></li>
- <li><p>Let <var title="true">message</var> be null.</p></li>
- <li><p>Let <var title="true">message type</var> be null.</p></li>
- <li><p>Let <var title="true">origin</var> be the <a def-id="origin"></a> of this object's <a def-id="document-concept"></a>.</p></li>
- <li><p>Let <var title="true">cdm</var> be the CDM loaded during the <a def-id="mediakeys-initialization">initialization</a> of <var title="true">media keys</var>.</p></li>
- <li><p>Use the <var title="true">cdm</var> to execute the following steps:</p>
- <ol>
- <li><p>If there is no data stored for the <var>sanitized session ID</var> in the <var title="true">origin</var>, resolve <var>promise</var> with <code>false</code>.</p></li><!-- Per https://github.com/w3ctag/promises-guide#rejections-should-be-used-for-exceptional-situations. -->
- <li><p>Let <var title="true">session data</var> be the data stored for the <var>sanitized session ID</var> in the <var title="true">origin</var>.
- This MUST NOT include data from other origin(s) or that is not associated with an origin.</p></li>
- <li><p>If there is an unclosed <a def-id="persistent-session"></a> session in any <a def-id="document-concept"></a> representing the <var title="true">session data</var>, reject <var>promise</var> with <a def-id="new-domexception-named"></a> <a def-id="QuotaExceededError"></a>.</p>
- <p class="note">In other words, do not create a session if a non-closed persistent session already exists for this <var>sanitized session ID</var> in any browsing context.</p>
- </li>
- <li><p>Load the <var title="true">session data</var>.</p></li>
- <li><p>If the <var title="true">session data</var> indicates an expiration time for the session, let <var title="true">expiration time</var> be the expiration time in milliseconds since 01 January 1970 UTC.</p></li>
- <li><p>If the CDM needs to send a message:</p>
- <ol>
- <li><p>Let <var title="true">message</var> be a message generated by the <a def-id="cdm"></a> based on the <var title="true">session data</var>.</p></li>
- <li><p>Let <var title="true">message type</var> be the appropriate <a def-id="MediaKeyMessageType"></a> for the message.</p></li>
- </ol>
- </li>
- </ol>
- </li>
- <li><p>If any of the preceding steps failed, reject <var>promise</var> with <a def-id="new-domexception-named"></a> <a def-id="appropriate-error-name"></a>.</p></li>
- <li><p>Set the <a def-id="sessionId"></a> attribute to <var>sanitized session ID</var>.</p></li>
- <li><p>Let this object's <var title="true">callable</var> be true.</p></li>
- <li><p>If the loaded session contains usable keys, run the <a def-id="keys-changed-algorithm"></a> on the <var title="true">session</var>.</p>
- <p>The algorithm MAY also be run later should additional processing be necessary to determine with certainty whether one or more keys is usable.</p>
- </li>
- <li><p>Run the <a def-id="update-expiration-algorithm"></a> on the <var title="true">session</var>, providing <var title="true">expiration time</var>.</p></li>
- <li><p>If <var title="true">message</var> is not null, run the <a def-id="queue-message-algorithm"></a> on the <var title="true">session</var>, providing <var title="true">message type</var> and <var title="true">message</var>.</p></li>
- <li><p>Resolve <var>promise</var> with <code>true</code>.</p></li>
- </ol>
- </li>
- <li><p>Return <var>promise</var>.</p></li>
- </ol>
- </dd>
-
- <dt>Promise<void> update((ArrayBuffer or ArrayBufferView) response)</dt>
- <dd>
- <p>Provides messages, including licenses, to the CDM.</p>
- <p class="note">The contents of <var title="true">response</var> are <a def-id="keysystem"></a>-specific.</p>
-
- <ol class="method-algorithm">
- <li><p>If this object's <var title="true">callable</var> value is false, return a promise rejected with <a def-id="new-domexception-named"></a> <a def-id="InvalidStateError"></a>.</p></li>
- <li><p>If <var title="true">response</var> is an empty array, return a promise rejected with <a def-id="new-domexception-named"></a> <a def-id="InvalidAccessError"></a>.</p></li>
- <li><p>Let <var>response copy</var> be a copy of the contents of the <var title="true">response</var> parameter.</p></li>
- <li><p>Let <var>promise</var> be a new promise.</p></li>
- <li><p>Run the following steps asynchronously:</p>
- <ol>
- <li><p>Let <var>sanitized response</var> be a validated and/or sanitized version of <var>response copy</var>.</p>
- <p class="note">The user agent should thoroughly validate the response before passing it to the CDM.
- This may include verifying values are within reasonable limits, stripping irrelevant data or fields, pre-parsing it, sanitizing it, and/or generating a fully sanitized version.
- The user agent should check that the length and values of fields are reasonable.
- Unknown fields should be rejected or removed.
- </p>
- </li>
- <li><p>If the previous step failed, reject <var>promise</var> with <a def-id="new-domexception-named"></a> <a def-id="InvalidAccessError"></a>.</p></li>
- <li><p>Let <var title="true">cdm</var> be the CDM loaded during the <a def-id="mediakeys-initialization">initialization</a> of the <a def-id="mediakeys"></a> object that created this object.</p></li>
- <li><p>Let <var title="true">message</var> be null.</p></li>
- <li><p>Let <var title="true">message type</var> be null.</p></li>
- <li><p>Use the <var title="true">cdm</var> to execute the following steps:</p>
- <ol>
- <li><p>If the format of <var>sanitized response</var> is invalid in any way, reject <var>promise</var> with <a def-id="new-domexception-named"></a> <a def-id="InvalidAccessError"></a>.</p></li>
- <li><p>Process <var>sanitized response</var>, following the stipulation for the first matching condition from the following list:</p>
- <dl class="switch">
- <dt>If <var title="true">sessionType</var> is <a def-id="temporary-session"></a> and <var>sanitized response</var> does not specify that session data, including any license, key(s), or similar session data it contains, should be stored</dt>
- <dd>Continue processing <var>sanitized response</var>, not storing any session data.</dd>
- <dt>If <var title="true">sessionType</var> is <a def-id="persistent-session"></a></dt>
- <dd>Continue processing <var>sanitized response</var>, storing the license, key(s), or similar session data contained in <var>sanitized response</var> as permitted or instructed by the license.
- Such data MUST be stored such that only the <a def-id="origin"></a> of this object's <a def-id="document-concept"></a> can access it.
- </dd>
- <dt>Otherwise</dt>
- <dd>Reject <var>promise</var> with <a def-id="new-domexception-named"></a> <a def-id="InvalidAccessError"></a>.</dd>
- </dl>
- <p>See also <a def-id="session-storage"></a>.</p>
- <p class="note">When <var>sanitized response</var> contains key(s) and/or related data, <var title="true">cdm</var> will likely cache the key and related data indexed by key ID.</p>
- <p class="note">The replacement algorithm within a session is <a def-id="keysystem"></a>-dependent.</p>
- <p>Keys from different sessions SHOULD be cached independently such that closing one session does not affect keys in other sessions, even if they have overlapping key IDs.</p>
- <p class="note">It is RECOMMENDED that CDMs support a standard and reasonably high minimum number of keys per <a def-id="mediakeysession"></a> object, including a standard replacement algorithm, and a standard and reasonably high minimum number of <a def-id="mediakeysession"></a> objects.
- This enables a reasonable number of key rotation algorithms to be implemented across user agents and may reduce the likelihood of playback interruptions in use cases that involve various streams in the same element (i.e. adaptive streams, various audio and video tracks) using different keys.
- </p>
- </li>
- <li><p>If the set of usable keys changed, run the <a def-id="keys-changed-algorithm"></a> on the <var title="true">session</var>.</p>
- <p>The algorithm MAY also be run later should additional processing be necessary to determine with certainty whether one or more keys is usable.</p>
- </li>
- <li><p>If the expiration time for the session changed, run the <a def-id="update-expiration-algorithm"></a> on the <var title="true">session</var>, providing the new expiration time.</p></li>
- <li><p>If a message needs to be sent to the server, execute the following steps:</p>
- <ol>
- <li><p>Let <var title="true">message</var> be that message.</p></li>
- <li><p>Let <var title="true">message type</var> be the appropriate <a def-id="MediaKeyMessageType"></a> for the message.</p></li>
- </ol>
- </li>
- </ol>
- </li>
- <li><p>If any of the preceding steps failed, reject <var>promise</var> with <a def-id="new-domexception-named"></a> <a def-id="appropriate-error-name"></a>.</p></li>
- <li><p>If <var title="true">message</var> is not null, run the <a def-id="queue-message-algorithm"></a> on the <var title="true">session</var>, providing <var title="true">message type</var> and <var title="true">message</var>.</p></li>
- <li><p>Resolve <var>promise</var>.</p></li>
- </ol>
- </li>
- <li><p>Return <var>promise</var>.</p></li>
- </ol>
- </dd>
-
- <dt>Promise<void> close()</dt>
- <dd>
- <p>Indicates that the application no longer needs the session and the CDM should release any resources associated with this object and close it.</p>
- <p class="note">The returned promise is resolved when the request has been processed, and the <a def-id="closed"></a> attribute promise is resolved when the session is closed.</p>
-
- <ol class="method-algorithm">
- <li><p>If this object's <var title="true">callable</var> value is false, return a promise rejected with <a def-id="new-domexception-named"></a> <a def-id="InvalidStateError"></a>.</p></li>
- <li><p>If the <a def-id="session-close-algorithm"></a> has been run on this object, return a resolved promise.</p></li>
- <li><p>Let <var>promise</var> be a new promise.</p></li>
- <li><p>Run the following steps asynchronously:</p>
- <ol>
- <li><p>Let <var title="true">cdm</var> be the CDM loaded during the <a def-id="mediakeys-initialization">initialization</a> of the <a def-id="mediakeys"></a> object that created this object.</p></li>
- <li><p>Use the <var title="true">cdm</var> to execute the following steps:</p>
- <ol>
- <li>
- <p>Process the close request.</p>
- <p>Do not remove stored session data.</p>
- </li>
- <li><p>If the previous step caused the session to be closed, run the <a def-id="session-close-algorithm"></a> on this object.</p></li>
- </ol>
- </li>
- <li><p>Resolve <var>promise</var>.</p></li>
- </ol>
- </li>
- <li><p>Return <var>promise</var>.</p></li>
- </ol>
- </dd>
-
- <dt>Promise<void> remove()</dt>
- <dd>
- <p>Removes stored session data associated with this object.</p>
-
- <ol class="method-algorithm">
- <li><p>If this object's <var title="true">callable</var> value is false, return a promise rejected with <a def-id="new-domexception-named"></a> <a def-id="InvalidStateError"></a>.</p></li>
- <li><p>If this object's <var title="true">session type</var> is not <a def-id="persistent-session"></a>, return a promise rejected with <a def-id="new-domexception-named"></a> <a def-id="InvalidAccessError"></a>.</p></li>
- <li><p>If the <a def-id="session-close-algorithm"></a> has been run on this object, return a promise rejected with <a def-id="new-domexception-named"></a> <a def-id="InvalidStateError"></a>.</p></li>
- <li><p>Let <var>promise</var> be a new promise.</p></li>
- <li><p>Run the following steps asynchronously:</p>
- <ol>
- <li><p>Let <var title="true">cdm</var> be the CDM loaded during the <a def-id="mediakeys-initialization">initialization</a> of the <a def-id="mediakeys"></a> object that created this object.</p></li>
- <li><p>Use the <var title="true">cdm</var> to execute the following steps:</p>
- <ol>
- <li>
- <p>Process the remove request.</p>
- <p>This MAY involve exchanging message(s) with the application.</p>
- <p>Unless this step fails, the CDM MUST have cleared all stored session data associated with this object, including the <a def-id="sessionId"></a>, before proceeding to the next step.</p>
- <p class="note">A subsequent call to <a def-id="load"></a> with the value <a def-id="sessionId"></a> would fail because there is no data stored for that session ID.)</p>
- </li>
- </ol>
- </li>
- <li><p>Run the following steps asynchronously once the above step has completed:</p>
- <ol>
- <li><p>If any of the preceding steps failed, reject <var>promise</var> with <a def-id="new-domexception-named"></a> <a def-id="appropriate-error-name"></a>.</p></li>
- <li><p>Run the <a def-id="session-close-algorithm"></a> on this object.</p></li>
- <li><p>Resolve <var>promise</var>.</p></li>
- </ol>
- </li>
- </ol>
- </li>
- <li><p>Return <var>promise</var>.</p></li>
- </ol>
- </dd>
+ <h2>MediaKeySession Object</h2>
+ <p>The MediaKeySession object represents a <a href="#key-session">key session</a>.</p>
+
+ <p>For methods that return a promise, all errors are reported asynchronously by rejecting the returned Promise. This includes WebIDL type mapping errors.</p>
+ <p>The steps of an algorithm are always aborted when resolving or rejecting a promise.</p>
+
+ <dl title="interface MediaKeySession : EventTarget" class='idl'>
+ <dt>readonly attribute DOMString sessionId</dt>
+ <dd>
+ <p>The <a def-id="session-id"></a> for this object and the associated key(s) or license(s).</p>
+ </dd>
+
+ <dt>readonly attribute unrestricted double expiration</dt>
+ <dd>
+ <p>The time, in milliseconds since 01 January, 1970 UTC, after which the key(s) in the session will no longer be usable to decrypt <a def-id="media-data"></a>, or <code>NaN</code> if no such time exists, as determined by the CDM.</p>
+ </dd>
+
+ <dt>readonly attribute Promise<void> closed</dt>
+ <dd>
+ <p>Signals when object becomes closed as a result of the <a def-id="session-close-algorithm"></a> being run.
+ This promise can only be fulfilled and is never rejected.</p>
+ </dd>
- <dt>Promise<sequence<ArrayBuffer>> getUsableKeyIds()</dt>
- <dd>
- <p class="issue"><a href="https://www.w3.org/Bugs/Public/show_bug.cgi?id=26372">Bug 26372</a> - getUsableKeyIds() may be replaced.</p>
- <p>Gets the key IDs for keys in the session that the CDM <em>knows</em> are currently usable to decrypt <a def-id="media-data"></a>.</p>
-
- <ol class="method-algorithm">
- <li><p>If this object's <var title="true">callable</var> value is false, return a promise rejected with <a def-id="new-domexception-named"></a> <a def-id="InvalidStateError"></a>.</p></li>
- <li><p>Let <var>promise</var> be a new promise.</p></li>
- <li><p>Run the following steps asynchronously:</p>
- <ol>
- <li><p>Let <var title="true">cdm</var> be the CDM loaded during the <a def-id="mediakeys-initialization">initialization</a> of the <a def-id="mediakeys"></a> object that created this object.</p></li>
- <li><p>Use the <var title="true">cdm</var> to execute the following steps:</p>
- <ol>
- <li><p>Let <var title="true">usable key ids</var> be a list of the key IDs for keys in the session that the CDM <em>knows</em> are currently usable to decrypt <a def-id="media-data"></a>. <var title="true">usable key ids</var> MUST NOT contain IDs for keys that <em>may not</em> currently be usable. Each element MUST be unique.</p></li>
- </ol>
- </li>
- <li>
- <p>If the preceding step failed, reject <var>promise</var> with <a def-id="new-domexception-named"></a> <a def-id="appropriate-error-name"></a>.</p>
- </li>
- <li>
- <p>Resolve <var>promise</var> with a new Sequence object, each element of which contains one element of <var title="true">usable key ids</var>.</p>
- </li>
- </ol>
- </li>
- </ol>
- </dd>
-
- </dl>
-
- <section id="mediakeymessageevent">
- <h3>MediaKeyMessageEvent</h3>
- <p>The MediaKeyMessageEvent object is used for the <a def-id="message"></a> event.</p>
- <p>Events are constructed as defined in <a def-id="constructing-events"></a> [[!DOM]].</p>
-
- <dl title="enum MediaKeyMessageType" class="idl">
- <dt>licenserequest</dt>
- <dd>The message contains a request for a new license.</dd>
- <dt>licenserenewal</dt>
- <dd>The message contains a request to renew an existing license.</dd>
- <dt>licenserelease</dt>
- <dd>The message contains a proof of key release.</dd>
+ <dt>Promise<void> generateRequest(DOMString initDataType, (ArrayBuffer or ArrayBufferView) initData)</dt>
+ <dd>
+ <p>Generates a request based on the <var title="true">initData</var>.</p>
+ <p><var title="true">initData</var> is <a def-id="initialization-data"></a>, and
+ <var title="true">initDataType</var> is an <a def-id="initialization-data-type"></a> that indicates how to interpret <var title="true">initData</var>.
+ </p>
+
+ <ol class="method-algorithm">
+ <li><p>If this object's <var title="true">uninitialized</var> value is false, return a promise rejected with <a def-id="new-domexception-named"></a> <a def-id="InvalidStateError"></a>.</p></li>
+ <li><p>Let this object's <var title="true">uninitialized</var> be false.</p></li><!-- For simplicity and consistency, this object cannot be reused after any failure. -->
+ <li><p>If <var title="true">initDataType</var> is an empty string, return a promise rejected with <a def-id="new-domexception-named"></a> <a def-id="InvalidAccessError"></a>.</p></li>
+ <li><p>If <var title="true">initData</var> is an empty array, return a promise rejected with <a def-id="new-domexception-named"></a> <a def-id="InvalidAccessError"></a>.</p></li>
+ <li><p>Let <var title="true">media keys</var> be the <a def-id="mediakeys"></a> object that created this object.</p></li>
+ <li><p>If the <a def-id="cdm"></a> corresponding to <var title="true">media keys</var>'s <a def-id="keySystem-attribute"></a> attribute does not support <var title="true">initDataType</var> as an <a def-id="initialization-data-type"></a>, return a promise rejected with <a def-id="new-domexception-named"></a> <a def-id="NotSupportedError"></a>. String comparison is case-sensitive.</p></li>
+ <li><p>Let <var>init data</var> be a copy of the contents of the <var title="true">initData</var> parameter.</p></li>
+ <li><p>Let <var title="true">session type</var> be this object's <var title="true">session type</var>.</p></li>
+ <li><p>Let <var>promise</var> be a new promise.</p></li>
+ <li><p>Run the following steps asynchronously:</p>
+ <ol>
+ <li><p>If the <var>init data</var> is not valid for <var title="true">initDataType</var>, reject <var>promise</var> with <a def-id="new-domexception-named"></a> <a def-id="InvalidAccessError"></a>.</p></li>
+ <li><p>Let <var>sanitized init data</var> be a validated and/or sanitized version of <var>init data</var>.</p>
+ <p class="note">The user agent should thoroughly validate the Initialization Data before passing it to the CDM.
+ This may include verifying values are within reasonable limits, stripping irrelevant data or fields, pre-parsing it, sanitizing it, and/or generating a fully sanitized version.
+ The user agent should check that the length and values of fields are reasonable.
+ Unknown fields should be rejected or removed.
+ For Initialization Data formats that support multiple entries, the user agent should remove entries that are not needed by the CDM.
+ </p>
+ </li>
+ <li><p>If the previous step failed, reject <var>promise</var> with <a def-id="new-domexception-named"></a> <a def-id="InvalidAccessError"></a>.</p></li>
+ <li><p>Let <var title="true">session id</var> be the empty string.</p></li>
+ <li><p>Let <var title="true">message</var> be null.</p></li>
+ <li><p>Let <var title="true">cdm</var> be the CDM loaded during the <a def-id="mediakeys-initialization">initialization</a> of <var title="true">media keys</var>.</p></li>
+ <li><p>Use the <var title="true">cdm</var> to execute the following steps:</p>
+ <ol>
+ <li><p>If the <var>init data</var> is not supported by the <var title="true">cdm</var>, reject <var>promise</var> with <a def-id="new-domexception-named"></a> <a def-id="NotSupportedError"></a>.</p></li>
+ <li><p>Follow the steps for the first matching condition from the following list:</p>
+ <dl class="switch">
+ <dt>If <var title="true">session type</var> is <a def-id="temporary-session"></a></dt>
+ <dd>Let <var title="true">requested session type</var> be a temporary non-persisted session.</p>
+ <p class="note">The returned license must not be persistable.</p>
+ </dd>
+ <dt>If <var title="true">session type</var> is <a def-id="persistent-session"></a></dt>
+ <dd>Let <var title="true">requested session type</var> be a persistable session.<p>
+ <p class="note">The returned license may be persistable.)</p>
+ </dd>
+ </dl>
+ <p class="note">The license server determines the type of license that is returned, either persistent or non-persistent. A persistent license cannot be added to a non-persistable session.</p>
+ </li>
+
+ <li><p>Let <var title="true">session id</var> be a unique <a def-id="session-id"></a> string.</p>
+ <p>If <var title="true">session type</var> is <a def-id="persistent-session"></a>, the ID MUST be unique within the the <a def-id="origin"></a> of this object's <a def-id="document-concept"></a> over time, including across Documents and browsing sessions.</p>
+ </li>
+ <li><p>Let <var title="true">message</var> be a request for the <var title="true">requested session type</var> generated based on the <var>init data</var>, which is interpreted per <var title="true">initDataType</var>.</p>
+ <p class="note">For example, a license request.</p>
+ <p>The <var title="true">cdm</var> MUST NOT use any stream-specific data, including <a def-id="media-data"></a>, not provided via the <var>init data</var>.</p>
+ <p>The <var title="true">cdm</var> SHOULD NOT store session data, including the session ID, at this point. See <a def-id="session-storage"></a>.</p>
+ </li>
+ </ol>
+ </li>
+ <li><p>If any of the preceding steps failed, reject <var>promise</var> with <a def-id="new-domexception-named"></a> <a def-id="appropriate-error-name"></a>.</p></li>
+ <li><p>Set the <a def-id="sessionId"></a> attribute to <var title="true">session id</var>.</p></li>
+ <li><p>Let this object's <var title="true">callable</var> be true.</p></li>
+ <li><p>Run the <a def-id="queue-message-algorithm"></a> on the <var title="true">session</var>, providing <a def-id="message-type-licenserequest"></a> and <var title="true">message</var>.</p></li>
+ <li><p>Resolve <var>promise</var>.</p></li>
+ </ol>
+ </li>
+ <li><p>Return <var>promise</var>.</p></li>
+ </ol>
+ </dd>
+
+ <dt>Promise<boolean> load(DOMString sessionId)</dt>
+ <dd>
+ <p>Loads the data stored for the <var title="true">sessionId</var> into the session represented by the object.</p>
+
+ <ol class="method-algorithm">
+ <li><p>If this object's <var title="true">uninitialized</var> value is false, return a promise rejected with <a def-id="new-domexception-named"></a> <a def-id="InvalidStateError"></a>.</p></li>
+ <li><p>Let this object's <var title="true">uninitialized</var> be false.</p></li><!-- For simplicity and consistency, this object cannot be reused after any failure. -->
+ <li><p>If <var title="true">sessionId</var> is an empty string, return a promise rejected with <a def-id="new-domexception-named"></a> <a def-id="InvalidAccessError"></a>.</p></li>
+ <li><p>If this object's <var title="true">session type</var> is not <a def-id="persistent-session"></a>, return a promise rejected with <a def-id="new-domexception-named"></a> <a def-id="InvalidAccessError"></a>.</p></li>
+ <li><p>Let <var title="true">media keys</var> be the <a def-id="mediakeys"></a> object that created this object.</p></li>
+ <li><p>If the <a def-id="cdm"></a> corresponding to <var title="true">media keys</var>'s <a def-id="keySystem-attribute"></a> attribute does not support loading previous sessions, return a promise rejected with <a def-id="new-domexception-named"></a> <a def-id="NotSupportedError"></a>.</p></li>
+ <li><p>Let <var>promise</var> be a new promise.</p></li>
+ <li><p>Run the following steps asynchronously:</p>
+ <ol>
+ <li><p>Let <var>sanitized session ID</var> be a validated and/or sanitized version of <var title="true">sessionId</var>.</p>
+ <p class="note">The user agent should thoroughly validate the sessionId value before passing it to the CDM.
+ At a minimum, this should include checking that the length and value (e.g. alphanumeric) are reasonable.
+ </p>
+ </li>
+ <li><p>If the previous step failed, reject <var>promise</var> with <a def-id="new-domexception-named"></a> <a def-id="InvalidAccessError"></a>.</p></li>
+ <li><p>Let <var title="true">expiration time</var> be <code>NaN</code>.</p></li>
+ <li><p>Let <var title="true">message</var> be null.</p></li>
+ <li><p>Let <var title="true">message type</var> be null.</p></li>
+ <li><p>Let <var title="true">origin</var> be the <a def-id="origin"></a> of this object's <a def-id="document-concept"></a>.</p></li>
+ <li><p>Let <var title="true">cdm</var> be the CDM loaded during the <a def-id="mediakeys-initialization">initialization</a> of <var title="true">media keys</var>.</p></li>
+ <li><p>Use the <var title="true">cdm</var> to execute the following steps:</p>
+ <ol>
+ <li><p>If there is no data stored for the <var>sanitized session ID</var> in the <var title="true">origin</var>, resolve <var>promise</var> with <code>false</code>.</p></li><!-- Per https://github.com/w3ctag/promises-guide#rejections-should-be-used-for-exceptional-situations. -->
+ <li><p>Let <var title="true">session data</var> be the data stored for the <var>sanitized session ID</var> in the <var title="true">origin</var>.
+ This MUST NOT include data from other origin(s) or that is not associated with an origin.</p></li>
+ <li><p>If there is an unclosed <a def-id="persistent-session"></a> session in any <a def-id="document-concept"></a> representing the <var title="true">session data</var>, reject <var>promise</var> with <a def-id="new-domexception-named"></a> <a def-id="QuotaExceededError"></a>.</p>
+ <p class="note">In other words, do not create a session if a non-closed persistent session already exists for this <var>sanitized session ID</var> in any browsing context.</p>
+ </li>
+ <li><p>Load the <var title="true">session data</var>.</p></li>
+ <li><p>If the <var title="true">session data</var> indicates an expiration time for the session, let <var title="true">expiration time</var> be the expiration time in milliseconds since 01 January 1970 UTC.</p></li>
+ <li><p>If the CDM needs to send a message:</p>
+ <ol>
+ <li><p>Let <var title="true">message</var> be a message generated by the <a def-id="cdm"></a> based on the <var title="true">session data</var>.</p></li>
+ <li><p>Let <var title="true">message type</var> be the appropriate <a def-id="MediaKeyMessageType"></a> for the message.</p></li>
+ </ol>
+ </li>
+ </ol>
+ </li>
+ <li><p>If any of the preceding steps failed, reject <var>promise</var> with <a def-id="new-domexception-named"></a> <a def-id="appropriate-error-name"></a>.</p></li>
+ <li><p>Set the <a def-id="sessionId"></a> attribute to <var>sanitized session ID</var>.</p></li>
+ <li><p>Let this object's <var title="true">callable</var> be true.</p></li>
+ <li><p>If the loaded session contains usable keys, run the <a def-id="keys-changed-algorithm"></a> on the <var title="true">session</var>.</p>
+ <p>The algorithm MAY also be run later should additional processing be necessary to determine with certainty whether one or more keys is usable.</p>
+ </li>
+ <li><p>Run the <a def-id="update-expiration-algorithm"></a> on the <var title="true">session</var>, providing <var title="true">expiration time</var>.</p></li>
+ <li><p>If <var title="true">message</var> is not null, run the <a def-id="queue-message-algorithm"></a> on the <var title="true">session</var>, providing <var title="true">message type</var> and <var title="true">message</var>.</p></li>
+ <li><p>Resolve <var>promise</var> with <code>true</code>.</p></li>
+ </ol>
+ </li>
+ <li><p>Return <var>promise</var>.</p></li>
+ </ol>
+ </dd>
+
+ <dt>Promise<void> update((ArrayBuffer or ArrayBufferView) response)</dt>
+ <dd>
+ <p>Provides messages, including licenses, to the CDM.</p>
+ <p class="note">The contents of <var title="true">response</var> are <a def-id="keysystem"></a>-specific.</p>
+
+ <ol class="method-algorithm">
+ <li><p>If this object's <var title="true">callable</var> value is false, return a promise rejected with <a def-id="new-domexception-named"></a> <a def-id="InvalidStateError"></a>.</p></li>
+ <li><p>If <var title="true">response</var> is an empty array, return a promise rejected with <a def-id="new-domexception-named"></a> <a def-id="InvalidAccessError"></a>.</p></li>
+ <li><p>Let <var>response copy</var> be a copy of the contents of the <var title="true">response</var> parameter.</p></li>
+ <li><p>Let <var>promise</var> be a new promise.</p></li>
+ <li><p>Run the following steps asynchronously:</p>
+ <ol>
+ <li><p>Let <var>sanitized response</var> be a validated and/or sanitized version of <var>response copy</var>.</p>
+ <p class="note">The user agent should thoroughly validate the response before passing it to the CDM.
+ This may include verifying values are within reasonable limits, stripping irrelevant data or fields, pre-parsing it, sanitizing it, and/or generating a fully sanitized version.
+ The user agent should check that the length and values of fields are reasonable.
+ Unknown fields should be rejected or removed.
+ </p>
+ </li>
+ <li><p>If the previous step failed, reject <var>promise</var> with <a def-id="new-domexception-named"></a> <a def-id="InvalidAccessError"></a>.</p></li>
+ <li><p>Let <var title="true">cdm</var> be the CDM loaded during the <a def-id="mediakeys-initialization">initialization</a> of the <a def-id="mediakeys"></a> object that created this object.</p></li>
+ <li><p>Let <var title="true">message</var> be null.</p></li>
+ <li><p>Let <var title="true">message type</var> be null.</p></li>
+ <li><p>Use the <var title="true">cdm</var> to execute the following steps:</p>
+ <ol>
+ <li><p>If the format of <var>sanitized response</var> is invalid in any way, reject <var>promise</var> with <a def-id="new-domexception-named"></a> <a def-id="InvalidAccessError"></a>.</p></li>
+ <li><p>Process <var>sanitized response</var>, following the stipulation for the first matching condition from the following list:</p>
+ <dl class="switch">
+ <dt>If <var title="true">sessionType</var> is <a def-id="temporary-session"></a> and <var>sanitized response</var> does not specify that session data, including any license, key(s), or similar session data it contains, should be stored</dt>
+ <dd>Continue processing <var>sanitized response</var>, not storing any session data.</dd>
+ <dt>If <var title="true">sessionType</var> is <a def-id="persistent-session"></a></dt>
+ <dd>Continue processing <var>sanitized response</var>, storing the license, key(s), or similar session data contained in <var>sanitized response</var> as permitted or instructed by the license.
+ Such data MUST be stored such that only the <a def-id="origin"></a> of this object's <a def-id="document-concept"></a> can access it.
+ </dd>
+ <dt>Otherwise</dt>
+ <dd>Reject <var>promise</var> with <a def-id="new-domexception-named"></a> <a def-id="InvalidAccessError"></a>.</dd>
+ </dl>
+ <p>See also <a def-id="session-storage"></a>.</p>
+ <p class="note">When <var>sanitized response</var> contains key(s) and/or related data, <var title="true">cdm</var> will likely cache the key and related data indexed by key ID.</p>
+ <p class="note">The replacement algorithm within a session is <a def-id="keysystem"></a>-dependent.</p>
+ <p>Keys from different sessions SHOULD be cached independently such that closing one session does not affect keys in other sessions, even if they have overlapping key IDs.</p>
+ <p class="note">It is RECOMMENDED that CDMs support a standard and reasonably high minimum number of keys per <a def-id="mediakeysession"></a> object, including a standard replacement algorithm, and a standard and reasonably high minimum number of <a def-id="mediakeysession"></a> objects.
+ This enables a reasonable number of key rotation algorithms to be implemented across user agents and may reduce the likelihood of playback interruptions in use cases that involve various streams in the same element (i.e. adaptive streams, various audio and video tracks) using different keys.
+ </p>
+ </li>
+ <li><p>If the set of usable keys changed, run the <a def-id="keys-changed-algorithm"></a> on the <var title="true">session</var>.</p>
+ <p>The algorithm MAY also be run later should additional processing be necessary to determine with certainty whether one or more keys is usable.</p>
+ </li>
+ <li><p>If the expiration time for the session changed, run the <a def-id="update-expiration-algorithm"></a> on the <var title="true">session</var>, providing the new expiration time.</p></li>
+ <li><p>If a message needs to be sent to the server, execute the following steps:</p>
+ <ol>
+ <li><p>Let <var title="true">message</var> be that message.</p></li>
+ <li><p>Let <var title="true">message type</var> be the appropriate <a def-id="MediaKeyMessageType"></a> for the message.</p></li>
+ </ol>
+ </li>
+ </ol>
+ </li>
+ <li><p>If any of the preceding steps failed, reject <var>promise</var> with <a def-id="new-domexception-named"></a> <a def-id="appropriate-error-name"></a>.</p></li>
+ <li><p>If <var title="true">message</var> is not null, run the <a def-id="queue-message-algorithm"></a> on the <var title="true">session</var>, providing <var title="true">message type</var> and <var title="true">message</var>.</p></li>
+ <li><p>Resolve <var>promise</var>.</p></li>
+ </ol>
+ </li>
+ <li><p>Return <var>promise</var>.</p></li>
+ </ol>
+ </dd>
+
+ <dt>Promise<void> close()</dt>
+ <dd>
+ <p>Indicates that the application no longer needs the session and the CDM should release any resources associated with this object and close it.</p>
+ <p class="note">The returned promise is resolved when the request has been processed, and the <a def-id="closed"></a> attribute promise is resolved when the session is closed.</p>
+
+ <ol class="method-algorithm">
+ <li><p>If this object's <var title="true">callable</var> value is false, return a promise rejected with <a def-id="new-domexception-named"></a> <a def-id="InvalidStateError"></a>.</p></li>
+ <li><p>If the <a def-id="session-close-algorithm"></a> has been run on this object, return a resolved promise.</p></li>
+ <li><p>Let <var>promise</var> be a new promise.</p></li>
+ <li><p>Run the following steps asynchronously:</p>
+ <ol>
+ <li><p>Let <var title="true">cdm</var> be the CDM loaded during the <a def-id="mediakeys-initialization">initialization</a> of the <a def-id="mediakeys"></a> object that created this object.</p></li>
+ <li><p>Use the <var title="true">cdm</var> to execute the following steps:</p>
+ <ol>
+ <li>
+ <p>Process the close request.</p>
+ <p>Do not remove stored session data.</p>
+ </li>
+ <li><p>If the previous step caused the session to be closed, run the <a def-id="session-close-algorithm"></a> on this object.</p></li>
+ </ol>
+ </li>
+ <li><p>Resolve <var>promise</var>.</p></li>
+ </ol>
+ </li>
+ <li><p>Return <var>promise</var>.</p></li>
+ </ol>
+ </dd>
+
+ <dt>Promise<void> remove()</dt>
+ <dd>
+ <p>Removes stored session data associated with this object.</p>
+
+ <ol class="method-algorithm">
+ <li><p>If this object's <var title="true">callable</var> value is false, return a promise rejected with <a def-id="new-domexception-named"></a> <a def-id="InvalidStateError"></a>.</p></li>
+ <li><p>If this object's <var title="true">session type</var> is not <a def-id="persistent-session"></a>, return a promise rejected with <a def-id="new-domexception-named"></a> <a def-id="InvalidAccessError"></a>.</p></li>
+ <li><p>If the <a def-id="session-close-algorithm"></a> has been run on this object, return a promise rejected with <a def-id="new-domexception-named"></a> <a def-id="InvalidStateError"></a>.</p></li>
+ <li><p>Let <var>promise</var> be a new promise.</p></li>
+ <li><p>Run the following steps asynchronously:</p>
+ <ol>
+ <li><p>Let <var title="true">cdm</var> be the CDM loaded during the <a def-id="mediakeys-initialization">initialization</a> of the <a def-id="mediakeys"></a> object that created this object.</p></li>
+ <li><p>Use the <var title="true">cdm</var> to execute the following steps:</p>
+ <ol>
+ <li>
+ <p>Process the remove request.</p>
+ <p>This MAY involve exchanging message(s) with the application.</p>
+ <p>Unless this step fails, the CDM MUST have cleared all stored session data associated with this object, including the <a def-id="sessionId"></a>, before proceeding to the next step.</p>
+ <p class="note">A subsequent call to <a def-id="load"></a> with the value <a def-id="sessionId"></a> would fail because there is no data stored for that session ID.)</p>
+ </li>
+ </ol>
+ </li>
+ <li><p>Run the following steps asynchronously once the above step has completed:</p>
+ <ol>
+ <li><p>If any of the preceding steps failed, reject <var>promise</var> with <a def-id="new-domexception-named"></a> <a def-id="appropriate-error-name"></a>.</p></li>
+ <li><p>Run the <a def-id="session-close-algorithm"></a> on this object.</p></li>
+ <li><p>Resolve <var>promise</var>.</p></li>
+ </ol>
+ </li>
+ </ol>
+ </li>
+ <li><p>Return <var>promise</var>.</p></li>
+ </ol>
+ </dd>
+
+ <dt>Promise<sequence<ArrayBuffer>> getUsableKeyIds()</dt>
+ <dd>
+ <p class="issue"><a href="https://www.w3.org/Bugs/Public/show_bug.cgi?id=26372">Bug 26372</a> - getUsableKeyIds() may be replaced.</p>
+ <p>Gets the key IDs for keys in the session that the CDM <em>knows</em> are currently usable to decrypt <a def-id="media-data"></a>.</p>
+
+ <ol class="method-algorithm">
+ <li><p>If this object's <var title="true">callable</var> value is false, return a promise rejected with <a def-id="new-domexception-named"></a> <a def-id="InvalidStateError"></a>.</p></li>
+ <li><p>Let <var>promise</var> be a new promise.</p></li>
+ <li><p>Run the following steps asynchronously:</p>
+ <ol>
+ <li><p>Let <var title="true">cdm</var> be the CDM loaded during the <a def-id="mediakeys-initialization">initialization</a> of the <a def-id="mediakeys"></a> object that created this object.</p></li>
+ <li><p>Use the <var title="true">cdm</var> to execute the following steps:</p>
+ <ol>
+ <li><p>Let <var title="true">usable key ids</var> be a list of the key IDs for keys in the session that the CDM <em>knows</em> are currently usable to decrypt <a def-id="media-data"></a>. <var title="true">usable key ids</var> MUST NOT contain IDs for keys that <em>may not</em> currently be usable. Each element MUST be unique.</p></li>
+ </ol>
+ </li>
+ <li>
+ <p>If the preceding step failed, reject <var>promise</var> with <a def-id="new-domexception-named"></a> <a def-id="appropriate-error-name"></a>.</p>
+ </li>
+ <li>
+ <p>Resolve <var>promise</var> with a new Sequence object, each element of which contains one element of <var title="true">usable key ids</var>.</p>
+ </li>
+ </ol>
+ </li>
+ </ol>
+ </dd>
+
</dl>
-
- <dl title="interface MediaKeyMessageEvent : Event" class="idl">
- <dt class="extended-attribute">
- Constructor(DOMString type, optional MediaKeyMessageEventInit eventInitDict)
- </dt>
- <dd>
-
- <dt>readonly attribute MediaKeyMessageType type</dt>
- <dd>
- The type of the message.
- </dd>
-
- <dt>readonly attribute ArrayBuffer message</dt>
- <dd>
- The message from the CDM. Messages are Key System-specific.
- </dd>
- </dl>
-
- <section id="mediakeymessageeventinit">
- <h4>MediaKeyMessageEventInit</h4>
- <dl title="dictionary MediaKeyMessageEventInit : EventInit" class="idl">
- <dt>MediaKeyMessageType type = "licenserequest"</dt>
+
+ <section id="mediakeymessageevent">
+ <h3>MediaKeyMessageEvent</h3>
+ <p>The MediaKeyMessageEvent object is used for the <a def-id="message"></a> event.</p>
+ <p>Events are constructed as defined in <a def-id="constructing-events"></a> [[!DOM]].</p>
+
+ <dl title="enum MediaKeyMessageType" class="idl">
+ <dt>licenserequest</dt>
+ <dd>The message contains a request for a new license.</dd>
+ <dt>licenserenewal</dt>
+ <dd>The message contains a request to renew an existing license.</dd>
+ <dt>licenserelease</dt>
+ <dd>The message contains a proof of key release.</dd>
+ </dl>
+
+ <dl title="interface MediaKeyMessageEvent : Event" class="idl">
+ <dt class="extended-attribute">
+ Constructor(DOMString type, optional MediaKeyMessageEventInit eventInitDict)
+ </dt>
+ <dd>
+
+ <dt>readonly attribute MediaKeyMessageType type</dt>
<dd>
The type of the message.
</dd>
- <dt>ArrayBuffer message = ArrayBuffer()</dt>
+
+ <dt>readonly attribute ArrayBuffer message</dt>
<dd>
- The message.
+ The message from the CDM. Messages are Key System-specific.
</dd>
</dl>
+
+ <section id="mediakeymessageeventinit">
+ <h4>MediaKeyMessageEventInit</h4>
+ <dl title="dictionary MediaKeyMessageEventInit : EventInit" class="idl">
+ <dt>MediaKeyMessageType type = "licenserequest"</dt>
+ <dd>
+ The type of the message.
+ </dd>
+ <dt>ArrayBuffer message = ArrayBuffer()</dt>
+ <dd>
+ The message.
+ </dd>
+ </dl>
+ </section>
</section>
- </section>
-
- <section id="mediakeysession-events" class="informative">
- <h3>Event Summary</h3>
-
- <p class="note">In some implementations, <a def-id="mediakeysession"></a> objects may not fire any events until the <a def-id="mediakeys"></a> object is associated with a media element using <a def-id="setMediaKeys"></a>.</p>
-
- <table class="old-table">
- <thead>
- <tr>
- <th>Event name</th>
- <th>Interface</th>
- <th>Dispatched when...</th>
- </tr>
- </thead>
- <tbody>
- <tr>
- <td><a def-id="eventdfn">keyschange</a></td>
- <td><a def-id="event"></a></td>
- <td>There has been a change in usable keys in the session.</td>
- </tr>
- <tr>
- <td><a def-id="eventdfn">message</a></td>
- <td><a>MediaKeyMessageEvent</a></td>
- <td>The CDM has generated a message for the session.</td>
- </tr>
- </tbody>
- </table>
- </section>
-
- <section id="mediakeysession-algorithms">
- <h3>Algorithms</h3>
-
- <section id="algorithms-queue-message">
- <h4>Queue a "message" Event</h4>
- <p>The Queue a "message" Event algorithm is run when the CDM needs to queue a message event to a <a def-id="mediakeysession"></a> object.
- Requests to run this algorithm include a target <a def-id="mediakeysession"></a> object, a <var title="true">message type</var>, and a <var title="true">message</var>.
- </p>
- <p>The following steps are run:</p>
- <ol>
- <li><p>Let the <var title="true">session</var> be the specified <a def-id="mediakeysession"></a> object.</p></li>
- <li>
- <p><a def-id="Queue-a-task-to-fire-an-event-named"></a> <a def-id="message"></a> at the <var title="true">session</var>.</p>
- <p>The event is of type <a def-id="MediaKeyMessageEvent"></a> and has:</p>
- <ul style="list-style-type:none"><li>
- <a def-id="message-event-type-attribute"></a> = the specified <var title="true">message type</var><br></br>
- <a def-id="message-event-message-attribute"></a> = the specified <var title="true">message</var>
- </li></ul>
- </li>
- </ol>
- </section>
-
- <section id="algorithms-keys-changed">
- <h4>Usable Keys Changed</h4>
- <p>The Usable Keys Changed algorithm is run when the CDM changes the set of keys in the session that may be used for decryption.
- This can happen as the result of an <a def-id="update"></a> call or some other event.
- Requests to run this algorithm include a target <a def-id="mediakeysession"></a> object.
- </p>
- <p>The following steps are run:</p>
- <ol>
- <li><p>Let the <var title="true">session</var> be the associated <a def-id="mediakeysession"></a> object.</p></li>
- <li><p><a def-id="Queue-a-task-to-fire-an-event-named"></a> <a def-id="keyschange"></a> at the <var title="true">session</var>.</p></li>
- <li><p><a def-id="Queue-a-task-to-run-algorithm"></a> <a def-id="resume-playback-algorithm"></a> on each of the media element(s) whose <a def-id="mediaKeys-attribute"></a> attribute is the MediaKeys object that created the <var title="true">session</var>.</p>
- <p>The user agent MAY choose to skip this step if it knows resuming will fail.</p>
- <p class="note">For example, the user agent may skip this step if no additional keys became available.</p>
- </li>
- </ol>
- </section>
-
- <section id="algorithms-update-expiration">
- <h4>Update Expiration</h4>
- <p>The Update Expiration algorithm is run when the CDM changes the expiration time of a session.
- This can happen as the result of an <a def-id="update"></a> call or some other event.
- Requests to run this algorithm include a target <a def-id="mediakeysession"></a> object and the new expiration time, which may be <code>NaN</code>.
- </p>
- <p>The following steps are run:</p>
- <ol>
- <li><p>Let the <var title="true">session</var> be the associated <a def-id="mediakeysession"></a> object.</p></li>
- <li><p>Let <var title="true">expiration time</var> be <code>NaN</code>.</p></li>
- <li><p>If the new expiration time is not <code>NaN</code>, let <var title="true">expiration time</var> be the new expiration time in milliseconds since 01 January 1970 UTC.</p></li>
- <li><p>Set the <var title="true">session</var>'s <a def-id="expiration"></a> attribute to <var title="true">expiration time</var>.</p></li>
- </ol>
- </section>
-
- <section id="algorithms-session-close">
- <h4>Session Close</h4>
- <p>The Session Close algorithm is run when the CDM closes the session associated with a <a def-id="mediakeysession"></a> object.</p>
- <p class="note">The CDM may close a session at any point, such as in response to a <a def-id="close"></a> call, when the session is no longer needed, or when system resources are lost.
- Keys in other sessions SHOULD be unaffected, even if they have overlapping key IDs.
- </p>
- <p>The following steps are run:</p>
- <ol>
- <li><p>Let the <var title="true">session</var> be the associated <a def-id="mediakeysession"></a> object.</p></li>
- <li><p>Let <var title="true">media keys</var> be the <a def-id="mediakeys"></a> object that created this object.</p></li>
- <li><p>Let <var>promise</var> be the <a def-id="closed"></a> attribute of the <var title="true">session</var>.</p></li>
- <li><p>Resolve <var>promise</var>.</p></li>
- </ol>
- </section>
- </section>
-
- <section id="exceptions">
- <h3>Exceptions</h3>
- <p id="error-names">The methods report errors by rejecting the returned promise with a <a def-id="domexception"></a>.
- The following <a def-id="domexception-names">DOMException names from WebIDL</a> are used in the algorithms.
- Causes specified specified in the algorithms are listed alongside each name, though these names MAY be used for other reasons as well.
- </p>
-
- <table class="old-table">
- <tbody>
- <tr>
- <th>Name</th>
- <th>Possible Causes (non-exhaustive)</th>
- </tr>
- <tr>
- <td><dfn id="dfn-NotSupportedError"><code>NotSupportedError</code></dfn></td>
- <td>
- The existing MediaKeys object cannot be removed.<br/>
- The key system is not supported.<br/>
- The key system is not supported on insecure origins.<br/>
- The initialization data type is not supported by the key system.<br/>
- The session type is not supported by the key system.<br/>
- The initialization data is not supported by the key system.<br/>
- The operation is not supported by the key system.
- </td>
- </tr>
- <tr>
- <td><dfn id="dfn-InvalidStateError"><code>InvalidStateError</code></dfn></td>
- <td>The existing MediaKeys object cannot be removed at this time.<br/>
- The session has already been used.<br/>
- The session is not yet initialized.<br/>
- The session is closed.
- </td>
- </tr>
- <tr>
- <td><dfn id="dfn-InvalidAccessError"><code>InvalidAccessError</code></dfn></td>
- <td>
- The parameter is empty.<br/>
- Invalid initialization data.<br/>
- The operation is not supported on sessions of this type.<br/>
- Invalid response format.<br/>
- A persistent license was provided for a "temporary" session.
- </td>
- </tr>
- <tr>
- <td><dfn id="dfn-QuotaExceededError"><code>QuotaExceededError</code></dfn></td>
- <td>The MediaKeys object cannot be used with additional HTMLMediaElements.<br/>
- A non-closed session already exists for this sessionId.
- </td>
- </tr>
- </tbody>
- </table>
- </section>
-
- <section id="session-storage">
- <h3>Session Storage and Persistence</h3>
- <p>This section provides an overview of session stroage and persistence that complements the algorithms.</p>
- <p>If this object's <var title="true">session type</var> is not <a def-id="persistent-session"></a>, the user agent and CDM MUST NOT persist a record of or data related to the session at any point.
- This includes license(s), key(s), and the <a def-id="session-id"></a>.
- </p>
- <p>The remainder of this section applies to <a def-id="persistent-session"></a> sessions, which are OPTIONAL for implementatations to support.</p>
- <p>Persisted data MUST always be stored such that only the <a def-id="origin"></a> of this object's <a def-id="document-concept"></a> can access it.
- In addition, the data MUST only be accessible by the current profile of this user agent - other user agent profiles, user agents, and applications MUST NOT be able to access the stored data.
- </p>
- <p>The CDM SHOULD NOT store session data, including the Session ID, until <a def-id="update"></a> is called the first time.
- Specifically, the CDM SHOULD NOT store session data during the <a def-id="generateRequest"></a> algorithm.
- This ensures that the application is aware of the session and knows it needs to eventually remove it.
- </p>
- <p>The CDM MUST ensure that data for a given session is only present in one active unclosed session in any <a def-id="document-concept"></a>.
- In other words, <a def-id="load"></a> MUST fail when there is already a <a def-id="mediakeysession"></a> representing the session specified by the <var title="true">sessionId</var> parameter, either because the object that created it via <a def-id="generateRequest"></a> is still active or it has been loaded into another object via <a def-id="load"></a>.
- A session MAY only be loaded again after the <a def-id="session-close-algorithm"></a> has not been run on the object representing it.
- </p>
- <p>An application that creates a <a def-id="persistent-session"></a> session SHOULD later remove the stored data using <a def-id="remove"></a>.
- The CDM MAY also remove sessions as appropriate, but applications SHOULD NOT rely on this.
- </p>
- <p class="note">See the <a href="#security">Security Considerations</a> and <a href="#privacy">Privacy Considerations</a> sections for additional considerations when supporting persistent storage.</p>
- </section>
+
+ <section id="mediakeysession-events" class="informative">
+ <h3>Event Summary</h3>
+
+ <p class="note">In some implementations, <a def-id="mediakeysession"></a> objects may not fire any events until the <a def-id="mediakeys"></a> object is associated with a media element using <a def-id="setMediaKeys"></a>.</p>
+
+ <table class="old-table">
+ <thead>
+ <tr>
+ <th>Event name</th>
+ <th>Interface</th>
+ <th>Dispatched when...</th>
+ </tr>
+ </thead>
+ <tbody>
+ <tr>
+ <td><a def-id="eventdfn">keyschange</a></td>
+ <td><a def-id="event"></a></td>
+ <td>There has been a change in usable keys in the session.</td>
+ </tr>
+ <tr>
+ <td><a def-id="eventdfn">message</a></td>
+ <td><a>MediaKeyMessageEvent</a></td>
+ <td>The CDM has generated a message for the session.</td>
+ </tr>
+ </tbody>
+ </table>
+ </section>
+
+ <section id="mediakeysession-algorithms">
+ <h3>Algorithms</h3>
+
+ <section id="algorithms-queue-message">
+ <h4>Queue a "message" Event</h4>
+ <p>The Queue a "message" Event algorithm is run when the CDM needs to queue a message event to a <a def-id="mediakeysession"></a> object.
+ Requests to run this algorithm include a target <a def-id="mediakeysession"></a> object, a <var title="true">message type</var>, and a <var title="true">message</var>.
+ </p>
+ <p>The following steps are run:</p>
+ <ol>
+ <li><p>Let the <var title="true">session</var> be the specified <a def-id="mediakeysession"></a> object.</p></li>
+ <li>
+ <p><a def-id="Queue-a-task-to-fire-an-event-named"></a> <a def-id="message"></a> at the <var title="true">session</var>.</p>
+ <p>The event is of type <a def-id="MediaKeyMessageEvent"></a> and has:</p>
+ <ul style="list-style-type:none"><li>
+ <a def-id="message-event-type-attribute"></a> = the specified <var title="true">message type</var><br></br>
+ <a def-id="message-event-message-attribute"></a> = the specified <var title="true">message</var>
+ </li></ul>
+ </li>
+ </ol>
+ </section>
+
+ <section id="algorithms-keys-changed">
+ <h4>Usable Keys Changed</h4>
+ <p>The Usable Keys Changed algorithm is run when the CDM changes the set of keys in the session that may be used for decryption.
+ This can happen as the result of an <a def-id="update"></a> call or some other event.
+ Requests to run this algorithm include a target <a def-id="mediakeysession"></a> object.
+ </p>
+ <p>The following steps are run:</p>
+ <ol>
+ <li><p>Let the <var title="true">session</var> be the associated <a def-id="mediakeysession"></a> object.</p></li>
+ <li><p><a def-id="Queue-a-task-to-fire-an-event-named"></a> <a def-id="keyschange"></a> at the <var title="true">session</var>.</p></li>
+ <li><p><a def-id="Queue-a-task-to-run-algorithm"></a> <a def-id="resume-playback-algorithm"></a> on each of the media element(s) whose <a def-id="mediaKeys-attribute"></a> attribute is the MediaKeys object that created the <var title="true">session</var>.</p>
+ <p>The user agent MAY choose to skip this step if it knows resuming will fail.</p>
+ <p class="note">For example, the user agent may skip this step if no additional keys became available.</p>
+ </li>
+ </ol>
+ </section>
+
+ <section id="algorithms-update-expiration">
+ <h4>Update Expiration</h4>
+ <p>The Update Expiration algorithm is run when the CDM changes the expiration time of a session.
+ This can happen as the result of an <a def-id="update"></a> call or some other event.
+ Requests to run this algorithm include a target <a def-id="mediakeysession"></a> object and the new expiration time, which may be <code>NaN</code>.
+ </p>
+ <p>The following steps are run:</p>
+ <ol>
+ <li><p>Let the <var title="true">session</var> be the associated <a def-id="mediakeysession"></a> object.</p></li>
+ <li><p>Let <var title="true">expiration time</var> be <code>NaN</code>.</p></li>
+ <li><p>If the new expiration time is not <code>NaN</code>, let <var title="true">expiration time</var> be the new expiration time in milliseconds since 01 January 1970 UTC.</p></li>
+ <li><p>Set the <var title="true">session</var>'s <a def-id="expiration"></a> attribute to <var title="true">expiration time</var>.</p></li>
+ </ol>
+ </section>
+
+ <section id="algorithms-session-close">
+ <h4>Session Close</h4>
+ <p>The Session Close algorithm is run when the CDM closes the session associated with a <a def-id="mediakeysession"></a> object.</p>
+ <p class="note">The CDM may close a session at any point, such as in response to a <a def-id="close"></a> call, when the session is no longer needed, or when system resources are lost.
+ Keys in other sessions SHOULD be unaffected, even if they have overlapping key IDs.
+ </p>
+ <p>The following steps are run:</p>
+ <ol>
+ <li><p>Let the <var title="true">session</var> be the associated <a def-id="mediakeysession"></a> object.</p></li>
+ <li><p>Let <var title="true">media keys</var> be the <a def-id="mediakeys"></a> object that created this object.</p></li>
+ <li><p>Let <var>promise</var> be the <a def-id="closed"></a> attribute of the <var title="true">session</var>.</p></li>
+ <li><p>Resolve <var>promise</var>.</p></li>
+ </ol>
+ </section>
+ </section>
+
+ <section id="exceptions">
+ <h3>Exceptions</h3>
+ <p id="error-names">The methods report errors by rejecting the returned promise with a <a def-id="domexception"></a>.
+ The following <a def-id="domexception-names">DOMException names from WebIDL</a> are used in the algorithms.
+ Causes specified specified in the algorithms are listed alongside each name, though these names MAY be used for other reasons as well.
+ </p>
+
+ <table class="old-table">
+ <tbody>
+ <tr>
+ <th>Name</th>
+ <th>Possible Causes (non-exhaustive)</th>
+ </tr>
+ <tr>
+ <td><dfn id="dfn-NotSupportedError"><code>NotSupportedError</code></dfn></td>
+ <td>
+ The existing MediaKeys object cannot be removed.<br/>
+ The key system is not supported.<br/>
+ The key system is not supported on insecure origins.<br/>
+ The initialization data type is not supported by the key system.<br/>
+ The session type is not supported by the key system.<br/>
+ The initialization data is not supported by the key system.<br/>
+ The operation is not supported by the key system.
+ </td>
+ </tr>
+ <tr>
+ <td><dfn id="dfn-InvalidStateError"><code>InvalidStateError</code></dfn></td>
+ <td>The existing MediaKeys object cannot be removed at this time.<br/>
+ The session has already been used.<br/>
+ The session is not yet initialized.<br/>
+ The session is closed.
+ </td>
+ </tr>
+ <tr>
+ <td><dfn id="dfn-InvalidAccessError"><code>InvalidAccessError</code></dfn></td>
+ <td>
+ The parameter is empty.<br/>
+ Invalid initialization data.<br/>
+ The operation is not supported on sessions of this type.<br/>
+ Invalid response format.<br/>
+ A persistent license was provided for a "temporary" session.
+ </td>
+ </tr>
+ <tr>
+ <td><dfn id="dfn-QuotaExceededError"><code>QuotaExceededError</code></dfn></td>
+ <td>The MediaKeys object cannot be used with additional HTMLMediaElements.<br/>
+ A non-closed session already exists for this sessionId.
+ </td>
+ </tr>
+ </tbody>
+ </table>
+ </section>
+
+ <section id="session-storage">
+ <h3>Session Storage and Persistence</h3>
+ <p>This section provides an overview of session stroage and persistence that complements the algorithms.</p>
+ <p>If this object's <var title="true">session type</var> is not <a def-id="persistent-session"></a>, the user agent and CDM MUST NOT persist a record of or data related to the session at any point.
+ This includes license(s), key(s), and the <a def-id="session-id"></a>.
+ </p>
+ <p>The remainder of this section applies to <a def-id="persistent-session"></a> sessions, which are OPTIONAL for implementatations to support.</p>
+ <p>Persisted data MUST always be stored such that only the <a def-id="origin"></a> of this object's <a def-id="document-concept"></a> can access it.
+ In addition, the data MUST only be accessible by the current profile of this user agent - other user agent profiles, user agents, and applications MUST NOT be able to access the stored data.
+ </p>
+ <p>The CDM SHOULD NOT store session data, including the Session ID, until <a def-id="update"></a> is called the first time.
+ Specifically, the CDM SHOULD NOT store session data during the <a def-id="generateRequest"></a> algorithm.
+ This ensures that the application is aware of the session and knows it needs to eventually remove it.
+ </p>
+ <p>The CDM MUST ensure that data for a given session is only present in one active unclosed session in any <a def-id="document-concept"></a>.
+ In other words, <a def-id="load"></a> MUST fail when there is already a <a def-id="mediakeysession"></a> representing the session specified by the <var title="true">sessionId</var> parameter, either because the object that created it via <a def-id="generateRequest"></a> is still active or it has been loaded into another object via <a def-id="load"></a>.
+ A session MAY only be loaded again after the <a def-id="session-close-algorithm"></a> has not been run on the object representing it.
+ </p>
+ <p>An application that creates a <a def-id="persistent-session"></a> session SHOULD later remove the stored data using <a def-id="remove"></a>.
+ The CDM MAY also remove sessions as appropriate, but applications SHOULD NOT rely on this.
+ </p>
+ <p class="note">See the <a href="#security">Security Considerations</a> and <a href="#privacy">Privacy Considerations</a> sections for additional considerations when supporting persistent storage.</p>
+ </section>
</section>
<section id="htmlmediaelement-extensions">
- <h2>HTMLMediaElement Extensions</h2>
- <p>This section specifies additions to and modifications of the <a def-id="htmlmediaelement"></a> [[!HTML5]] when the Encrypted Media Extensions are supported.</p>
-
- <p>For methods that return a promise, all errors are reported asynchronously by rejecting the returned Promise. This includes WebIDL type mapping errors.</p>
- <p>The steps of an algorithm are always aborted when resolving or rejecting a promise.</p>
-
- <dl title="enum MediaWaitingFor" class="idl">
- <dt>none</dt>
- <dd>
- The media element is not waiting for anything.
- </dd>
- <dt>data</dt>
- <dd>
- The media element is not waiting for data.
- </dd>
- <dt>key</dt>
- <dd>
- The media element is not waiting for a key.
- </dd>
- </dl>
-
- <dl title="partial interface HTMLMediaElement : EventTarget" class='idl'>
- <dt>readonly attribute MediaKeys? mediaKeys</dt>
- <dd>
- <p>The <a def-id="mediakeys"></a> being used when decrypting encrypted <a def-id="media-data"></a> for this media element.</p>
- </dd>
-
- <dt>readonly attribute MediaWaitingFor waitingFor</dt>
- <dd>
- <p>Indicates what the media element is waiting for, if anything (indicated by the <a def-id="waiting"></a> and <a def-id="canplay"></a> events). This is described in the <a def-id="encrypted-block-algorithm"></a>.</p>
- </dd>
-
- <dt>attribute EventHandler onencrypted</dt>
- <dd>
- <p>Event handler for the <a def-id="encrypted"></a> event MUST be supported by all HTMLMediaElements as both a content attribute and an IDL attribute.</p>
- </dd>
-
- <dt>Promise<void> setMediaKeys(MediaKeys? mediaKeys)</dt>
- <dd>
- <p>Provides the <a def-id="mediakeys"></a> to use when decrypting media data during playback.</p>
-
- <ol class="method-algorithm">
- <!-- For simplicity and consistency, do not allow multiple pending calls. -->
- <li><p>If <var>mediaKeys</var> and the <a def-id="mediaKeys-attribute"></a> attribute are the same object, return a resolved promise.</p></li>
- <li><p>If this object's <var title="true">attaching media keys</var> value is true, return a promise rejected with <a def-id="new-domexception-named"></a> <a def-id="InvalidStateError"></a>.</p></li>
- <li><p>Let this object's <var title="true">attaching media keys</var> value be true.</p></li>
- <li><p>Let <var>promise</var> be a new promise.</p></li>
- <li><p>Run the following steps asynchronously:</p>
- <ol>
- <li><p>If <var>mediaKeys</var> is not null, it is already in use by another media element, and the user agent is unable to use it with this element, let this object's <var title="true">attaching media keys</var> value be false and reject <var>promise</var> with <a def-id="new-domexception-named"></a> <a def-id="QuotaExceededError"></a>.</p></li>
- <li><p>If the <a def-id="mediaKeys-attribute"></a> attribute is not null, run the following steps:</p>
- <ol>
- <li><p>If the user agent or CDM do not support removing the association, let this object's <var title="true">attaching media keys</var> value be false and reject <var>promise</var> with <a def-id="new-domexception-named"></a> <a def-id="NotSupportedError"></a>.</p></li>
- <li><p>If the association cannot currently be removed, let this object's <var title="true">attaching media keys</var> value be false and reject <var>promise</var> with <a def-id="new-domexception-named"></a> <a def-id="InvalidStateError"></a>.</p>
- <p class="note">For example, some implementations may not allow removal during playback.</p>
- </li>
- <li><p>Stop using the CDM instance represented by the <a def-id="mediaKeys-attribute"></a> attribute to decrypt <a def-id="media-data"></a> and remove the association with the media element.</p></li>
- <li><p>If the preceding step failed, let this object's <var title="true">attaching media keys</var> value be false and reject <var>promise</var> with <a def-id="new-domexception-named"></a> <a def-id="appropriate-error-name"></a>.</p></li>
- </ol>
- </li>
- <li><p>If <var>mediaKeys</var> is not null, run the following steps:</p>
- <ol>
- <li><p>Associate the CDM instance represented by <var>mediaKeys</var> with the media element for decrypting <a def-id="media-data"></a>.</p></li>
- <li><p>If the preceding step failed, run the following steps:</p>
- <ol>
- <li><p>Set the <a def-id="mediaKeys-attribute"></a> attribute to null.</p></li><!-- In case it was previously not null since the previous association has been removed. -->
- <li><p>Let this object's <var title="true">attaching media keys</var> value be false.</p></li>
- <li><p>Reject <var>promise</var> with <a def-id="new-domexception-named"></a> <a def-id="appropriate-error-name"></a>.</p></li>
- </ol>
- </li>
- <li><p><a def-id="Queue-a-task-to-run-algorithm"></a> <a def-id="resume-playback-algorithm"></a> on the media element.</p>
- <p>The user agent MAY choose to skip this step if it knows resuming will fail.<p>
- <p class="note">For example, the user agent may skip this step if <var>mediaKeys</var> has no sessions.</p>
- </li>
- </ol>
- </li>
- <li><p>Set the <a def-id="mediaKeys-attribute"></a> attribute to <var>mediaKeys</var>.</p></li>
- <li><p>Let this object's <var title="true">attaching media keys</var> value be false.</p></li>
- <li><p>Resolve <var>promise</var>.</p></li>
- </ol>
- </li>
- <li><p>Return <var>promise</var>.</p></li>
- </ol>
-
- <p class="note">Support for clearing or replacing the associated <a def-id="mediakeys"></a> object during playback is a quality of implementation issue. In many cases it will result in a bad user experience or rejected promise.</p>
- <p class="note">As a best practice, applications should create a MediaKeys object and call <a def-id="setMediaKeys"></a> before providing <a def-id="media-data"></a> (for example, setting the <a def-id="media-src"></a> attribute). This avoids potential delays in some implementations.</p>
- </dd>
- </dl>
-
- <section id="mediaencryptedevent">
- <h3>MediaEncryptedEvent</h3>
- <p>The MediaEncryptedEvent object is used for the <a def-id="encrypted"></a> event.</p>
- <p>Events are constructed as defined in <a def-id="constructing-events"></a> [[!DOM]].</p>
-
- <dl title="interface MediaEncryptedEvent : Event" class="idl">
- <dt class="extended-attribute">
- Constructor(DOMString type, optional MediaEncryptedEventInit eventInitDict)
- </dt>
+ <h2>HTMLMediaElement Extensions</h2>
+ <p>This section specifies additions to and modifications of the <a def-id="htmlmediaelement"></a> [[!HTML5]] when the Encrypted Media Extensions are supported.</p>
+
+ <p>For methods that return a promise, all errors are reported asynchronously by rejecting the returned Promise. This includes WebIDL type mapping errors.</p>
+ <p>The steps of an algorithm are always aborted when resolving or rejecting a promise.</p>
+
+ <dl title="enum MediaWaitingFor" class="idl">
+ <dt>none</dt>
<dd>
-
- <dt>readonly attribute DOMString initDataType</dt>
+ The media element is not waiting for anything.
+ </dd>
+ <dt>data</dt>
<dd>
- Indicates the <a def-id="initialization-data-type"></a> of the <a def-id="initialization-data"></a> contained in the <a def-id="encrypted-event-initdata-attribute"></a> attribute.
+ The media element is not waiting for data.
</dd>
-
- <dt>readonly attribute ArrayBuffer? initData</dt>
+ <dt>key</dt>
<dd>
- The <a def-id="initialization-data"></a> for the event.
+ The media element is not waiting for a key.
</dd>
</dl>
-
- <section id="mediaencryptedeventinit">
- <h4>MediaEncryptedEventInit</h4>
- <dl title="dictionary MediaEncryptedEventInit : EventInit" class="idl">
- <dt>DOMString initDataType = ""</dt>
+
+ <dl title="partial interface HTMLMediaElement : EventTarget" class='idl'>
+ <dt>readonly attribute MediaKeys? mediaKeys</dt>
+ <dd>
+ <p>The <a def-id="mediakeys"></a> being used when decrypting encrypted <a def-id="media-data"></a> for this media element.</p>
+ </dd>
+
+ <dt>readonly attribute MediaWaitingFor waitingFor</dt>
+ <dd>
+ <p>Indicates what the media element is waiting for, if anything (indicated by the <a def-id="waiting"></a> and <a def-id="canplay"></a> events). This is described in the <a def-id="encrypted-block-algorithm"></a>.</p>
+ </dd>
+
+ <dt>attribute EventHandler onencrypted</dt>
+ <dd>
+ <p>Event handler for the <a def-id="encrypted"></a> event MUST be supported by all HTMLMediaElements as both a content attribute and an IDL attribute.</p>
+ </dd>
+
+ <dt>Promise<void> setMediaKeys(MediaKeys? mediaKeys)</dt>
+ <dd>
+ <p>Provides the <a def-id="mediakeys"></a> to use when decrypting media data during playback.</p>
+
+ <ol class="method-algorithm">
+ <!-- For simplicity and consistency, do not allow multiple pending calls. -->
+ <li><p>If <var>mediaKeys</var> and the <a def-id="mediaKeys-attribute"></a> attribute are the same object, return a resolved promise.</p></li>
+ <li><p>If this object's <var title="true">attaching media keys</var> value is true, return a promise rejected with <a def-id="new-domexception-named"></a> <a def-id="InvalidStateError"></a>.</p></li>
+ <li><p>Let this object's <var title="true">attaching media keys</var> value be true.</p></li>
+ <li><p>Let <var>promise</var> be a new promise.</p></li>
+ <li><p>Run the following steps asynchronously:</p>
+ <ol>
+ <li><p>If <var>mediaKeys</var> is not null, it is already in use by another media element, and the user agent is unable to use it with this element, let this object's <var title="true">attaching media keys</var> value be false and reject <var>promise</var> with <a def-id="new-domexception-named"></a> <a def-id="QuotaExceededError"></a>.</p></li>
+ <li><p>If the <a def-id="mediaKeys-attribute"></a> attribute is not null, run the following steps:</p>
+ <ol>
+ <li><p>If the user agent or CDM do not support removing the association, let this object's <var title="true">attaching media keys</var> value be false and reject <var>promise</var> with <a def-id="new-domexception-named"></a> <a def-id="NotSupportedError"></a>.</p></li>
+ <li><p>If the association cannot currently be removed, let this object's <var title="true">attaching media keys</var> value be false and reject <var>promise</var> with <a def-id="new-domexception-named"></a> <a def-id="InvalidStateError"></a>.</p>
+ <p class="note">For example, some implementations may not allow removal during playback.</p>
+ </li>
+ <li><p>Stop using the CDM instance represented by the <a def-id="mediaKeys-attribute"></a> attribute to decrypt <a def-id="media-data"></a> and remove the association with the media element.</p></li>
+ <li><p>If the preceding step failed, let this object's <var title="true">attaching media keys</var> value be false and reject <var>promise</var> with <a def-id="new-domexception-named"></a> <a def-id="appropriate-error-name"></a>.</p></li>
+ </ol>
+ </li>
+ <li><p>If <var>mediaKeys</var> is not null, run the following steps:</p>
+ <ol>
+ <li><p>Associate the CDM instance represented by <var>mediaKeys</var> with the media element for decrypting <a def-id="media-data"></a>.</p></li>
+ <li><p>If the preceding step failed, run the following steps:</p>
+ <ol>
+ <li><p>Set the <a def-id="mediaKeys-attribute"></a> attribute to null.</p></li><!-- In case it was previously not null since the previous association has been removed. -->
+ <li><p>Let this object's <var title="true">attaching media keys</var> value be false.</p></li>
+ <li><p>Reject <var>promise</var> with <a def-id="new-domexception-named"></a> <a def-id="appropriate-error-name"></a>.</p></li>
+ </ol>
+ </li>
+ <li><p><a def-id="Queue-a-task-to-run-algorithm"></a> <a def-id="resume-playback-algorithm"></a> on the media element.</p>
+ <p>The user agent MAY choose to skip this step if it knows resuming will fail.<p>
+ <p class="note">For example, the user agent may skip this step if <var>mediaKeys</var> has no sessions.</p>
+ </li>
+ </ol>
+ </li>
+ <li><p>Set the <a def-id="mediaKeys-attribute"></a> attribute to <var>mediaKeys</var>.</p></li>
+ <li><p>Let this object's <var title="true">attaching media keys</var> value be false.</p></li>
+ <li><p>Resolve <var>promise</var>.</p></li>
+ </ol>
+ </li>
+ <li><p>Return <var>promise</var>.</p></li>
+ </ol>
+
+ <p class="note">Support for clearing or replacing the associated <a def-id="mediakeys"></a> object during playback is a quality of implementation issue. In many cases it will result in a bad user experience or rejected promise.</p>
+ <p class="note">As a best practice, applications should create a MediaKeys object and call <a def-id="setMediaKeys"></a> before providing <a def-id="media-data"></a> (for example, setting the <a def-id="media-src"></a> attribute). This avoids potential delays in some implementations.</p>
+ </dd>
+ </dl>
+
+ <section id="mediaencryptedevent">
+ <h3>MediaEncryptedEvent</h3>
+ <p>The MediaEncryptedEvent object is used for the <a def-id="encrypted"></a> event.</p>
+ <p>Events are constructed as defined in <a def-id="constructing-events"></a> [[!DOM]].</p>
+
+ <dl title="interface MediaEncryptedEvent : Event" class="idl">
+ <dt class="extended-attribute">
+ Constructor(DOMString type, optional MediaEncryptedEventInit eventInitDict)
+ </dt>
<dd>
- The <a def-id="initialization-data-type"></a>.
+
+ <dt>readonly attribute DOMString initDataType</dt>
+ <dd>
+ Indicates the <a def-id="initialization-data-type"></a> of the <a def-id="initialization-data"></a> contained in the <a def-id="encrypted-event-initdata-attribute"></a> attribute.
</dd>
- <dt>ArrayBuffer? initData = null</dt>
+
+ <dt>readonly attribute ArrayBuffer? initData</dt>
<dd>
- The <a def-id="initialization-data"></a>.
+ The <a def-id="initialization-data"></a> for the event.
</dd>
</dl>
+
+ <section id="mediaencryptedeventinit">
+ <h4>MediaEncryptedEventInit</h4>
+ <dl title="dictionary MediaEncryptedEventInit : EventInit" class="idl">
+ <dt>DOMString initDataType = ""</dt>
+ <dd>
+ The <a def-id="initialization-data-type"></a>.
+ </dd>
+ <dt>ArrayBuffer? initData = null</dt>
+ <dd>
+ The <a def-id="initialization-data"></a>.
+ </dd>
+ </dl>
+ </section>
</section>
- </section>
-
- <section id="htmlmediaelement-events" class="informative">
- <h3>Event Summary</h3>
-
- <table class="old-table">
- <thead>
- <tr>
- <th>Event name</th>
- <th>Interface</th>
- <th>Dispatched when...</th>
- <th>Preconditions</th>
- </tr>
- </thead>
- <tbody>
- <tr>
- <td><a def-id="eventdfn">encrypted</a></td>
- <td><a>MediaEncryptedEvent</a></td>
- <td>The user agent encounters <a def-id="initialization-data"></a> in the <a def-id="media-data"></a>.</td>
- <td><a def-id="readystate"></a> is equal to <a def-id="have-metadata"></a> or greater.
- <p class="note">It is possible that the element is playing or has played.</p>
- </td>
- </tr>
- </tbody>
- </table>
- </section>
-
- <section id="htmlmediaelement-algorithms">
- <h3>Algorithms</h3>
-
- <section id="algorithms-initdata-encountered">
- <h4>Initialization Data Encountered</h4>
- <p>The following steps are run when the media element encounters <a def-id="initialization-data"></a> in the <a def-id="media-data"></a> during the <a def-id="resource-fetch-algorithm"></a>:</p>
-
- <ol>
- <li><p>Let <var title="">initDataType</var> be the empty string.</p></li>
- <li><p>Let <var title="">initData</var> be null.</p></li>
- <li>
- <p>If the <a def-id="media-data"></a> is <a def-id="cors-same-origin"></a> and <em>not</em> <a href="#mixed-content">mixed content</a>, run the following steps:</p>
- <ol>
- <li><p>Let <var title="">initDataType</var> be the string representing the <a def-id="initialization-data-type"></a> of the Initialization Data.</p></li>
- <li><p>Let <var title="">initData</var> be the Initialization Data.</p></li>
- </ol>
- <p class="note">While the media element may allow loading of "Optionally-blockable Content" [MIXED-CONTENT], the user agent MUST NOT expose Initialization Data from such media data to the application.</p>
- </li>
- <li>
- <p><a def-id="Queue-a-task-to-fire-an-event-named"></a> <a def-id="encrypted"></a> at the media element.</p>
- <p>The event is of type <a def-id="MediaEncryptedEvent"></a> and has:</p>
- <ul style="list-style-type:none"><li>
- <a def-id="encrypted-event-initdatatype-attribute"></a> = <var title="">initDataType</var><br></br>
- <a def-id="encrypted-event-initdata-attribute"></a> = <var title="">initData</var>
- </li></ul>
- <p class="note"><a def-id="readystate"></a> is <em>not</em> changed and no algorithms are aborted. This event merely provides information.</p>
- <p class="note">The <a def-id="encrypted-event-initdata-attribute"></a> attribute will be null if the media data is <em>not</em> <a def-id="cors-same-origin"></a> or is <a href="#mixed-content">mixed content</a>.
- Applications may retrieve the Initialization Data from an alternate source.
- </p>
- </li>
-
- <li><p><i>Continue Normal Flow</i>: Continue with the existing media element's <a def-id="resource-fetch-algorithm"></a>.</p></li>
- </ol>
- </section>
-
- <section id="algorithms-encrypted-block">
- <h4>Encrypted Block Encountered</h4>
- <p>The following steps are run when the media element encounters a block of encrypted <a def-id="media-data"></a> during the <a def-id="resource-fetch-algorithm"></a>:</p>
-
- <ol>
- <li><p>If the media element's <a def-id="mediaKeys-attribute"></a> attribute is not null, run the following steps:</p>
- <ol>
- <li><p>Let <var title="true">media keys</var> be the <a def-id="mediakeys"></a> object referenced by that atribute.</p></li>
- <li><p>Let <var title="true">cdm</var> be the CDM loaded during the <a def-id="mediakeys-initialization">initialization</a> of the <var title="true">media keys</var>.</p></li>
- <li><p>If there is at least one <a def-id="mediakeysession"></a> created by the <var title="true">media keys</var> on which the <a def-id="session-close-algorithm"></a> has not been run, run the following steps:</p>
- <p class="note">This check ensures the <var title="true">cdm</var> has finished loading and is a prequisite for a matching key being available.</p>
- <ol>
- <li><p>Let the <var title="true">block key ID</var> be the key ID of the current block.</p>
- <p class="note">The key ID is generally specified by the container.</p>
- </li>
- <li><p>Use the <var title="true">cdm</var> to execute the following steps:</p>
- <ol>
- <li><p>Let <var title="true">available keys</var> be the union of keys in sessions that were created by the <var title="true">media keys</var>.</p></li>
- <li><p>Follow the steps for the first matching condition from the following list:</p>
- <dl class="switch">
- <dt>If any of the <var title="true">available keys</var> corresponds to the <var title="">block key ID</var> and is usable</dt>
- <dd>Run the following steps:
+
+ <section id="htmlmediaelement-events" class="informative">
+ <h3>Event Summary</h3>
+
+ <table class="old-table">
+ <thead>
+ <tr>
+ <th>Event name</th>
+ <th>Interface</th>
+ <th>Dispatched when...</th>
+ <th>Preconditions</th>
+ </tr>
+ </thead>
+ <tbody>
+ <tr>
+ <td><a def-id="eventdfn">encrypted</a></td>
+ <td><a>MediaEncryptedEvent</a></td>
+ <td>The user agent encounters <a def-id="initialization-data"></a> in the <a def-id="media-data"></a>.</td>
+ <td><a def-id="readystate"></a> is equal to <a def-id="have-metadata"></a> or greater.
+ <p class="note">It is possible that the element is playing or has played.</p>
+ </td>
+ </tr>
+ </tbody>
+ </table>
+ </section>
+
+ <section id="htmlmediaelement-algorithms">
+ <h3>Algorithms</h3>
+
+ <section id="algorithms-initdata-encountered">
+ <h4>Initialization Data Encountered</h4>
+ <p>The following steps are run when the media element encounters <a def-id="initialization-data"></a> in the <a def-id="media-data"></a> during the <a def-id="resource-fetch-algorithm"></a>:</p>
+
+ <ol>
+ <li><p>Let <var title="">initDataType</var> be the empty string.</p></li>
+ <li><p>Let <var title="">initData</var> be null.</p></li>
+ <li>
+ <p>If the <a def-id="media-data"></a> is <a def-id="cors-same-origin"></a> and <em>not</em> <a href="#mixed-content">mixed content</a>, run the following steps:</p>
+ <ol>
+ <li><p>Let <var title="">initDataType</var> be the string representing the <a def-id="initialization-data-type"></a> of the Initialization Data.</p></li>
+ <li><p>Let <var title="">initData</var> be the Initialization Data.</p></li>
+ </ol>
+ <p class="note">While the media element may allow loading of "Optionally-blockable Content" [MIXED-CONTENT], the user agent MUST NOT expose Initialization Data from such media data to the application.</p>
+ </li>
+ <li>
+ <p><a def-id="Queue-a-task-to-fire-an-event-named"></a> <a def-id="encrypted"></a> at the media element.</p>
+ <p>The event is of type <a def-id="MediaEncryptedEvent"></a> and has:</p>
+ <ul style="list-style-type:none"><li>
+ <a def-id="encrypted-event-initdatatype-attribute"></a> = <var title="">initDataType</var><br></br>
+ <a def-id="encrypted-event-initdata-attribute"></a> = <var title="">initData</var>
+ </li></ul>
+ <p class="note"><a def-id="readystate"></a> is <em>not</em> changed and no algorithms are aborted. This event merely provides information.</p>
+ <p class="note">The <a def-id="encrypted-event-initdata-attribute"></a> attribute will be null if the media data is <em>not</em> <a def-id="cors-same-origin"></a> or is <a href="#mixed-content">mixed content</a>.
+ Applications may retrieve the Initialization Data from an alternate source.
+ </p>
+ </li>
+
+ <li><p><i>Continue Normal Flow</i>: Continue with the existing media element's <a def-id="resource-fetch-algorithm"></a>.</p></li>
+ </ol>
+ </section>
+
+ <section id="algorithms-encrypted-block">
+ <h4>Encrypted Block Encountered</h4>
+ <p>The following steps are run when the media element encounters a block of encrypted <a def-id="media-data"></a> during the <a def-id="resource-fetch-algorithm"></a>:</p>
+
+ <ol>
+ <li><p>If the media element's <a def-id="mediaKeys-attribute"></a> attribute is not null, run the following steps:</p>
+ <ol>
+ <li><p>Let <var title="true">media keys</var> be the <a def-id="mediakeys"></a> object referenced by that atribute.</p></li>
+ <li><p>Let <var title="true">cdm</var> be the CDM loaded during the <a def-id="mediakeys-initialization">initialization</a> of the <var title="true">media keys</var>.</p></li>
+ <li><p>If there is at least one <a def-id="mediakeysession"></a> created by the <var title="true">media keys</var> on which the <a def-id="session-close-algorithm"></a> has not been run, run the following steps:</p>
+ <p class="note">This check ensures the <var title="true">cdm</var> has finished loading and is a prequisite for a matching key being available.</p>
+ <ol>
+ <li><p>Let the <var title="true">block key ID</var> be the key ID of the current block.</p>
+ <p class="note">The key ID is generally specified by the container.</p>
+ </li>
+ <li><p>Use the <var title="true">cdm</var> to execute the following steps:</p>
<ol>
- <li><p>Let <var title="">block key</var> be the matching key.</p>
- <p class="note">If multiple sessions contain a <em>usable</em> key for the <var title="">block key ID</var>, which key to use is <a def-id="keysystem"></a>-dependent.</p>
- </li>
- <li><p>Use the <var title="true">cdm</var> to decrypt the block using <var title="">block key</var>.</p></li>
+ <li><p>Let <var title="true">available keys</var> be the union of keys in sessions that were created by the <var title="true">media keys</var>.</p></li>
<li><p>Follow the steps for the first matching condition from the following list:</p>
<dl class="switch">
- <dt>If decryption fails</dt>
- <dd>Abort the media element's <a def-id="resource-fetch-algorithm"></a>, run the steps to report a <a def-id="media-element-decode-error"></a> error, and abort these steps.</dd>
- <dt>Otherwise</dt>
- <dd>Run the following steps:
- <ol>
- <li><p>If the <a def-id="waitingFor"></a> attribute on the media element is <a def-id="MediaWaitingFor-key"></a>, set the <a def-id="waitingFor"></a> attribute on the media element to <a def-id="MediaWaitingFor-none"></a>.</p></li>
- <li><p>Abort these steps and process the decrypted block as normal.</p>
- <p class="note">In other words, decode the block.</p>
- </li>
- </ol>
- </dd>
+ <dt>If any of the <var title="true">available keys</var> corresponds to the <var title="">block key ID</var> and is usable</dt>
+ <dd>Run the following steps:
+ <ol>
+ <li><p>Let <var title="">block key</var> be the matching key.</p>
+ <p class="note">If multiple sessions contain a <em>usable</em> key for the <var title="">block key ID</var>, which key to use is <a def-id="keysystem"></a>-dependent.</p>
+ </li>
+ <li><p>Use the <var title="true">cdm</var> to decrypt the block using <var title="">block key</var>.</p></li>
+ <li><p>Follow the steps for the first matching condition from the following list:</p>
+ <dl class="switch">
+ <dt>If decryption fails</dt>
+ <dd>Abort the media element's <a def-id="resource-fetch-algorithm"></a>, run the steps to report a <a def-id="media-element-decode-error"></a> error, and abort these steps.</dd>
+ <dt>Otherwise</dt>
+ <dd>Run the following steps:
+ <ol>
+ <li><p>If the <a def-id="waitingFor"></a> attribute on the media element is <a def-id="MediaWaitingFor-key"></a>, set the <a def-id="waitingFor"></a> attribute on the media element to <a def-id="MediaWaitingFor-none"></a>.</p></li>
+ <li><p>Abort these steps and process the decrypted block as normal.</p>
+ <p class="note">In other words, decode the block.</p>
+ </li>
+ </ol>
+ </dd>
+ </dl>
+ <p class="note">Not all decryption problems (i.e. using the wrong key) will result in a decryption failure. In such cases, no error is fired here but one may be fired during decode.</p>
+ </li>
+ </ol>
+ </dd>
+ <dt>If any of the <var title="true">available keys</var> corresponds to the <var title="">block key ID</var> and is unusable</dt>
+ <dd>
+ <p class="issue"><a href="https://www.w3.org/Bugs/Public/show_bug.cgi?id=26372">Bug 26372</a> - It is TBD whether anything should happen in this case.</p>
+ </dd>
+ <p class="note">Otherwise, there is no key for the <var title="true">block key ID</var> in any session so continue.</p>
</dl>
- <p class="note">Not all decryption problems (i.e. using the wrong key) will result in a decryption failure. In such cases, no error is fired here but one may be fired during decode.</p>
</li>
</ol>
- </dd>
- <dt>If any of the <var title="true">available keys</var> corresponds to the <var title="">block key ID</var> and is unusable</dt>
- <dd>
- <p class="issue"><a href="https://www.w3.org/Bugs/Public/show_bug.cgi?id=26372">Bug 26372</a> - It is TBD whether anything should happen in this case.</p>
- </dd>
- <p class="note">Otherwise, there is no key for the <var title="true">block key ID</var> in any session so continue.</p>
- </dl>
- </li>
- </ol>
+ </li>
+ </ol>
+ </li>
+ </ol>
+ </li>
+ <li>
+ <p>Run the following steps:</p>
+ <p class="note">These steps are reached when there is no usable key for the block.</p>
+ <ol>
+ <li><p>Run the <a def-id="queue-waiting-algorithm"></a> on the media element.</p></li>
+ <li><p>Wait for a signal to resume playback.</p></li>
+ </ol>
+ </li>
+ </ol>
+
+ <div class="note">
+ <p>For frame-based encryption, this may be implemented as follows when the media element attempts to decode a frame as part of the <a def-id="resource-fetch-algorithm"></a>:</p>
+ <ol>
+ <li><p>Let <var title="">encrypted</var> be false.</p></li>
+ <li><p>Detect whether the frame is encrypted.</p>
+ <dl class="switch">
+ <dt>If the frame is encrypted</dt>
+ <dd>Run the steps above.</dd>
+ <dt>Otherwise</dt>
+ <dd>Continue.</dd>
+ </dl>
</li>
+ <li><p>Decode the frame.</p></li>
+ <li><p>Provide the frame for rendering.</p></li>
</ol>
- </li>
- </ol>
- </li>
- <li>
- <p>Run the following steps:</p>
- <p class="note">These steps are reached when there is no usable key for the block.</p>
- <ol>
- <li><p>Run the <a def-id="queue-waiting-algorithm"></a> on the media element.</p></li>
- <li><p>Wait for a signal to resume playback.</p></li>
- </ol>
- </li>
- </ol>
-
- <div class="note">
- <p>For frame-based encryption, this may be implemented as follows when the media element attempts to decode a frame as part of the <a def-id="resource-fetch-algorithm"></a>:</p>
- <ol>
- <li><p>Let <var title="">encrypted</var> be false.</p></li>
- <li><p>Detect whether the frame is encrypted.</p>
- <dl class="switch">
- <dt>If the frame is encrypted</dt>
- <dd>Run the steps above.</dd>
- <dt>Otherwise</dt>
- <dd>Continue.</dd>
- </dl>
- </li>
- <li><p>Decode the frame.</p></li>
- <li><p>Provide the frame for rendering.</p></li>
- </ol>
- </div>
- </section>
+ </div>
+ </section>
+
+ <section id="algorithms-queue-waiting">
+ <h4>Queue a "waiting" Event</h4>
+ <p>The Queue a "waiting" Event algorithm is run when the CDM needs to queue a waiting event to a <a def-id="htmlmediaelement"></a> object.
+ Requests to run this algorithm include a target <a def-id="htmlmediaelement"></a> object.
+ </p>
+ <p>The following steps are run:</p>
+ <ol>
+ <li><p>Let the <var title="true">media element</var> be the specified <a def-id="htmlmediaelement"></a> object.</p></li>
+ <li><p>If the <a def-id="waitingFor"></a> attribute on the <var title="true">media element</var> is not <a def-id="MediaWaitingFor-key"></a>, run the following steps:</p>
+ <ol>
+ <li><p>Set the <a def-id="waitingFor"></a> attribute on the <var title="true">media element</var> to <a def-id="MediaWaitingFor-key"></a>.</p></li>
+ <li><p><a def-id="Queue-a-task-to-fire-an-event-named"></a> <a def-id="waiting"></a> at the <var title="true">media element</var>.</p></li>
+ </ol>
+ </li>
+ <li><p>Suspend playback.</p></li>
+ </ol>
+ </section>
+
+ <section id="algorithms-resume-playback">
+ <h4>Attempt to Resume Playback If Necessary</h4>
+ <p>The Attempt to Resume Playback If Necessary algorithm is run when one or more keys becomes available.
+ If playback is blocked waiting for a key, it resumes playback if a necessary key has been provided.
+ Requests to run this algorithm include a target <a def-id="htmlmediaelement"></a> object.
+ </p>
+
+ <p>The following steps are run:</p>
+ <ol>
+ <li><p>Let the <var title="true">media element</var> be the specified <a def-id="htmlmediaelement"></a> object.</p></li>
+ <li><p>If the <a def-id="waitingFor"></a> attribute on the <var title="true">media element</var> is not <a def-id="MediaWaitingFor-key"></a>, abort these steps.</p></li>
+ <li><p>Attempt to resume the <a def-id="resource-fetch-algorithm"></a> by running the <a def-id="encrypted-block-algorithm"></a>.</p></li>
+ <li><p>If the user agent can advance the <a def-id="current-playback-position"></a> in the <a def-id="direction-of-playback"></a>, run the following steps:</p>
+ <ol>
+ <li><p><a def-id="Queue-a-task-to-fire-an-event-named"></a> <a def-id="canplay"></a> at the <var title="true">media element</var>.</p></li>
+ <li><p>If the <a def-id="paused"></a> attribute on the <var title="true">media element</var> is false, <a def-id="queue-a-task-to-fire-an-event-named"></a> <a def-id="playing"></a> at the <var title="true">media element</var>.</p></li>
+ </ol>
+ <p>Otherwise, the <a def-id="waitingFor"></a> attribute on the <var title="true">media element</var> MUST NOT be <a def-id="MediaWaitingFor-none"></a>.</p>
+ </li>
+ </ol>
+ </section>
+
+ <section id="htmlmediaelement-playing-the-media-resource">
+ <h4>Playing the Media Resource Algorithm Modifications</h4>
+ <p>The following steps are added to <a def-id="readystate"></a> change algorithms in <a def-id="videoref" name="playing-the-media-resource">Playing the media resource</a>:</p>
+ <ul>
+ <li>If a <a def-id="readystate"></a> change queues a task to fire a <a def-id="waiting"></a> event, the user agent MUST also set the <a def-id="waitingFor"></a> attribute on the Media Element to <a def-id="MediaWaitingFor-data"></a>.</li>
+ <li>If a <a def-id="readystate"></a> change queues a task to fire a <a def-id="canplay"></a> event, the user agent MUST also set the <a def-id="waitingFor"></a> attribute on the Media Element to <a def-id="MediaWaitingFor-none"></a>.</li>
+ </ul>
+ </section>
+ </section>
- <section id="algorithms-queue-waiting">
- <h4>Queue a "waiting" Event</h4>
- <p>The Queue a "waiting" Event algorithm is run when the CDM needs to queue a waiting event to a <a def-id="htmlmediaelement"></a> object.
- Requests to run this algorithm include a target <a def-id="htmlmediaelement"></a> object.
- </p>
- <p>The following steps are run:</p>
- <ol>
- <li><p>Let the <var title="true">media element</var> be the specified <a def-id="htmlmediaelement"></a> object.</p></li>
- <li><p>If the <a def-id="waitingFor"></a> attribute on the <var title="true">media element</var> is not <a def-id="MediaWaitingFor-key"></a>, run the following steps:</p>
- <ol>
- <li><p>Set the <a def-id="waitingFor"></a> attribute on the <var title="true">media element</var> to <a def-id="MediaWaitingFor-key"></a>.</p></li>
- <li><p><a def-id="Queue-a-task-to-fire-an-event-named"></a> <a def-id="waiting"></a> at the <var title="true">media element</var>.</p></li>
- </ol>
- </li>
- <li><p>Suspend playback.</p></li>
- </ol>
- </section>
-
- <section id="algorithms-resume-playback">
- <h4>Attempt to Resume Playback If Necessary</h4>
- <p>The Attempt to Resume Playback If Necessary algorithm is run when one or more keys becomes available.
- If playback is blocked waiting for a key, it resumes playback if a necessary key has been provided.
- Requests to run this algorithm include a target <a def-id="htmlmediaelement"></a> object.
- </p>
-
- <p>The following steps are run:</p>
- <ol>
- <li><p>Let the <var title="true">media element</var> be the specified <a def-id="htmlmediaelement"></a> object.</p></li>
- <li><p>If the <a def-id="waitingFor"></a> attribute on the <var title="true">media element</var> is not <a def-id="MediaWaitingFor-key"></a>, abort these steps.</p></li>
- <li><p>Attempt to resume the <a def-id="resource-fetch-algorithm"></a> by running the <a def-id="encrypted-block-algorithm"></a>.</p></li>
- <li><p>If the user agent can advance the <a def-id="current-playback-position"></a> in the <a def-id="direction-of-playback"></a>, run the following steps:</p>
- <ol>
- <li><p><a def-id="Queue-a-task-to-fire-an-event-named"></a> <a def-id="canplay"></a> at the <var title="true">media element</var>.</p></li>
- <li><p>If the <a def-id="paused"></a> attribute on the <var title="true">media element</var> is false, <a def-id="queue-a-task-to-fire-an-event-named"></a> <a def-id="playing"></a> at the <var title="true">media element</var>.</p></li>
- </ol>
- <p>Otherwise, the <a def-id="waitingFor"></a> attribute on the <var title="true">media element</var> MUST NOT be <a def-id="MediaWaitingFor-none"></a>.</p>
- </li>
- </ol>
- </section>
-
- <section id="htmlmediaelement-playing-the-media-resource">
- <h4>Playing the Media Resource Algorithm Modifications</h4>
- <p>The following steps are added to <a def-id="readystate"></a> change algorithms in <a def-id="videoref" name="playing-the-media-resource">Playing the media resource</a>:</p>
- <ul>
- <li>If a <a def-id="readystate"></a> change queues a task to fire a <a def-id="waiting"></a> event, the user agent MUST also set the <a def-id="waitingFor"></a> attribute on the Media Element to <a def-id="MediaWaitingFor-data"></a>.</li>
- <li>If a <a def-id="readystate"></a> change queues a task to fire a <a def-id="canplay"></a> event, the user agent MUST also set the <a def-id="waitingFor"></a> attribute on the Media Element to <a def-id="MediaWaitingFor-none"></a>.</li>
- </ul>
- </section>
- </section>
-
- <section id="media-element-restictions" class="informative">
- <h3>Media Element Restrictions</h3>
- <p>Media data processed by a CDM MAY be unavailable through Javascript APIs in the usual way (for example using the CanvasRenderingContext2D drawImage() method and the AudioContext MediaElementAudioSourceNode).
- This specification does not define conditions for such non-availability of media data, however, if media data is not available to Javascript APIs then these APIs MAY behave as if no media data was present at all.</p>
- <p>Where media rendering is not performed by the UA, for example in the case of a hardware protected media pipeline, then the full set of HTML rendering capabilities, for example CSS Transforms, MAY be unavailable. One likely restriction is that
- video media MAY be constrained to appear only in rectangular regions with sides parallel to the edges of the window and with normal orientation.</p>
- </section>
+ <section id="media-element-restictions" class="informative">
+ <h3>Media Element Restrictions</h3>
+ <p>Media data processed by a CDM MAY be unavailable through Javascript APIs in the usual way (for example using the CanvasRenderingContext2D drawImage() method and the AudioContext MediaElementAudioSourceNode).
+ This specification does not define conditions for such non-availability of media data, however, if media data is not available to Javascript APIs then these APIs MAY behave as if no media data was present at all.</p>
+ <p>Where media rendering is not performed by the UA, for example in the case of a hardware protected media pipeline, then the full set of HTML rendering capabilities, for example CSS Transforms, MAY be unavailable. One likely restriction is that
+ video media MAY be constrained to appear only in rectangular regions with sides parallel to the edges of the window and with normal orientation.</p>
+ </section>
</section>
<section id="common-key-systems">
- <h2>Common Key Systems</h2>
- <p>All user agents MUST support the common key systems described in this section.<p>
- <p class="note">This ensures that there is a common baseline level of protection that is guaranteed to be supported in all user agents, including those that are entirely open source.
- Thus, content providers that need only basic protection can build simple applications that will work on all platforms without needing to work with any content protection providers.
- </p>
-
- <span id="simple-decryption-clear-key"></span> <!-- Legacy anchor name. -->
- <section id="clear-key">
- <h3>Clear Key</h3>
- <p>The <code>"org.w3.clearkey"</code> <a def-id="keysystem"></a> uses plain-text clear (unencrypted) key(s) to decrypt the source.
- No additional client-side content protection is required.
- This Key System is described below.
- </p>
+ <h2>Common Key Systems</h2>
+ <p>All user agents MUST support the common key systems described in this section.<p>
+ <p class="note">This ensures that there is a common baseline level of protection that is guaranteed to be supported in all user agents, including those that are entirely open source.
+ Thus, content providers that need only basic protection can build simple applications that will work on all platforms without needing to work with any content protection providers.
+ </p>
+
+ <span id="simple-decryption-clear-key"></span> <!-- Legacy anchor name. -->
+ <section id="clear-key">
+ <h3>Clear Key</h3>
+ <p>The <code>"org.w3.clearkey"</code> <a def-id="keysystem"></a> uses plain-text clear (unencrypted) key(s) to decrypt the source.
+ No additional client-side content protection is required.
+ This Key System is described below.
+ </p>
+
+ <section id="clear-key-capabilities">
+ <h4>Capabilities</h4>
+ <p>The following describe how Clear Key supports key system-specific capabilities:</p>
+ <ul>
+ <li><p>The <a def-id="setMediaKeys"></a> method: Implementations MAY support associating the <a def-id="mediakeys"></a> object with more than one <a def-id="htmlmediaelement"></a>.</p></li>
+ <li><p>The <a def-id="setServerCertificate"></a> method: Not supported.</p></li>
+ <li><p>The <a def-id="isTypeSupported"></a> method: There are no supported <var title="true">capability</var> values.</p></li>
+ <li><p>The <a def-id="persistent-session"></a> <a def-id="sessiontype"></a>: Implementations MAY support this type.</p></li>
+ </ul>
+ </section>
- <section id="clear-key-capabilities">
- <h4>Capabilities</h4>
- <p>The following describe how Clear Key supports key system-specific capabilities:</p>
- <ul>
- <li><p>The <a def-id="setMediaKeys"></a> method: Implementations MAY support associating the <a def-id="mediakeys"></a> object with more than one <a def-id="htmlmediaelement"></a>.</p></li>
- <li><p>The <a def-id="setServerCertificate"></a> method: Not supported.</p></li>
- <li><p>The <a def-id="isTypeSupported"></a> method: There are no supported <var title="true">capability</var> values.</p></li>
- <li><p>The <a def-id="persistent-session"></a> <a def-id="sessiontype"></a>: Implementations MAY support this type.</p></li>
- </ul>
- </section>
-
- <section id="clear-key-behavior">
- <h4>Behavior</h4>
- <p>The following describe how Clear Key implements key system-specific behaviors:</p>
- <ul>
- <li><p>In the <a def-id="generateRequest"></a> algorithm:</p>
- <ul>
- <li><p>The generated <var title="true">message</var> is a JSON object encoded in UTF-8 as described in <a href="#clear-key-request-format">License Request Format</a>.</p></li>
- <li><p>The request is generated by extracting the key IDs from the <var>init data</var>.</p></li>
- <li><p>The "type" member value is the value of the <var title="true">sessionType</var> parameter.</p></li>
- </ul>
- </li>
- <li><p>The <a def-id="sessionId"></a> attribute is a numerical value representable by a 32-bit integer.</p></li>
- <li><p>The <a def-id="expiration"></a> attribute is always <code>NaN</code>.</p></li>
- <li><p>In the <a def-id="update"></a> algorithm:</p>
- <ul>
- <li><p>The <var title="true">response</var> parameter is a JWK Set as described in <a href="#clear-key-license-format">License Format</a>.</p></li>
- <li><p><var>sanitized response</var> is considered invalid if it is not a valid JWK Set with at least one valid JWK key of a valid length for the media type.</p></li>
- </ul>
- </li>
- <li><p>The <a def-id="getUsableKeyIds"></a> method always returns all key IDs that have been provided via <a def-id="update"></a>.</p></li>
- <li><p><a def-id="initialization-data"></a>: Implementations MAY support any combination of registered Initialization Data types [[EME-REGISTRY]].
- Implementations SHOULD support the <code><a href="keyids-format.html">"keyids"</a></code> type and other types appropriate for content types supported by the user agent.
- </p></li>
- </ul>
- </section>
-
- <section id="clear-key-request-format">
- <h4>License Request Format</h4>
- <p>This section describes the format of the license request provided to the application via the <a def-id="message-event-message-attribute"></a> attribute of the <a def-id="message"></a> event.</p>
+ <section id="clear-key-behavior">
+ <h4>Behavior</h4>
+ <p>The following describe how Clear Key implements key system-specific behaviors:</p>
+ <ul>
+ <li><p>In the <a def-id="generateRequest"></a> algorithm:</p>
+ <ul>
+ <li><p>The generated <var title="true">message</var> is a JSON object encoded in UTF-8 as described in <a href="#clear-key-request-format">License Request Format</a>.</p></li>
+ <li><p>The request is generated by extracting the key IDs from the <var>init data</var>.</p></li>
+ <li><p>The "type" member value is the value of the <var title="true">sessionType</var> parameter.</p></li>
+ </ul>
+ </li>
+ <li><p>The <a def-id="sessionId"></a> attribute is a numerical value representable by a 32-bit integer.</p></li>
+ <li><p>The <a def-id="expiration"></a> attribute is always <code>NaN</code>.</p></li>
+ <li><p>In the <a def-id="update"></a> algorithm:</p>
+ <ul>
+ <li><p>The <var title="true">response</var> parameter is a JWK Set as described in <a href="#clear-key-license-format">License Format</a>.</p></li>
+ <li><p><var>sanitized response</var> is considered invalid if it is not a valid JWK Set with at least one valid JWK key of a valid length for the media type.</p></li>
+ </ul>
+ </li>
+ <li><p>The <a def-id="getUsableKeyIds"></a> method always returns all key IDs that have been provided via <a def-id="update"></a>.</p></li>
+ <li><p><a def-id="initialization-data"></a>: Implementations MAY support any combination of registered Initialization Data types [[EME-REGISTRY]].
+ Implementations SHOULD support the <code><a href="keyids-format.html">"keyids"</a></code> type and other types appropriate for content types supported by the user agent.
+ </p></li>
+ </ul>
+ </section>
- <p>The format is a JSON object containing the following members:</p>
- <dl>
- <dt>"kids"</dt>
- <dd>An array of <a href="#decryption-key-id">key IDs</a>. Each element of the array is the base64url encoding of the octet sequence containing the key ID value.</dd>
- <dt>"type"</dt>
- <dd>The requested <a def-id="sessiontype"></a></dd>
- </dl>
-
- <p>When contained in the ArrayBuffer <a def-id="message-event-message-attribute"></a> attribute of a <a def-id="MediaKeyMessageEvent"></a> object, the JSON string is encoded in UTF-8 as specified in the Encoding specification [[!ENCODING]].
- Applications MAY decode the contents of the ArrayBuffer to a JSON string using the <a def-id="interface-textdecoder"></a> [[!ENCODING]].
- </p>
-
- <section id="clear-key-request-format-example" class="informative">
- <h5>Example</h5>
- <p>The following example is a license request for a temporary license for two key IDs. (Line breaks are for readability only.)</p>
- <pre class="example highlight">
+ <section id="clear-key-request-format">
+ <h4>License Request Format</h4>
+ <p>This section describes the format of the license request provided to the application via the <a def-id="message-event-message-attribute"></a> attribute of the <a def-id="message"></a> event.</p>
+
+ <p>The format is a JSON object containing the following members:</p>
+ <dl>
+ <dt>"kids"</dt>
+ <dd>An array of <a href="#decryption-key-id">key IDs</a>. Each element of the array is the base64url encoding of the octet sequence containing the key ID value.</dd>
+ <dt>"type"</dt>
+ <dd>The requested <a def-id="sessiontype"></a></dd>
+ </dl>
+
+ <p>When contained in the ArrayBuffer <a def-id="message-event-message-attribute"></a> attribute of a <a def-id="MediaKeyMessageEvent"></a> object, the JSON string is encoded in UTF-8 as specified in the Encoding specification [[!ENCODING]].
+ Applications MAY decode the contents of the ArrayBuffer to a JSON string using the <a def-id="interface-textdecoder"></a> [[!ENCODING]].
+ </p>
+
+ <section id="clear-key-request-format-example" class="informative">
+ <h5>Example</h5>
+ <p>The following example is a license request for a temporary license for two key IDs. (Line breaks are for readability only.)</p>
+ <pre class="example highlight">
{
"kids":
[
@@ -1416,40 +1417,40 @@
"type":<a def-id="temporary-session"></a>
}
</pre>
- </section>
- </section>
-
- <section id="clear-key-license-format">
- <h4>License Format</h4>
- <p>This section describes the format of the license to be provided via the <var title="true">response</var> parameter of the <a def-id="update"></a> method.</p>
-
- <p>The format is a JSON Web Key (JWK) Set containing representation of the symmetric key to be used for decryption, as defined in the JSON Web Key (JWK) specification [[!JWK]].</p>
-
- <p>For each JWK in the set, the parameter values are as follows:</p>
- <dl>
- <dt>"kty" (key type)</dt>
- <dd>"oct" (octet sequence)</dd>
- <dt>"alg" (algorithm)</dt>
- <dd>"A128KW" (AES key wrap using a 128-bit key)</dd>
- <dt>"k" (key value)</dt>
- <dd>The base64url encoding of the octet sequence containing the symmetric <a href="#decryption-key">key</a> value</dd>
- <dt>"kid" (key ID)</dt>
- <dd>The base64url encoding of the octet sequence containing the <a href="#decryption-key-id">key ID</a> value</dd>
- </dl>
-
- <p>The JSON object MAY have an optional "type" member value, which MUST be one of the <a def-id="sessiontype"></a> values.
- If not specified, the default value of <a def-id="temporary-session"></a> is used.
- The <a def-id="update"></a> algorithm compares this value to the <var title="true">sessionType</var>.
- </p>
-
- <p>When passed to the <a def-id="update"></a> method as the ArrayBuffer <var title="true">response</var> parameter, the JSON string MUST be encoded in UTF-8 as specified in the Encoding specification [[!ENCODING]].
- Applications MAY encode the JSON string using the <a def-id="interface-textencoder"></a> [[!ENCODING]].
- </p>
-
- <section id="clear-key-license-format-example" class="informative">
- <h5>Example</h5>
- <p>The following example is a JWK Set containing a single symmetric key. (Line breaks are for readability only.)</p>
- <pre class="example highlight">
+ </section>
+ </section>
+
+ <section id="clear-key-license-format">
+ <h4>License Format</h4>
+ <p>This section describes the format of the license to be provided via the <var title="true">response</var> parameter of the <a def-id="update"></a> method.</p>
+
+ <p>The format is a JSON Web Key (JWK) Set containing representation of the symmetric key to be used for decryption, as defined in the JSON Web Key (JWK) specification [[!JWK]].</p>
+
+ <p>For each JWK in the set, the parameter values are as follows:</p>
+ <dl>
+ <dt>"kty" (key type)</dt>
+ <dd>"oct" (octet sequence)</dd>
+ <dt>"alg" (algorithm)</dt>
+ <dd>"A128KW" (AES key wrap using a 128-bit key)</dd>
+ <dt>"k" (key value)</dt>
+ <dd>The base64url encoding of the octet sequence containing the symmetric <a href="#decryption-key">key</a> value</dd>
+ <dt>"kid" (key ID)</dt>
+ <dd>The base64url encoding of the octet sequence containing the <a href="#decryption-key-id">key ID</a> value</dd>
+ </dl>
+
+ <p>The JSON object MAY have an optional "type" member value, which MUST be one of the <a def-id="sessiontype"></a> values.
+ If not specified, the default value of <a def-id="temporary-session"></a> is used.
+ The <a def-id="update"></a> algorithm compares this value to the <var title="true">sessionType</var>.
+ </p>
+
+ <p>When passed to the <a def-id="update"></a> method as the ArrayBuffer <var title="true">response</var> parameter, the JSON string MUST be encoded in UTF-8 as specified in the Encoding specification [[!ENCODING]].
+ Applications MAY encode the JSON string using the <a def-id="interface-textencoder"></a> [[!ENCODING]].
+ </p>
+
+ <section id="clear-key-license-format-example" class="informative">
+ <h5>Example</h5>
+ <p>The following example is a JWK Set containing a single symmetric key. (Line breaks are for readability only.)</p>
+ <pre class="example highlight">
{
"keys":
[{
@@ -1460,190 +1461,187 @@
}],
"type":<a def-id="temporary-session"></a>
}</pre>
- </section>
- </section>
-
- <section id="using-base64url" class="informative">
- <h4>Using base64url</h4>
- <p>For more information on base64url and working with it, see the "Base64url Encoding" terminology definition and "Notes on implementing base64url encoding without padding" in [[JWS]].
- Specifically, there is no '=' padding, and the characters '-' and '_' MUST be used instead of '+' and '/', respectively.
- </p>
- </section>
- </section>
+ </section>
+ </section>
+
+ <section id="using-base64url" class="informative">
+ <h4>Using base64url</h4>
+ <p>For more information on base64url and working with it, see the "Base64url Encoding" terminology definition and "Notes on implementing base64url encoding without padding" in [[JWS]].
+ Specifically, there is no '=' padding, and the characters '-' and '_' MUST be used instead of '+' and '/', respectively.
+ </p>
+ </section>
+ </section>
</section>
<section id="security" class="informative">
- <h2>Security Considerations</h2>
-
- <p>User Agent and Key System implementations must consider <a def-id="media-data"></a>, <a def-id="initialization-data"></a>, responses (i.e. data passed to <a def-id="update"></a>), licenses, key data, and all other data provided by the application as untrusted content and potential attack vectors.
- They must use appropriate safeguards to mitigate any associated threats and take care to safely parse, decrypt, etc. such data.
- User Agents may want to validate data before passing it to the CDM, especially if the CDM does not run in the same (sandboxed) context as the DOM (i.e. rendering).
- </p>
- <p>Implementations should not return active content or passive content that affects program control flow to the application.
- For example, it is not safe to expose URLs or other information that may have come from media data, such as is the case for the Initialization Data passed to <a def-id="generateRequest"></a>.
- Applications should determine the URLs to use. The <a def-id="message-event-type-attribute"></a> attribute of the <a def-id="message"></a> event can be used by the application to select among a set of URLs if applicable.
- </p>
- <p>User Agents are responsible for providing users with a secure way to browse the web. Since User Agents may integrate with third party CDM implementations, CDM implementers must provide sufficient information and controls to user agent implementers to enable them to properly asses the security implications of integrating with the Key System.</p>
- <p>Unsandboxed CDMs (or CDMs that use platform features) and UAs that use them must be especially careful in all areas of security, including parsing of key and media data, etc. due to the potential for compromises to provide access to OS/platform features, interact with or run as root, access drivers, kernel, firmware, hardware, etc., all of which may not be written to be robust against hostile software or web-based attacks. Additionally, CDMs may not be updated with security fixes as frequently, especially when part of the OS, platform or hardware.</p>
-
- <p>User agents may choose to only support the EME APIs and/or specific Key Systems (i.e. based on privacy and security risks) on secure origins.
- This is especially important if a user agent chooses to support a Key System implementation that cannot be sufficiently sandboxed or otherwise secured.
- Such user agents should also properly handle Mixed Content [[MIXED-CONTENT]] to avoid potential exposure to insecure content.
- See also <a href="#privacy-secureorigin">Use Secure Origin and Transport</a>.
- </p>
-
- <p>If a user agent chooses to support a Key System implementation that cannot be sufficiently sandboxed or otherwise secured, the user agent should ensure that users are fully informed and/or give explicit consent before loading or invoking it.
- See also <a href="#privacy-prompts">User Alerts / Prompts</a>.
- </p>
-
- </div>
+ <h2>Security Considerations</h2>
+
+ <p>User Agent and Key System implementations must consider <a def-id="media-data"></a>, <a def-id="initialization-data"></a>, responses (i.e. data passed to <a def-id="update"></a>), licenses, key data, and all other data provided by the application as untrusted content and potential attack vectors.
+ They must use appropriate safeguards to mitigate any associated threats and take care to safely parse, decrypt, etc. such data.
+ User Agents may want to validate data before passing it to the CDM, especially if the CDM does not run in the same (sandboxed) context as the DOM (i.e. rendering).
+ </p>
+ <p>Implementations should not return active content or passive content that affects program control flow to the application.
+ For example, it is not safe to expose URLs or other information that may have come from media data, such as is the case for the Initialization Data passed to <a def-id="generateRequest"></a>.
+ Applications should determine the URLs to use. The <a def-id="message-event-type-attribute"></a> attribute of the <a def-id="message"></a> event can be used by the application to select among a set of URLs if applicable.
+ </p>
+ <p>User Agents are responsible for providing users with a secure way to browse the web. Since User Agents may integrate with third party CDM implementations, CDM implementers must provide sufficient information and controls to user agent implementers to enable them to properly asses the security implications of integrating with the Key System.</p>
+ <p>Unsandboxed CDMs (or CDMs that use platform features) and UAs that use them must be especially careful in all areas of security, including parsing of key and media data, etc. due to the potential for compromises to provide access to OS/platform features, interact with or run as root, access drivers, kernel, firmware, hardware, etc., all of which may not be written to be robust against hostile software or web-based attacks. Additionally, CDMs may not be updated with security fixes as frequently, especially when part of the OS, platform or hardware.</p>
+
+ <p>User agents may choose to only support the EME APIs and/or specific Key Systems (i.e. based on privacy and security risks) on secure origins.
+ This is especially important if a user agent chooses to support a Key System implementation that cannot be sufficiently sandboxed or otherwise secured.
+ Such user agents should also properly handle Mixed Content [[MIXED-CONTENT]] to avoid potential exposure to insecure content.
+ See also <a href="#privacy-secureorigin">Use Secure Origin and Transport</a>.
+ </p>
+
+ <p>If a user agent chooses to support a Key System implementation that cannot be sufficiently sandboxed or otherwise secured, the user agent should ensure that users are fully informed and/or give explicit consent before loading or invoking it.
+ See also <a href="#privacy-prompts">User Alerts / Prompts</a>.
+ </p>
</section>
<section id="privacy" class="informative">
- <h2>Privacy Considerations</h2>
-
- <p>The presence or use of Key Systems on a user's device raises a number of privacy issues, falling into two categories: (a) user-specific information that may be disclosed by the EME interface itself, or within messages from Key Systems and (b) user-specific information that may be persistently stored on the users device.</p>
- <p>User Agents should take responsibility for providing users with adequate control over their own privacy. Since User Agents may integrate with third party CDM implementations, CDM implementers must provide sufficient information and controls to user agent implementers to enable them to implement appropriate techniques to ensure users have control over their privacy, including but not limited to the techniques described below.</p>
-
- <section id="privacy-disclosure">
- <h3>Information Disclosed by EME and Key Systems</h3>
- <p>Concerns regarding information disclosed by EME and Key Systems fall into two categories, concerns about non-specific information that may nevertheless contribute to the possibility of fingerprinting a user agent or device and user-specific information that may be used directly for user tracking.</p>
- </section>
-
- <section id="privacy-fingerprinting">
- <h4>Fingerprinting</h4>
- <p>Malicious applications may be able to fingerprint users or user agents by detecting or enumerating the list of Key Systems that are supported and related information. If proper origin protections are not provided this could include detection of sites that have been visited and information stored for those sites. In particular, Key Systems should not share key or other data between origins.</p>
- </section>
-
- <section id="privacy-leakage">
- <h4>Information Leakage</h4>
- <p>CDMs, especially those implemented outside the user agent, may not have the same fundamental isolations as the web platform.
- It is important that steps be taken to avoid information leakage, especially across origins.
- This includes both in-memory and stored data.
- Failure to do so could lead to information leakage to/from Incognito/Private Browsing sessions, across profiles, and even across different browsers, applications, and operating system user accounts.
- </p>
+ <h2>Privacy Considerations</h2>
+
+ <p>The presence or use of Key Systems on a user's device raises a number of privacy issues, falling into two categories: (a) user-specific information that may be disclosed by the EME interface itself, or within messages from Key Systems and (b) user-specific information that may be persistently stored on the users device.</p>
+ <p>User Agents should take responsibility for providing users with adequate control over their own privacy. Since User Agents may integrate with third party CDM implementations, CDM implementers must provide sufficient information and controls to user agent implementers to enable them to implement appropriate techniques to ensure users have control over their privacy, including but not limited to the techniques described below.</p>
+
+ <section id="privacy-disclosure">
+ <h3>Information Disclosed by EME and Key Systems</h3>
+ <p>Concerns regarding information disclosed by EME and Key Systems fall into two categories, concerns about non-specific information that may nevertheless contribute to the possibility of fingerprinting a user agent or device and user-specific information that may be used directly for user tracking.</p>
+ </section>
+
+ <section id="privacy-fingerprinting">
+ <h4>Fingerprinting</h4>
+ <p>Malicious applications may be able to fingerprint users or user agents by detecting or enumerating the list of Key Systems that are supported and related information. If proper origin protections are not provided this could include detection of sites that have been visited and information stored for those sites. In particular, Key Systems should not share key or other data between origins.</p>
+ </section>
+
+ <section id="privacy-leakage">
+ <h4>Information Leakage</h4>
+ <p>CDMs, especially those implemented outside the user agent, may not have the same fundamental isolations as the web platform.
+ It is important that steps be taken to avoid information leakage, especially across origins.
+ This includes both in-memory and stored data.
+ Failure to do so could lead to information leakage to/from Incognito/Private Browsing sessions, across profiles, and even across different browsers, applications, and operating system user accounts.
+ </p>
+
+ <p>To avoid such issues, user agent and CDM implementations should ensure that:</p>
+ <ul>
+ <li>CDMs have a concept of a CDM instance that is associated 1:1 with a MediaKeys object.</li>
+ <li>Keys, licenses, other session data, and the presence of sessions are restricted to the CDM instance associated with the MediaKeys object that created the session.</li>
+ <li>Session data is not shared between MediaKeys objects or CDM instances.</li>
+ <li>Session data is not shared with media elements not associated with the MediaKeys object that created the session. Among other things, this means a session's keys may not be used to decrypt content loaded by a media element whose <a def-id="mediaKeys-attribute"></a> attribute is not the MediaKeys object.</li>
+ <li>MediaKeys objects and the underlying implementation do not expose information outside the origin.</li>
+ <li>Persisted session data, if applicable, is stored on a per-origin basis.</li>
+ <li>Only data stored by the requesting origin may be loaded.</li>
+ </ul>
+ </section>
+
+ <section id="privacy-tracking">
+ <h4>Tracking</h4>
+ <p>User-specific information may be obtained over the EME API in two ways: through detection of stored keys and through Key System messages.</p>
- <p>To avoid such issues, user agent and CDM implementations should ensure that:</p>
- <ul>
- <li>CDMs have a concept of a CDM instance that is associated 1:1 with a MediaKeys object.</li>
- <li>Keys, licenses, other session data, and the presence of sessions are restricted to the CDM instance associated with the MediaKeys object that created the session.</li>
- <li>Session data is not shared between MediaKeys objects or CDM instances.</li>
- <li>Session data is not shared with media elements not associated with the MediaKeys object that created the session. Among other things, this means a session's keys may not be used to decrypt content loaded by a media element whose <a def-id="mediaKeys-attribute"></a> attribute is not the MediaKeys object.</li>
- <li>MediaKeys objects and the underlying implementation do not expose information outside the origin.</li>
- <li>Persisted session data, if applicable, is stored on a per-origin basis.</li>
- <li>Only data stored by the requesting origin may be loaded.</li>
- </ul>
- </section>
-
- <section id="privacy-tracking">
- <h4>Tracking</h4>
- <p>User-specific information may be obtained over the EME API in two ways: through detection of stored keys and through Key System messages.</p>
-
- <p>Key Systems may access or create persistent or semi-persistent identifiers for a device or user of a device. In some cases these identifiers may be bound to a specific device in a secure manner. If these identifiers are present in Key System messages, then devices and/or users may be tracked. If the mitigations below are not applied this could include both tracking of users / devices over time and associating multiple users of a given device. If not mitigated, such tracking may take three forms depending on the design of the Key System:</p>
- <ul>
- <li>In all cases, such identifiers are expected to be available to sites and/or servers that fully support the Key System (and thus can interpret Key System messages) enabling tracking by such sites.</li>
- <li>If identifiers exposed by Key Systems are not origin-specific, then two sites and/or servers that fully support the Key System may collude to track the user</li>
- <li>If a Key System messages contains information derived from a user identifier in a consistent manner, for example such that a portion of the initial Key System message for a specific content item does not change over time and is dependent on the user identifier, then this information could be used by any application to track the device or user over time.</li>
- </ul>
-
- <p>If a Key System permits keys to be stored and to be re-used between origins, then it may be possible for two origins to collude and track a unique user by recording their ability to access a common key.</p>
- <p>Finally, if any user interface for user control of Key Systems presents data separately from data in HTTP session cookies or persistent storage, then users are likely to modify site authorization or delete data in one and not the others. This would allow sites to use the various features as redundant backup for each other, defeating a user's attempts to protect his privacy.</p>
- <p>There are a number of techniques that can be used to mitigate these risks of tracking without user consent:</p>
-
- <dl>
- <dt>User deletion of persistent identifiers</dt>
- <dd>User agents could provide users with the ability to clear any persistent identifiers maintained by Key Systems.</dd>
-
- <dt>Use of (non-reversible) per-origin identifiers</dt>
- <dd>The user / device identifier exposed by a Key System may be different for each origin, either by allocation of different identifiers for different origins or by use of a non-reversible origin-specific mapping from an origin-independent identifier.</dd>
-
- <dt id="identifier-encryption">Encryption of user identifiers</dt>
- <dd>User identifiers in Key System messages could be encrypted, together with a timestamp or nonce, such that the Key System messages are always different. This would prevent the use of Key System messages for tracking except by applications fully supporting the Key System.
- This may be implemented using a <a href="#server-certificate">server certificate</a>.
- </dd>
+ <p>Key Systems may access or create persistent or semi-persistent identifiers for a device or user of a device. In some cases these identifiers may be bound to a specific device in a secure manner. If these identifiers are present in Key System messages, then devices and/or users may be tracked. If the mitigations below are not applied this could include both tracking of users / devices over time and associating multiple users of a given device. If not mitigated, such tracking may take three forms depending on the design of the Key System:</p>
+ <ul>
+ <li>In all cases, such identifiers are expected to be available to sites and/or servers that fully support the Key System (and thus can interpret Key System messages) enabling tracking by such sites.</li>
+ <li>If identifiers exposed by Key Systems are not origin-specific, then two sites and/or servers that fully support the Key System may collude to track the user</li>
+ <li>If a Key System messages contains information derived from a user identifier in a consistent manner, for example such that a portion of the initial Key System message for a specific content item does not change over time and is dependent on the user identifier, then this information could be used by any application to track the device or user over time.</li>
+ </ul>
+
+ <p>If a Key System permits keys to be stored and to be re-used between origins, then it may be possible for two origins to collude and track a unique user by recording their ability to access a common key.</p>
+ <p>Finally, if any user interface for user control of Key Systems presents data separately from data in HTTP session cookies or persistent storage, then users are likely to modify site authorization or delete data in one and not the others. This would allow sites to use the various features as redundant backup for each other, defeating a user's attempts to protect his privacy.</p>
+ <p>There are a number of techniques that can be used to mitigate these risks of tracking without user consent:</p>
+
+ <dl>
+ <dt>User deletion of persistent identifiers</dt>
+ <dd>User agents could provide users with the ability to clear any persistent identifiers maintained by Key Systems.</dd>
+
+ <dt>Use of (non-reversible) per-origin identifiers</dt>
+ <dd>The user / device identifier exposed by a Key System may be different for each origin, either by allocation of different identifiers for different origins or by use of a non-reversible origin-specific mapping from an origin-independent identifier.</dd>
+
+ <dt id="identifier-encryption">Encryption of user identifiers</dt>
+ <dd>User identifiers in Key System messages could be encrypted, together with a timestamp or nonce, such that the Key System messages are always different. This would prevent the use of Key System messages for tracking except by applications fully supporting the Key System.
+ This may be implemented using a <a href="#server-certificate">server certificate</a>.
+ </dd>
+
+ <dt>Site-specific white-listing of access to each Key System</dt>
+ <dd>User agents could require the user to explicitly authorize access by each site to each Key System. User agents should enable users to revoke this authorization either temporarily or permanently.</dd>
+
+ <dt>Treating Key System persistent identifiers as cookies</dt>
+ <dd>User agents should present the presence of persistent identifiers stored by Key Systems to the user in a way that associates them strongly with HTTP session cookies. This might encourage users to view such identifiers with healthy suspicion.</dd>
+
+ <dt>Shared blacklists</dt>
+ <dd>User agents may allow users to share their Key System domain blacklists. This would allow communities to act together to protect their privacy.</dd>
+
+ <dt id="privacy-prompts">User Alerts / Prompts</dt>
+ <dd>User Agents should ensure that users are fully informed and/or give explicit consent before identifiers are exposed in messages from Key Systems.
+ Such alerts and consent should be per origin to avoid valid uses enabling subsequent malicious access.
+ User agents that consider such alerts or consent appropriate should only support such Key Systems on secure origins (see <a href="#privacy-secureorigin">Use Secure Origin and Transport</a>), especially if they allow such consent to be persisted.
+ (Granting permissions to unauthenticated origins is equivalent to granting the permissions to any origin in the presence of a network attacker.)
+ </dd>
+
+ <dt>User controls to disable Key Systems or Key System use of identifiers</dt>
+ <dd>User Agents could provide users with a global control of whether a Key System is enabled / disabled and/or whether Key System use of user / device identifiers is enabled or disabled (if supported by the Key System).</dd>
+ </dl>
+
+ <p>While these suggestions prevent trivial use of this feature for user tracking, they do not block it altogether. Within a single domain, a site can continue to track the user during a session, and can then pass all this information to a third party along with any identifying information (names, credit card numbers, addresses) obtained by the site. If a third party cooperates with multiple sites to obtain such information, and if identifiers are not per-origin, then a profile can still be created.</p>
+ <p>It is important to note that identifiers that are non-clearable, non-origin-specific or hardware-bound exceed the tracking impact of existing techniques such as cookies or session identifiers embedded in URLs.</p>
+ <p>Thus, in addition to the various mitigations described above, if a browser supports a mode of operation intended to preserve user anonymity, then User Agent implementers should carefully consider whether access to Key Systems should be disabled in this mode.</p>
+ </section>
+
+ <section id="privacy-storedinfo">
+ <h3>Information Stored on User Devices</h3>
+ <p>Key Systems may store information on a user's device, or user agents may store information on behalf of Key Systems. Potentially, this could reveal information about a user to another user of the same device, including potentially the origins that have used a particular Key System (i.e. sites visited) or even the content that has been decrypted using a Key System.</p>
+ <p>If information stored by one origin affects the operation of the Key System for another origin, then potentially the sites visited or content viewed by a user on one site may be revealed to another, potentially malicious, site.</p>
+ <p>There are a number of techniques that can be used to mitigate these privacy risk to users:</p>
+
+ <dl>
+ <dt>Origin-specific Key System storage</dt>
+ <dd>User agents may require that some or all of the Key System's persistently stored data is stored in an origin-specific way. Session data, licenses, and keys that are persistently stored should be stored per-origin.</dd>
+
+ <dt>User deletion of Key System storage</dt>
+ <dd>User agents may present the user with a way to delete Key System storage for a specific origin or all origins.</dd>
+
+ <dt>Treating Key System stored data like cookies / Web Storage</dt>
+ <dd>User agents should present the presence of persistent data stored by Key Systems to the user in a way that associates it strongly with HTTP session cookies and/or Web Storage. This might encourage users to view such data with healthy suspicion.</dd>
+
+ <dt>Encryption or obfuscation of Key System stored data</dt>
+ <dd>User agents should treat data stored by Key Systems as potentially sensitive; it is quite possible for user privacy to be compromised by the release of this information. To this end, user agents should ensure that such data is securely stored and when deleting data, it is promptly deleted from the underlying storage.</dd>
+ </dl>
+
+ <p>User agent and CDM implementations that allow the CDM to persist data should:</p>
+ <ul>
+ <li>Ensure it is restricted to the origin for which it was created.</li>
+ <li>Ensure it is restricted to the current profile and does not leak to or from Incognito/Private Browsing sessions.</li>
+ <li>Allow the user to clear it, preferably by origin.</li>
+ <li>Treat it like other site data, including presenting it along with cookies, including it in "remove all data", and presenting it in the same UI locations.</li>
+ </ul>
+ </section>
+
+ <section id="privacy-secureorigin">
+ <h3>Use Secure Origin and Transport</h3>
+ <p>In order to protect identifiers and other information discussed in previous sections, user agents may choose to only support the EME APIs and/or specific Key Systems (i.e. based on privacy and security risks) on secure origins.
+ This is especially important if a user agent chooses to support a Key System implementation that exposes identifiers or other such information without effectively anonymizing it in transit (i.e. without <a href="#identifier-encryption">encrypting identifiers</a>).
+ </p>
+ <p>Regardless of user agent limitations, applications should use secure transport (e.g. HTTPS) for all traffic containing messages from the CDM (i.e. all data passed from <a def-id="message"></a> events and to <a def-id="update"></a>).</p>
+ <p>All user agents should properly handle Mixed Content [[MIXED-CONTENT]] to avoid exposure to insecure content or transport when the user agent or application wish to enforce secure origin and transport.</p>
+ </section>
- <dt>Site-specific white-listing of access to each Key System</dt>
- <dd>User agents could require the user to explicitly authorize access by each site to each Key System. User agents should enable users to revoke this authorization either temporarily or permanently.</dd>
-
- <dt>Treating Key System persistent identifiers as cookies</dt>
- <dd>User agents should present the presence of persistent identifiers stored by Key Systems to the user in a way that associates them strongly with HTTP session cookies. This might encourage users to view such identifiers with healthy suspicion.</dd>
-
- <dt>Shared blacklists</dt>
- <dd>User agents may allow users to share their Key System domain blacklists. This would allow communities to act together to protect their privacy.</dd>
-
- <dt id="privacy-prompts">User Alerts / Prompts</dt>
- <dd>User Agents should ensure that users are fully informed and/or give explicit consent before identifiers are exposed in messages from Key Systems.
- Such alerts and consent should be per origin to avoid valid uses enabling subsequent malicious access.
- User agents that consider such alerts or consent appropriate should only support such Key Systems on secure origins (see <a href="#privacy-secureorigin">Use Secure Origin and Transport</a>), especially if they allow such consent to be persisted.
- (Granting permissions to unauthenticated origins is equivalent to granting the permissions to any origin in the presence of a network attacker.)
- </dd>
-
- <dt>User controls to disable Key Systems or Key System use of identifiers</dt>
- <dd>User Agents could provide users with a global control of whether a Key System is enabled / disabled and/or whether Key System use of user / device identifiers is enabled or disabled (if supported by the Key System).</dd>
- </dl>
-
- <p>While these suggestions prevent trivial use of this feature for user tracking, they do not block it altogether. Within a single domain, a site can continue to track the user during a session, and can then pass all this information to a third party along with any identifying information (names, credit card numbers, addresses) obtained by the site. If a third party cooperates with multiple sites to obtain such information, and if identifiers are not per-origin, then a profile can still be created.</p>
- <p>It is important to note that identifiers that are non-clearable, non-origin-specific or hardware-bound exceed the tracking impact of existing techniques such as cookies or session identifiers embedded in URLs.</p>
- <p>Thus, in addition to the various mitigations described above, if a browser supports a mode of operation intended to preserve user anonymity, then User Agent implementers should carefully consider whether access to Key Systems should be disabled in this mode.</p>
- </section>
-
- <section id="privacy-storedinfo">
- <h3>Information Stored on User Devices</h3>
- <p>Key Systems may store information on a user's device, or user agents may store information on behalf of Key Systems. Potentially, this could reveal information about a user to another user of the same device, including potentially the origins that have used a particular Key System (i.e. sites visited) or even the content that has been decrypted using a Key System.</p>
- <p>If information stored by one origin affects the operation of the Key System for another origin, then potentially the sites visited or content viewed by a user on one site may be revealed to another, potentially malicious, site.</p>
- <p>There are a number of techniques that can be used to mitigate these privacy risk to users:</p>
-
- <dl>
- <dt>Origin-specific Key System storage</dt>
- <dd>User agents may require that some or all of the Key System's persistently stored data is stored in an origin-specific way. Session data, licenses, and keys that are persistently stored should be stored per-origin.</dd>
-
- <dt>User deletion of Key System storage</dt>
- <dd>User agents may present the user with a way to delete Key System storage for a specific origin or all origins.</dd>
-
- <dt>Treating Key System stored data like cookies / Web Storage</dt>
- <dd>User agents should present the presence of persistent data stored by Key Systems to the user in a way that associates it strongly with HTTP session cookies and/or Web Storage. This might encourage users to view such data with healthy suspicion.</dd>
-
- <dt>Encryption or obfuscation of Key System stored data</dt>
- <dd>User agents should treat data stored by Key Systems as potentially sensitive; it is quite possible for user privacy to be compromised by the release of this information. To this end, user agents should ensure that such data is securely stored and when deleting data, it is promptly deleted from the underlying storage.</dd>
- </dl>
-
- <p>User agent and CDM implementations that allow the CDM to persist data should:</p>
- <ul>
- <li>Ensure it is restricted to the origin for which it was created.</li>
- <li>Ensure it is restricted to the current profile and does not leak to or from Incognito/Private Browsing sessions.</li>
- <li>Allow the user to clear it, preferably by origin.</li>
- <li>Treat it like other site data, including presenting it along with cookies, including it in "remove all data", and presenting it in the same UI locations.</li>
- </ul>
- </section>
-
- <section id="privacy-secureorigin">
- <h3>Use Secure Origin and Transport</h3>
- <p>In order to protect identifiers and other information discussed in previous sections, user agents may choose to only support the EME APIs and/or specific Key Systems (i.e. based on privacy and security risks) on secure origins.
- This is especially important if a user agent chooses to support a Key System implementation that exposes identifiers or other such information without effectively anonymizing it in transit (i.e. without <a href="#identifier-encryption">encrypting identifiers</a>).
- </p>
- <p>Regardless of user agent limitations, applications should use secure transport (e.g. HTTPS) for all traffic containing messages from the CDM (i.e. all data passed from <a def-id="message"></a> events and to <a def-id="update"></a>).</p>
- <p>All user agents should properly handle Mixed Content [[MIXED-CONTENT]] to avoid exposure to insecure content or transport when the user agent or application wish to enforce secure origin and transport.</p>
- </section>
-
- </div>
</section>
<section id="examples" class="informative">
- <h2>Examples</h2>
- <p>This section contains example solutions for various use cases using the proposed extensions.
- These are not the only solutions to these use cases.
- Video elements are used in the examples, but the same would apply to all media elements.
- In some cases, such as using synchronous XHR, the examples are simplified to keep the focus on the extensions.
- </p>
-
- <section id="example-source-and-key-known">
- <h3>Source and Key Known at Page Load (Clear Key)</h3>
- <p class="exampledescription">In this simple example, the source file and <a href="#clear-key">clear-text license</a> are hard-coded in the page.
- Only one session will ever be created.</p>
-
- <pre class="example highlight">
+ <h2>Examples</h2>
+ <p>This section contains example solutions for various use cases using the proposed extensions.
+ These are not the only solutions to these use cases.
+ Video elements are used in the examples, but the same would apply to all media elements.
+ In some cases, such as using synchronous XHR, the examples are simplified to keep the focus on the extensions.
+ </p>
+
+ <section id="example-source-and-key-known">
+ <h3>Source and Key Known at Page Load (Clear Key)</h3>
+ <p class="exampledescription">In this simple example, the source file and <a href="#clear-key">clear-text license</a> are hard-coded in the page.
+ Only one session will ever be created.</p>
+
+ <pre class="example highlight">
<script>
function load() {
var video = document.getElementById("video");
@@ -1687,16 +1685,16 @@
<video src="foo.webm" autoplay id="video"></video>
</body>
</pre>
- </section>
-
- <section id="example-selecting-key-system">
- <h3>Selecting a Supported Key System and Using Initialization Data from the <a def-id="encrypted"></a> Event</h3>
- <p class="exampledescription">This example selects a supported <a def-id="keysystem"></a> using the <a def-id="isTypeSupported"></a> method then uses
- the <a def-id="initialization-data"></a> from the <a def-id="media-data"></a> to generate the license request and send it to the appropriate license server.
- One of the supported key systems uses a serverCertificate, which is provided proactively.
- </p>
-
- <pre class="example highlight">
+ </section>
+
+ <section id="example-selecting-key-system">
+ <h3>Selecting a Supported Key System and Using Initialization Data from the <a def-id="encrypted"></a> Event</h3>
+ <p class="exampledescription">This example selects a supported <a def-id="keysystem"></a> using the <a def-id="isTypeSupported"></a> method then uses
+ the <a def-id="initialization-data"></a> from the <a def-id="media-data"></a> to generate the license request and send it to the appropriate license server.
+ One of the supported key systems uses a serverCertificate, which is provided proactively.
+ </p>
+
+ <pre class="example highlight">
<script>
var keySystem;
var licenseUrl;
@@ -1779,16 +1777,16 @@
<video src="foo.webm" autoplay <a def-id="onencrypted"></a>="handleInitData(event)"></video>
</pre>
- </section>
-
- <section id="example-mediakeys-before-source">
- <h3>Create MediaKeys Before Loading Media</h3>
- <p class="exampledescription">Initialization is much simpler if encrypted events do not need to be handled during MediaKeys initialization.
- This can be accomplished either by providing the <a def-id="initialization-data"></a> in other ways or setting the source after the MediaKeys object has been created.
- This example does the latter.
- </p>
-
- <pre class="example highlight">
+ </section>
+
+ <section id="example-mediakeys-before-source">
+ <h3>Create MediaKeys Before Loading Media</h3>
+ <p class="exampledescription">Initialization is much simpler if encrypted events do not need to be handled during MediaKeys initialization.
+ This can be accomplished either by providing the <a def-id="initialization-data"></a> in other ways or setting the source after the MediaKeys object has been created.
+ This example does the latter.
+ </p>
+
+ <pre class="example highlight">
<script>
var keySystem;
var licenseUrl;
@@ -1821,14 +1819,14 @@
<video id="v" autoplay <a def-id="onencrypted"></a>="handleInitData(event)"></video>
</pre>
- </section>
-
- <section id="example-using-all-events">
- <h3>Using All Events</h3>
- <p class="exampledescription">This is a more complete example showing all events being used.</p>
- <p class="exampledescription">Note that <code>handleMessage()</code> could be called multiple times, including in response to the <a def-id="update"></a> call if multiple round trips are required and for any other reason the Key System might need to send a message.</p>
-
- <pre class="example highlight">
+ </section>
+
+ <section id="example-using-all-events">
+ <h3>Using All Events</h3>
+ <p class="exampledescription">This is a more complete example showing all events being used.</p>
+ <p class="exampledescription">Note that <code>handleMessage()</code> could be called multiple times, including in response to the <a def-id="update"></a> call if multiple round trips are required and for any other reason the Key System might need to send a message.</p>
+
+ <pre class="example highlight">
<script>
var keySystem;
var licenseUrl;
@@ -1913,13 +1911,13 @@
<video id="v" autoplay <a def-id="onencrypted"></a>="handleInitData(event)"></video>
</pre>
- </section>
-
- <section id="example-stored-license">
- <h3>Stored License</h3>
- <p class="exampledescription">This example requests a persistent license for future use and stores it. It also provides functions for later retrieving the license and for destroying it.</p>
-
- <pre class="example highlight">
+ </section>
+
+ <section id="example-stored-license">
+ <h3>Stored License</h3>
+ <p class="exampledescription">This example requests a persistent license for future use and stores it. It also provides functions for later retrieving the license and for destroying it.</p>
+
+ <pre class="example highlight">
<script>
var keySystem;
var licenseUrl;
@@ -2018,78 +2016,78 @@
<video id="v" src="foo.webm" autoplay></video>
</pre>
- </section>
+ </section>
</section>
<section id="revision-history">
- <h2>Revision History</h2>
- <table class="old-table">
- <thead>
- <tr>
- <th>Version</th>
- <th>Comment</th>
- </tr>
- </thead>
- <tbody>
- <tr>
- <td>10 October 2014</a></td>
- <td>Converted to ReSpec.</td>
- </tr>
- <tr>
- <td><a href="http://dvcs.w3.org/hg/html-media/raw-file/a291ac57bad3/encrypted-media/encrypted-media.html">3 September 2014</a></td>
- <td>Reorganized by object.</td>
- </tr>
- <tr>
- <td><a href="http://dvcs.w3.org/hg/html-media/raw-file/3a5e8f5332a2/encrypted-media/encrypted-media.html">27 August 2014</a></td>
- <td>Moved license request generation and session loading to MediaKeySession.</td>
- </tr>
- <tr>
- <td><a href="http://dvcs.w3.org/hg/html-media/raw-file/9a94854a5999/encrypted-media/encrypted-media.html">18 August 2014</a></td>
- <td>Produced candidate WD.</td>
- </tr>
- <tr>
- <td><a href="https://dvcs.w3.org/hg/html-media/raw-file/9842af174b80/encrypted-media/encrypted-media.html">14 April 2014</a></td>
- <td>Use promises.</td>
- </tr>
- <tr>
- <td><a href="http://dvcs.w3.org/hg/html-media/raw-file/ef65c237d053/encrypted-media/encrypted-media.html">1 April 2014</a></td>
- <td>Moved Container Guidelines to the <a href="initdata-format-registry.html">Encrypted Media Extensions Stream Format and Initialization Data Format Registry</a>.</td>
- </tr>
- <tr>
- <td><a href="http://dvcs.w3.org/hg/html-media/raw-file/11245f9516cf/encrypted-media/encrypted-media.html">3 February 2014</a></td>
- <td>Produced candidate WD.</td>
- </tr>
- <tr>
- <td>17 September 2013</td>
- <td>Produced candidate WD.</td>
- </tr>
- <tr>
- <td>6 May 2013</td>
- <td>Produced updated candidate FPWD.</td>
- </tr>
- <tr>
- <td>14 January 2013</td>
- <td>Produced candidate FPWD.</td>
- </tr>
- <tr>
- <td>16 August 2012</td>
- <td>Converted to the object-oriented API.</td>
- </tr>
- <tr>
- <td><a href="http://dvcs.w3.org/hg/html-media/raw-file/eme-v0.1b/encrypted-media/encrypted-media.html">0.1b</a></td>
- <td>Last non-object-oriented revision.</td>
- </tr>
- <tr>
- <td><a href="http://dvcs.w3.org/hg/html-media/raw-file/eme-v0.1a/encrypted-media/encrypted-media.html">0.1a</a></td>
- <td>Corrects minor mistakes in 0.1.</td>
- </tr>
- <tr>
- <td><a href="http://dvcs.w3.org/hg/html-media/raw-file/eme-v0.1/encrypted-media/encrypted-media.html">0.1</a></td>
- <td>Initial Proposal</td>
- </tr>
- </tbody>
- </table>
+ <h2>Revision History</h2>
+ <table class="old-table">
+ <thead>
+ <tr>
+ <th>Version</th>
+ <th>Comment</th>
+ </tr>
+ </thead>
+ <tbody>
+ <tr>
+ <td>10 October 2014</a></td>
+ <td>Converted to ReSpec.</td>
+ </tr>
+ <tr>
+ <td><a href="http://dvcs.w3.org/hg/html-media/raw-file/a291ac57bad3/encrypted-media/encrypted-media.html">3 September 2014</a></td>
+ <td>Reorganized by object.</td>
+ </tr>
+ <tr>
+ <td><a href="http://dvcs.w3.org/hg/html-media/raw-file/3a5e8f5332a2/encrypted-media/encrypted-media.html">27 August 2014</a></td>
+ <td>Moved license request generation and session loading to MediaKeySession.</td>
+ </tr>
+ <tr>
+ <td><a href="http://dvcs.w3.org/hg/html-media/raw-file/9a94854a5999/encrypted-media/encrypted-media.html">18 August 2014</a></td>
+ <td>Produced candidate WD.</td>
+ </tr>
+ <tr>
+ <td><a href="https://dvcs.w3.org/hg/html-media/raw-file/9842af174b80/encrypted-media/encrypted-media.html">14 April 2014</a></td>
+ <td>Use promises.</td>
+ </tr>
+ <tr>
+ <td><a href="http://dvcs.w3.org/hg/html-media/raw-file/ef65c237d053/encrypted-media/encrypted-media.html">1 April 2014</a></td>
+ <td>Moved Container Guidelines to the <a href="initdata-format-registry.html">Encrypted Media Extensions Stream Format and Initialization Data Format Registry</a>.</td>
+ </tr>
+ <tr>
+ <td><a href="http://dvcs.w3.org/hg/html-media/raw-file/11245f9516cf/encrypted-media/encrypted-media.html">3 February 2014</a></td>
+ <td>Produced candidate WD.</td>
+ </tr>
+ <tr>
+ <td>17 September 2013</td>
+ <td>Produced candidate WD.</td>
+ </tr>
+ <tr>
+ <td>6 May 2013</td>
+ <td>Produced updated candidate FPWD.</td>
+ </tr>
+ <tr>
+ <td>14 January 2013</td>
+ <td>Produced candidate FPWD.</td>
+ </tr>
+ <tr>
+ <td>16 August 2012</td>
+ <td>Converted to the object-oriented API.</td>
+ </tr>
+ <tr>
+ <td><a href="http://dvcs.w3.org/hg/html-media/raw-file/eme-v0.1b/encrypted-media/encrypted-media.html">0.1b</a></td>
+ <td>Last non-object-oriented revision.</td>
+ </tr>
+ <tr>
+ <td><a href="http://dvcs.w3.org/hg/html-media/raw-file/eme-v0.1a/encrypted-media/encrypted-media.html">0.1a</a></td>
+ <td>Corrects minor mistakes in 0.1.</td>
+ </tr>
+ <tr>
+ <td><a href="http://dvcs.w3.org/hg/html-media/raw-file/eme-v0.1/encrypted-media/encrypted-media.html">0.1</a></td>
+ <td>Initial Proposal</td>
+ </tr>
+ </tbody>
+ </table>
</section>
</body>
--- a/encrypted-media/encrypted-media.html Fri Oct 10 14:55:07 2014 -0700
+++ b/encrypted-media/encrypted-media.html Fri Oct 10 15:15:27 2014 -0700
@@ -445,7 +445,7 @@
</p>
<h1 class="title p-name" id="title" property="dcterms:title">Encrypted Media Extensions</h1>
- <h2 property="dcterms:issued" datatype="xsd:dateTime" content="2014-10-10T21:52:32.000Z" id="w3c-editor-s-draft-10-october-2014"><abbr title="World Wide Web Consortium">W3C</abbr> Editor's Draft <time class="dt-published" datetime="2014-10-10">10 October 2014</time></h2>
+ <h2 property="dcterms:issued" datatype="xsd:dateTime" content="2014-10-10T22:13:19.000Z" id="w3c-editor-s-draft-10-october-2014"><abbr title="World Wide Web Consortium">W3C</abbr> Editor's Draft <time class="dt-published" datetime="2014-10-10">10 October 2014</time></h2>
<dl>
<dt>This version:</dt>
@@ -507,15 +507,15 @@
</div>
<section id="abstract" class="introductory" property="dcterms:abstract" datatype="" typeof="bibo:Chapter" resource="#abstract" rel="bibo:Chapter"><h2 role="heading" id="h2_abstract">Abstract</h2>
- <p>This proposal extends <code><a href="http://www.w3.org/TR/html5/embedded-content-0.html#htmlmediaelement">HTMLMediaElement</a></code> [<cite><a class="bibref" href="#bib-HTML5">HTML5</a></cite>] providing APIs to control playback of protected content.</p>
- <p>The API supports use cases ranging from simple clear key decryption to high value video (given an appropriate user agent implementation).
- License/key exchange is controlled by the application, facilitating the development of robust playback applications supporting a range of content decryption and protection technologies.</p>
- <p>This specification does not define a content protection or Digital Rights Management system. Rather, it defines a common API that may be used to discover, select and interact with
- such systems as well as with simpler content encryption systems. Implementation of Digital Rights Management is not required for compliance with this specification: only the
- Clear Key system is required to be implemented as a common baseline.</p>
- <p>The common API supports a simple set of content encryption capabilities, leaving application functions such as authentication and authorization to page authors. This is achieved by
- requiring content protection system-specific messaging to be mediated by the page rather than assuming out-of-band communication between the encryption system and a license
- or other server.</p>
+ <p>This proposal extends <code><a href="http://www.w3.org/TR/html5/embedded-content-0.html#htmlmediaelement">HTMLMediaElement</a></code> [<cite><a class="bibref" href="#bib-HTML5">HTML5</a></cite>] providing APIs to control playback of protected content.</p>
+ <p>The API supports use cases ranging from simple clear key decryption to high value video (given an appropriate user agent implementation).
+ License/key exchange is controlled by the application, facilitating the development of robust playback applications supporting a range of content decryption and protection technologies.</p>
+ <p>This specification does not define a content protection or Digital Rights Management system. Rather, it defines a common API that may be used to discover, select and interact with
+ such systems as well as with simpler content encryption systems. Implementation of Digital Rights Management is not required for compliance with this specification: only the
+ Clear Key system is required to be implemented as a common baseline.</p>
+ <p>The common API supports a simple set of content encryption capabilities, leaving application functions such as authentication and authorization to page authors. This is achieved by
+ requiring content protection system-specific messaging to be mediated by the page rather than assuming out-of-band communication between the encryption system and a license
+ or other server.</p>
</section><section id="sotd" class="introductory" typeof="bibo:Chapter" resource="#sotd" rel="bibo:Chapter"><h2 role="heading" id="h2_sotd">Status of This Document</h2>
@@ -599,351 +599,352 @@
</section><section id="toc"><h2 class="introductory" role="heading" id="h2_toc">Table of Contents</h2><ul class="toc" role="directory" id="respecContents"><li class="tocline"><a href="#introduction" class="tocxref"><span class="secno">1. </span>Introduction</a><ul class="toc"><li class="tocline"><a href="#definitions" class="tocxref"><span class="secno">1.1 </span>Definitions</a></li></ul></li><li class="tocline"><a href="#mediakeys" class="tocxref"><span class="secno">2. </span>MediaKeys Object</a><ul class="toc"><li class="tocline"><a href="#attributes" class="tocxref"><span class="secno">2.1 </span>Attributes</a></li><li class="tocline"><a href="#methods" class="tocxref"><span class="secno">2.2 </span>Methods</a></li></ul></li><li class="tocline"><a href="#mediakeysession" class="tocxref"><span class="secno">3. </span>MediaKeySession Object</a><ul class="toc"><li class="tocline"><a href="#attributes-1" class="tocxref"><span class="secno">3.1 </span>Attributes</a></li><li class="tocline"><a href="#methods-1" class="tocxref"><span class="secno">3.2 </span>Methods</a></li><li class="tocline"><a href="#mediakeymessageevent" class="tocxref"><span class="secno">3.3 </span>MediaKeyMessageEvent</a><ul class="toc"><li class="tocline"><a href="#constructors" class="tocxref"><span class="secno">3.3.1 </span>Constructors</a></li><li class="tocline"><a href="#attributes-2" class="tocxref"><span class="secno">3.3.2 </span>Attributes</a></li><li class="tocline"><a href="#mediakeymessageeventinit" class="tocxref"><span class="secno">3.3.3 </span>MediaKeyMessageEventInit</a><ul class="toc"><li class="tocline"><a href="#dictionary-mediakeymessageeventinit-members" class="tocxref"><span class="secno">3.3.3.1 </span>Dictionary <span class="formerLink"><code>MediaKeyMessageEventInit</code></span> Members</a></li></ul></li></ul></li><li class="tocline"><a href="#mediakeysession-events" class="tocxref"><span class="secno">3.4 </span>Event Summary</a></li><li class="tocline"><a href="#mediakeysession-algorithms" class="tocxref"><span class="secno">3.5 </span>Algorithms</a><ul class="toc"><li class="tocline"><a href="#algorithms-queue-message" class="tocxref"><span class="secno">3.5.1 </span>Queue a "message" Event</a></li><li class="tocline"><a href="#algorithms-keys-changed" class="tocxref"><span class="secno">3.5.2 </span>Usable Keys Changed</a></li><li class="tocline"><a href="#algorithms-update-expiration" class="tocxref"><span class="secno">3.5.3 </span>Update Expiration</a></li><li class="tocline"><a href="#algorithms-session-close" class="tocxref"><span class="secno">3.5.4 </span>Session Close</a></li></ul></li><li class="tocline"><a href="#exceptions" class="tocxref"><span class="secno">3.6 </span>Exceptions</a></li><li class="tocline"><a href="#session-storage" class="tocxref"><span class="secno">3.7 </span>Session Storage and Persistence</a></li></ul></li><li class="tocline"><a href="#htmlmediaelement-extensions" class="tocxref"><span class="secno">4. </span>HTMLMediaElement Extensions</a><ul class="toc"><li class="tocline"><a href="#attributes-3" class="tocxref"><span class="secno">4.1 </span>Attributes</a></li><li class="tocline"><a href="#methods-2" class="tocxref"><span class="secno">4.2 </span>Methods</a></li><li class="tocline"><a href="#mediaencryptedevent" class="tocxref"><span class="secno">4.3 </span>MediaEncryptedEvent</a><ul class="toc"><li class="tocline"><a href="#constructors-1" class="tocxref"><span class="secno">4.3.1 </span>Constructors</a></li><li class="tocline"><a href="#attributes-4" class="tocxref"><span class="secno">4.3.2 </span>Attributes</a></li><li class="tocline"><a href="#mediaencryptedeventinit" class="tocxref"><span class="secno">4.3.3 </span>MediaEncryptedEventInit</a><ul class="toc"><li class="tocline"><a href="#dictionary-mediaencryptedeventinit-members" class="tocxref"><span class="secno">4.3.3.1 </span>Dictionary <span class="formerLink"><code>MediaEncryptedEventInit</code></span> Members</a></li></ul></li></ul></li><li class="tocline"><a href="#htmlmediaelement-events" class="tocxref"><span class="secno">4.4 </span>Event Summary</a></li><li class="tocline"><a href="#htmlmediaelement-algorithms" class="tocxref"><span class="secno">4.5 </span>Algorithms</a><ul class="toc"><li class="tocline"><a href="#algorithms-initdata-encountered" class="tocxref"><span class="secno">4.5.1 </span>Initialization Data Encountered</a></li><li class="tocline"><a href="#algorithms-encrypted-block" class="tocxref"><span class="secno">4.5.2 </span>Encrypted Block Encountered</a></li><li class="tocline"><a href="#algorithms-queue-waiting" class="tocxref"><span class="secno">4.5.3 </span>Queue a "waiting" Event</a></li><li class="tocline"><a href="#algorithms-resume-playback" class="tocxref"><span class="secno">4.5.4 </span>Attempt to Resume Playback If Necessary</a></li><li class="tocline"><a href="#htmlmediaelement-playing-the-media-resource" class="tocxref"><span class="secno">4.5.5 </span>Playing the Media Resource Algorithm Modifications</a></li></ul></li><li class="tocline"><a href="#media-element-restictions" class="tocxref"><span class="secno">4.6 </span>Media Element Restrictions</a></li></ul></li><li class="tocline"><a href="#common-key-systems" class="tocxref"><span class="secno">5. </span>Common Key Systems</a><ul class="toc"><li class="tocline"><a href="#clear-key" class="tocxref"><span class="secno">5.1 </span>Clear Key</a><ul class="toc"><li class="tocline"><a href="#clear-key-capabilities" class="tocxref"><span class="secno">5.1.1 </span>Capabilities</a></li><li class="tocline"><a href="#clear-key-behavior" class="tocxref"><span class="secno">5.1.2 </span>Behavior</a></li><li class="tocline"><a href="#clear-key-request-format" class="tocxref"><span class="secno">5.1.3 </span>License Request Format</a><ul class="toc"><li class="tocline"><a href="#clear-key-request-format-example" class="tocxref"><span class="secno">5.1.3.1 </span>Example</a></li></ul></li><li class="tocline"><a href="#clear-key-license-format" class="tocxref"><span class="secno">5.1.4 </span>License Format</a><ul class="toc"><li class="tocline"><a href="#clear-key-license-format-example" class="tocxref"><span class="secno">5.1.4.1 </span>Example</a></li></ul></li><li class="tocline"><a href="#using-base64url" class="tocxref"><span class="secno">5.1.5 </span>Using base64url</a></li></ul></li></ul></li><li class="tocline"><a href="#security" class="tocxref"><span class="secno">6. </span>Security Considerations</a></li><li class="tocline"><a href="#privacy" class="tocxref"><span class="secno">7. </span>Privacy Considerations</a><ul class="toc"><li class="tocline"><a href="#privacy-disclosure" class="tocxref"><span class="secno">7.1 </span>Information Disclosed by EME and Key Systems</a></li><li class="tocline"><a href="#privacy-fingerprinting" class="tocxref"><span class="secno">7.2 </span>Fingerprinting</a></li><li class="tocline"><a href="#privacy-leakage" class="tocxref"><span class="secno">7.3 </span>Information Leakage</a></li><li class="tocline"><a href="#privacy-tracking" class="tocxref"><span class="secno">7.4 </span>Tracking</a></li><li class="tocline"><a href="#privacy-storedinfo" class="tocxref"><span class="secno">7.5 </span>Information Stored on User Devices</a></li><li class="tocline"><a href="#privacy-secureorigin" class="tocxref"><span class="secno">7.6 </span>Use Secure Origin and Transport</a></li></ul></li><li class="tocline"><a href="#examples" class="tocxref"><span class="secno">8. </span>Examples</a><ul class="toc"><li class="tocline"><a href="#example-source-and-key-known" class="tocxref"><span class="secno">8.1 </span>Source and Key Known at Page Load (Clear Key)</a></li><li class="tocline"><a href="#example-selecting-key-system" class="tocxref"><span class="secno">8.2 </span>Selecting a Supported Key System and Using Initialization Data from the <span def-id="encrypted" class="formerLink"></span> Event</a></li><li class="tocline"><a href="#example-mediakeys-before-source" class="tocxref"><span class="secno">8.3 </span>Create MediaKeys Before Loading Media</a></li><li class="tocline"><a href="#example-using-all-events" class="tocxref"><span class="secno">8.4 </span>Using All Events</a></li><li class="tocline"><a href="#example-stored-license" class="tocxref"><span class="secno">8.5 </span>Stored License</a></li></ul></li><li class="tocline"><a href="#revision-history" class="tocxref"><span class="secno">9. </span>Revision History</a></li><li class="tocline"><a href="#references" class="tocxref"><span class="secno">A. </span>References</a><ul class="toc"><li class="tocline"><a href="#normative-references" class="tocxref"><span class="secno">A.1 </span>Normative references</a></li><li class="tocline"><a href="#informative-references" class="tocxref"><span class="secno">A.2 </span>Informative references</a></li></ul></li></ul></section>
+
- <!-- TODO: Indent the contents of each <section>. -->
- <section id="introduction" class="informative" typeof="bibo:Chapter" resource="#introduction" rel="bibo:Chapter">
- <!--OddPage--><h2 role="heading" id="h2_introduction"><span class="secno">1. </span>Introduction</h2><p><em>This section is non-normative.</em></p>
- <p>
- This proposal allows JavaScript to select content protection mechanisms, control license/key exchange, and implement custom license management algorithms.
- It supports a wide range of use cases without requiring client-side modifications in each user agent for each use case.
- This also enables content providers to develop a single application solution for all devices.
- A generic stack implemented using the proposed APIs is shown below.
- This diagram shows an example flow: other combinations of API calls and events are possible.
- </p>
- <img src="stack_overview.svg" alt="A generic stack implemented using the proposed APIs" height="700">
-
- <section id="definitions" typeof="bibo:Chapter" resource="#definitions" rel="bibo:Chapter">
- <h3 role="heading" id="h3_definitions"><span class="secno">1.1 </span>Definitions</h3>
-
- <dl>
- <dt id="cdm">Content Decryption Module (CDM)</dt>
- <dd>
- <p>The Content Decryption Module (CDM) is a generic term for the client component that provides the functionality, including decryption, for one or more <a href="#key-system">Key Systems</a>.</p>
- <div class="note"><div class="note-title" aria-level="2" role="heading" id="h_note_1"><span>Note</span></div><p class="">Implementations may or may not separate the implementations of CDMs or treat them as separate from the user agent.
- This is transparent to the API and application.</p></div>
- <p>A user agent <em class="rfc2119" title="MAY">MAY</em> support one or more CDMs.</p>
- </dd>
-
- <dt id="key-system">Key System</dt>
- <dd>
- <p>A Key System is a generic term for a decryption mechanism and/or content protection provider.
- Key System strings provide unique identification of a Key System.
- They are used by the user agent to select a <a href="#cdm">CDM</a> and identify the source of a key-related event.
- The <a href="#common-key-systems">Common Key Systems</a> are supported by all user agents. User agents <em class="rfc2119" title="MAY">MAY</em> also provide additional CDMs with corresponding Key System strings.
- </p>
-
- <p>A Key System string is always a reverse domain name.
- Key System strings are compared using case-sensitive matching. It is <em class="rfc2119" title="RECOMMENDED">RECOMMENDED</em> that CDMs use simple lower-case ASCII key system strings.</p>
- <div class="note"><div class="note-title" aria-level="2" role="heading" id="h_note_2"><span>Note</span></div><p class="">For example, "com.example.somesystem".</p></div>
-
- <div class="note"><div class="note-title" aria-level="2" role="heading" id="h_note_3"><span>Note</span></div><p class="">
- Within a given system ("somesystem" in the example), subsystems may be defined as determined by the key system provider.
- For example, "com.example.somesystem.1" and "com.example.somesystem.1_5".
- Key System providers should keep in mind that these will be used for comparison and discovery, so they should be easy to compare and the structure should remain reasonably simple.
- </p></div>
- </dd>
-
- <dt id="key-session">Key Session</dt>
- <dd>
- <p>A Key Session, or simply Session, provides a context for message exchange with the CDM as a result of which key(s) are made available to the <a href="#cdm">CDM</a>.
- Sessions are embodied as <code><a href="#idl-def-MediaKeySession">MediaKeySession</a></code> objects.
- Each Key session is associated with a single instance of <a href="#initialization-data">Initialization Data</a> provided in the <code><a href="#widl-MediaKeySession-generateRequest-Promise-void--DOMString-initDataType-ArrayBuffer-ArrayBufferView-initData">generateRequest()</a></code> call.
- </p>
- <p>Each Key Session is associated with a single <code><a href="#idl-def-MediaKeys">MediaKeys</a></code> object, and only media element(s) associated with that object may access key(s) associated with the session.
- Other <code><a href="#idl-def-MediaKeys">MediaKeys</a></code> objects, <a href="#cdm">CDM</a> instances, and media elements <em class="rfc2119" title="MUST NOT">MUST NOT</em> access the key session or use its key(s).
- Key sessions and the keys they contain are no longer usable by the CDM for decryption when the <a href="#algorithms-session-close">session is closed</a>, including when the <code><a href="#idl-def-MediaKeySession">MediaKeySession</a></code> object is destroyed.
- </p>
- </dd>
-
- <dt id="session-id">Session ID</dt>
- <dd>
- <p>A Session ID is a unique string identifier generated by the <a href="#cdm">CDM</a> that can be used by the application to identify <code><a href="#idl-def-MediaKeySession">MediaKeySession</a></code> objects.</p>
-
- <p>A new Session ID is generated each time the user agent and CDM successfully create a new session.</p>
-
- <p>Each Session ID <em class="rfc2119" title="SHALL">SHALL</em> be unique within the browsing context in which it was created.
- Session IDs for <code><a href="#idl-def-SessionType.persistent">"persistent"</a></code> sessions <em class="rfc2119" title="MUST">MUST</em> be unique within the <a href="http://www.w3.org/TR/html5/browsers.html#origin-0">origin</a> over time, including across browsing sessions.
- </p>
-
- <div class="note"><div class="note-title" aria-level="2" role="heading" id="h_note_4"><span>Note</span></div><p class="">The underlying content protection protocol does not necessarily need to support Session IDs.</p></div>
- </dd>
- <dt id="decryption-key">Key</dt>
- <dd>
- <p>Unless otherwise stated, key refers to a decryption key that can be used to decrypt blocks within <a href="http://www.w3.org/TR/html5/embedded-content-0.html#media-data">media data</a>.
- Each such key is uniquely identified by a <a href="#decryption-key-id">key ID</a>.
- A key is associated with the <a href="#key-session">session</a> used to provide it to the CDM. (The same key may be present in multiple sessions.)
- Such keys <em class="rfc2119" title="MUST">MUST</em> only be provided to the <a href="#cdm">CDM</a> via an <code><a href="#widl-MediaKeySession-update-Promise-void--ArrayBuffer-ArrayBufferView-response">update()</a></code> call. (They may later be loaded by <code><a href="#widl-MediaKeySession-load-Promise-boolean--DOMString-sessionId">load()</a></code> as part of the stored session data.)
- </p>
+ <section id="introduction" class="informative" typeof="bibo:Chapter" resource="#introduction" rel="bibo:Chapter">
+ <!--OddPage--><h2 role="heading" id="h2_introduction"><span class="secno">1. </span>Introduction</h2><p><em>This section is non-normative.</em></p>
+ <p>
+ This proposal allows JavaScript to select content protection mechanisms, control license/key exchange, and implement custom license management algorithms.
+ It supports a wide range of use cases without requiring client-side modifications in each user agent for each use case.
+ This also enables content providers to develop a single application solution for all devices.
+ A generic stack implemented using the proposed APIs is shown below.
+ This diagram shows an example flow: other combinations of API calls and events are possible.
+ </p>
+ <img src="stack_overview.svg" alt="A generic stack implemented using the proposed APIs" height="700">
+
+ <section id="definitions" typeof="bibo:Chapter" resource="#definitions" rel="bibo:Chapter">
+ <h3 role="heading" id="h3_definitions"><span class="secno">1.1 </span>Definitions</h3>
- <p>A key is considered <em>usable</em> if the CDM is certain the key is currently usable for decryption.</p>
- <div class="note"><div class="note-title" aria-level="2" role="heading" id="h_note_5"><span>Note</span></div><p class="">For example, a key is not usable if its license has expired.</p></div>
- </dd>
-
- <dt id="decryption-key-id">Key ID</dt>
- <dd>
- <p>A <a href="#decryption-key">key</a> is associated with a key ID, which uniquely identifies a key.
- The container specifies the ID of the key that can decrypt a block or set of blocks within the <a href="http://www.w3.org/TR/html5/embedded-content-0.html#media-data">media data</a>.
- <a href="#initialization-data">Initialization Data</a> <em class="rfc2119" title="MAY">MAY</em> contain key ID(s) to identify the keys that are needed to decrypt the media data.
- However, there is no requirement that Initialization Data contain any or all key IDs used in the <a href="http://www.w3.org/TR/html5/embedded-content-0.html#media-data">media data</a> or <a href="http://www.w3.org/TR/html5/embedded-content-0.html#media-resource">media resource</a>.
- <a href="#license">Licenses</a> provided to the CDM associate each key with a key ID so the <a href="#cdm">CDM</a> can select the appropriate key when decrypting an encrypted block of media data.
- </p>
- </dd>
-
- <dt id="license">License</dt>
- <dd>
- <p>A license is key system-specific state information that includes one or more <a href="#decryption-key">key(s)</a> - each associated with a <a href="#decryption-key-id">key ID</a> - and potentially other information about key usage.</p>
- </dd>
-
- <dt id="initialization-data">Initialization Data</dt>
- <dd>
- <div class="note"><div class="note-title" aria-level="2" role="heading" id="h_note_6"><span>Note</span></div><p class="">
- <a href="#key-system">Key Systems</a> usually require a block of initialization data containing information about the stream to be decrypted before they can construct a license request message.
- This block could be a simple key or content ID or a more complex structure containing such information.
- It should always allow unique identification of the key(s) needed to decrypt the content.
- This initialization information <em class="rfc2119" title="MAY">MAY</em> be obtained in some application-specific way or provided with the <a href="http://www.w3.org/TR/html5/embedded-content-0.html#media-data">media data</a>.
- </p></div>
-
- <p>
- Initialization Data is a generic term for container-specific data that is used by a <a href="#cdm">CDM</a> to generate a license request.
- Initialization data found with the <a href="http://www.w3.org/TR/html5/embedded-content-0.html#media-data">media data</a> is provided to the application in the <code><a href="#widl-MediaEncryptedEventInit-initData">initData</a></code> attribute of the <code><a href="#dom-evt-encrypted">encrypted</a></code> event.
- </p>
-
- <p>
- The format of the initialization data depends upon the type of container, and containers <em class="rfc2119" title="MAY">MAY</em> support more than one format
- of initialization data. The <dfn id="initialization-data-type">initialization data type</dfn> is a string that indicates what
- format the initialization data is provided in. Initialization data type strings are always matched case-sensitively. It is
- <em class="rfc2119" title="RECOMMENDED">RECOMMENDED</em> that initialization data type strings are lower-case ASCII strings.
- </p>
-
- <p>
- The Encrypted Media Extensions Stream Format and Initialization Data Format Registry [<cite><a class="bibref" href="#bib-EME-REGISTRY">EME-REGISTRY</a></cite>]
- provides the mapping from initialization data type string to the specification for each format.
- </p>
- </dd>
-
- <dt id="cross-origin">Cross Origin Limitations</dt>
- <dd>
- <p>During playback, embedded media data is exposed to script in the embedding <a href="http://www.w3.org/TR/html5/browsers.html#origin-0">origin</a>.
- In order for the API to provide <a href="#initialization-data">Initialization Data</a> in the <code><a href="#dom-evt-encrypted">encrypted</a></code> event, <a href="http://www.w3.org/TR/html5/embedded-content-0.html#media-data">media data</a> <em class="rfc2119" title="MUST">MUST</em> be <a href="http://www.w3.org/TR/html5/infrastructure.html#cors-same-origin">CORS-same-origin</a> with the embedding page.
- If <a href="http://www.w3.org/TR/html5/embedded-content-0.html#media-data">media data</a> is cross-origin with the embedding document, authors <em class="rfc2119" title="SHOULD">SHOULD</em> use the <code><a href="http://www.w3.org/TR/html5/embedded-content-0.html#attr-media-crossorigin">crossorigin</a></code> attribute
- on the <code><a href="http://www.w3.org/TR/html5/embedded-content-0.html#htmlmediaelement">HTMLMediaElement</a></code> and CORS headers on the <a href="http://www.w3.org/TR/html5/embedded-content-0.html#media-data">media data</a> response to make it <a href="http://www.w3.org/TR/html5/infrastructure.html#cors-same-origin">CORS-same-origin</a>.
- </p>
- </dd>
-
- <dt id="mixed-content">Mixed Content Limitations</dt>
- <dd>
- <p>During playback, embedded media data is exposed to script in the embedding <a href="http://www.w3.org/TR/html5/browsers.html#origin-0">origin</a>.
- In order for the API to provide <a href="#initialization-data">Initialization Data</a> in the <code><a href="#dom-evt-encrypted">encrypted</a></code> event, <a href="http://www.w3.org/TR/html5/embedded-content-0.html#media-data">media data</a> <em class="rfc2119" title="MUST NOT">MUST NOT</em> be Mixed Content [<cite><a class="bibref" href="#bib-MIXED-CONTENT">MIXED-CONTENT</a></cite>].
- </p>
- </dd>
- </dl>
- </section>
+ <dl>
+ <dt id="cdm">Content Decryption Module (CDM)</dt>
+ <dd>
+ <p>The Content Decryption Module (CDM) is a generic term for the client component that provides the functionality, including decryption, for one or more <a href="#key-system">Key Systems</a>.</p>
+ <div class="note"><div class="note-title" aria-level="2" role="heading" id="h_note_1"><span>Note</span></div><p class="">Implementations may or may not separate the implementations of CDMs or treat them as separate from the user agent.
+ This is transparent to the API and application.</p></div>
+ <p>A user agent <em class="rfc2119" title="MAY">MAY</em> support one or more CDMs.</p>
+ </dd>
+
+ <dt id="key-system">Key System</dt>
+ <dd>
+ <p>A Key System is a generic term for a decryption mechanism and/or content protection provider.
+ Key System strings provide unique identification of a Key System.
+ They are used by the user agent to select a <a href="#cdm">CDM</a> and identify the source of a key-related event.
+ The <a href="#common-key-systems">Common Key Systems</a> are supported by all user agents. User agents <em class="rfc2119" title="MAY">MAY</em> also provide additional CDMs with corresponding Key System strings.
+ </p>
+
+ <p>A Key System string is always a reverse domain name.
+ Key System strings are compared using case-sensitive matching. It is <em class="rfc2119" title="RECOMMENDED">RECOMMENDED</em> that CDMs use simple lower-case ASCII key system strings.</p>
+ <div class="note"><div class="note-title" aria-level="2" role="heading" id="h_note_2"><span>Note</span></div><p class="">For example, "com.example.somesystem".</p></div>
+
+ <div class="note"><div class="note-title" aria-level="2" role="heading" id="h_note_3"><span>Note</span></div><p class="">
+ Within a given system ("somesystem" in the example), subsystems may be defined as determined by the key system provider.
+ For example, "com.example.somesystem.1" and "com.example.somesystem.1_5".
+ Key System providers should keep in mind that these will be used for comparison and discovery, so they should be easy to compare and the structure should remain reasonably simple.
+ </p></div>
+ </dd>
+
+ <dt id="key-session">Key Session</dt>
+ <dd>
+ <p>A Key Session, or simply Session, provides a context for message exchange with the CDM as a result of which key(s) are made available to the <a href="#cdm">CDM</a>.
+ Sessions are embodied as <code><a href="#idl-def-MediaKeySession">MediaKeySession</a></code> objects.
+ Each Key session is associated with a single instance of <a href="#initialization-data">Initialization Data</a> provided in the <code><a href="#widl-MediaKeySession-generateRequest-Promise-void--DOMString-initDataType-ArrayBuffer-ArrayBufferView-initData">generateRequest()</a></code> call.
+ </p>
+ <p>Each Key Session is associated with a single <code><a href="#idl-def-MediaKeys">MediaKeys</a></code> object, and only media element(s) associated with that object may access key(s) associated with the session.
+ Other <code><a href="#idl-def-MediaKeys">MediaKeys</a></code> objects, <a href="#cdm">CDM</a> instances, and media elements <em class="rfc2119" title="MUST NOT">MUST NOT</em> access the key session or use its key(s).
+ Key sessions and the keys they contain are no longer usable by the CDM for decryption when the <a href="#algorithms-session-close">session is closed</a>, including when the <code><a href="#idl-def-MediaKeySession">MediaKeySession</a></code> object is destroyed.
+ </p>
+ </dd>
+
+ <dt id="session-id">Session ID</dt>
+ <dd>
+ <p>A Session ID is a unique string identifier generated by the <a href="#cdm">CDM</a> that can be used by the application to identify <code><a href="#idl-def-MediaKeySession">MediaKeySession</a></code> objects.</p>
+
+ <p>A new Session ID is generated each time the user agent and CDM successfully create a new session.</p>
+
+ <p>Each Session ID <em class="rfc2119" title="SHALL">SHALL</em> be unique within the browsing context in which it was created.
+ Session IDs for <code><a href="#idl-def-SessionType.persistent">"persistent"</a></code> sessions <em class="rfc2119" title="MUST">MUST</em> be unique within the <a href="http://www.w3.org/TR/html5/browsers.html#origin-0">origin</a> over time, including across browsing sessions.
+ </p>
+
+ <div class="note"><div class="note-title" aria-level="2" role="heading" id="h_note_4"><span>Note</span></div><p class="">The underlying content protection protocol does not necessarily need to support Session IDs.</p></div>
+ </dd>
+
+ <dt id="decryption-key">Key</dt>
+ <dd>
+ <p>Unless otherwise stated, key refers to a decryption key that can be used to decrypt blocks within <a href="http://www.w3.org/TR/html5/embedded-content-0.html#media-data">media data</a>.
+ Each such key is uniquely identified by a <a href="#decryption-key-id">key ID</a>.
+ A key is associated with the <a href="#key-session">session</a> used to provide it to the CDM. (The same key may be present in multiple sessions.)
+ Such keys <em class="rfc2119" title="MUST">MUST</em> only be provided to the <a href="#cdm">CDM</a> via an <code><a href="#widl-MediaKeySession-update-Promise-void--ArrayBuffer-ArrayBufferView-response">update()</a></code> call. (They may later be loaded by <code><a href="#widl-MediaKeySession-load-Promise-boolean--DOMString-sessionId">load()</a></code> as part of the stored session data.)
+ </p>
+
+ <p>A key is considered <em>usable</em> if the CDM is certain the key is currently usable for decryption.</p>
+ <div class="note"><div class="note-title" aria-level="2" role="heading" id="h_note_5"><span>Note</span></div><p class="">For example, a key is not usable if its license has expired.</p></div>
+ </dd>
+
+ <dt id="decryption-key-id">Key ID</dt>
+ <dd>
+ <p>A <a href="#decryption-key">key</a> is associated with a key ID, which uniquely identifies a key.
+ The container specifies the ID of the key that can decrypt a block or set of blocks within the <a href="http://www.w3.org/TR/html5/embedded-content-0.html#media-data">media data</a>.
+ <a href="#initialization-data">Initialization Data</a> <em class="rfc2119" title="MAY">MAY</em> contain key ID(s) to identify the keys that are needed to decrypt the media data.
+ However, there is no requirement that Initialization Data contain any or all key IDs used in the <a href="http://www.w3.org/TR/html5/embedded-content-0.html#media-data">media data</a> or <a href="http://www.w3.org/TR/html5/embedded-content-0.html#media-resource">media resource</a>.
+ <a href="#license">Licenses</a> provided to the CDM associate each key with a key ID so the <a href="#cdm">CDM</a> can select the appropriate key when decrypting an encrypted block of media data.
+ </p>
+ </dd>
+
+ <dt id="license">License</dt>
+ <dd>
+ <p>A license is key system-specific state information that includes one or more <a href="#decryption-key">key(s)</a> - each associated with a <a href="#decryption-key-id">key ID</a> - and potentially other information about key usage.</p>
+ </dd>
+
+ <dt id="initialization-data">Initialization Data</dt>
+ <dd>
+ <div class="note"><div class="note-title" aria-level="2" role="heading" id="h_note_6"><span>Note</span></div><p class="">
+ <a href="#key-system">Key Systems</a> usually require a block of initialization data containing information about the stream to be decrypted before they can construct a license request message.
+ This block could be a simple key or content ID or a more complex structure containing such information.
+ It should always allow unique identification of the key(s) needed to decrypt the content.
+ This initialization information <em class="rfc2119" title="MAY">MAY</em> be obtained in some application-specific way or provided with the <a href="http://www.w3.org/TR/html5/embedded-content-0.html#media-data">media data</a>.
+ </p></div>
+
+ <p>
+ Initialization Data is a generic term for container-specific data that is used by a <a href="#cdm">CDM</a> to generate a license request.
+ Initialization data found with the <a href="http://www.w3.org/TR/html5/embedded-content-0.html#media-data">media data</a> is provided to the application in the <code><a href="#widl-MediaEncryptedEventInit-initData">initData</a></code> attribute of the <code><a href="#dom-evt-encrypted">encrypted</a></code> event.
+ </p>
+
+ <p>
+ The format of the initialization data depends upon the type of container, and containers <em class="rfc2119" title="MAY">MAY</em> support more than one format
+ of initialization data. The <dfn id="initialization-data-type">initialization data type</dfn> is a string that indicates what
+ format the initialization data is provided in. Initialization data type strings are always matched case-sensitively. It is
+ <em class="rfc2119" title="RECOMMENDED">RECOMMENDED</em> that initialization data type strings are lower-case ASCII strings.
+ </p>
+
+ <p>
+ The Encrypted Media Extensions Stream Format and Initialization Data Format Registry [<cite><a class="bibref" href="#bib-EME-REGISTRY">EME-REGISTRY</a></cite>]
+ provides the mapping from initialization data type string to the specification for each format.
+ </p>
+ </dd>
+
+ <dt id="cross-origin">Cross Origin Limitations</dt>
+ <dd>
+ <p>During playback, embedded media data is exposed to script in the embedding <a href="http://www.w3.org/TR/html5/browsers.html#origin-0">origin</a>.
+ In order for the API to provide <a href="#initialization-data">Initialization Data</a> in the <code><a href="#dom-evt-encrypted">encrypted</a></code> event, <a href="http://www.w3.org/TR/html5/embedded-content-0.html#media-data">media data</a> <em class="rfc2119" title="MUST">MUST</em> be <a href="http://www.w3.org/TR/html5/infrastructure.html#cors-same-origin">CORS-same-origin</a> with the embedding page.
+ If <a href="http://www.w3.org/TR/html5/embedded-content-0.html#media-data">media data</a> is cross-origin with the embedding document, authors <em class="rfc2119" title="SHOULD">SHOULD</em> use the <code><a href="http://www.w3.org/TR/html5/embedded-content-0.html#attr-media-crossorigin">crossorigin</a></code> attribute
+ on the <code><a href="http://www.w3.org/TR/html5/embedded-content-0.html#htmlmediaelement">HTMLMediaElement</a></code> and CORS headers on the <a href="http://www.w3.org/TR/html5/embedded-content-0.html#media-data">media data</a> response to make it <a href="http://www.w3.org/TR/html5/infrastructure.html#cors-same-origin">CORS-same-origin</a>.
+ </p>
+ </dd>
+
+ <dt id="mixed-content">Mixed Content Limitations</dt>
+ <dd>
+ <p>During playback, embedded media data is exposed to script in the embedding <a href="http://www.w3.org/TR/html5/browsers.html#origin-0">origin</a>.
+ In order for the API to provide <a href="#initialization-data">Initialization Data</a> in the <code><a href="#dom-evt-encrypted">encrypted</a></code> event, <a href="http://www.w3.org/TR/html5/embedded-content-0.html#media-data">media data</a> <em class="rfc2119" title="MUST NOT">MUST NOT</em> be Mixed Content [<cite><a class="bibref" href="#bib-MIXED-CONTENT">MIXED-CONTENT</a></cite>].
+ </p>
+ </dd>
+ </dl>
+ </section>
</section>
+
<section id="mediakeys" typeof="bibo:Chapter" resource="#mediakeys" rel="bibo:Chapter">
- <!--OddPage--><h2 role="heading" id="h2_mediakeys"><span class="secno">2. </span>MediaKeys Object</h2>
- <p>The MediaKeys object represents a set of keys that an associated HTMLMediaElement can use for decryption of <a href="http://www.w3.org/TR/html5/embedded-content-0.html#media-data">media data</a> during playback.
- It also represents a CDM instance.
- </p>
- <p>For methods that return a promise, all errors are reported asynchronously by rejecting the returned Promise. This includes WebIDL type mapping errors.</p>
- <p>The steps of an algorithm are always aborted when resolving or rejecting a promise.</p>
-
- <div class="issue"><div class="issue-title" aria-level="1" role="heading" id="h_issue_1"><span>Issue 1</span></div><p class=""><a href="https://www.w3.org/Bugs/Public/show_bug.cgi?id=25923">Bug 25923</a> - Feature detection, including isTypeSupported(), and MediaKeys creation may change significantly.</p></div>
- <pre class="idl"><span class="idlEnum" id="idl-def-IsTypeSupportedResult">enum <span class="idlEnumID">IsTypeSupportedResult</span> {
+ <!--OddPage--><h2 role="heading" id="h2_mediakeys"><span class="secno">2. </span>MediaKeys Object</h2>
+ <p>The MediaKeys object represents a set of keys that an associated HTMLMediaElement can use for decryption of <a href="http://www.w3.org/TR/html5/embedded-content-0.html#media-data">media data</a> during playback.
+ It also represents a CDM instance.
+ </p>
+ <p>For methods that return a promise, all errors are reported asynchronously by rejecting the returned Promise. This includes WebIDL type mapping errors.</p>
+ <p>The steps of an algorithm are always aborted when resolving or rejecting a promise.</p>
+
+ <div class="issue"><div class="issue-title" aria-level="1" role="heading" id="h_issue_1"><span>Issue 1</span></div><p class=""><a href="https://www.w3.org/Bugs/Public/show_bug.cgi?id=25923">Bug 25923</a> - Feature detection, including isTypeSupported(), and MediaKeys creation may change significantly.</p></div>
+ <pre class="idl"><span class="idlEnum" id="idl-def-IsTypeSupportedResult">enum <span class="idlEnumID">IsTypeSupportedResult</span> {
"<a href="#idl-def-IsTypeSupportedResult.empty-string" class="idlEnumItem">/* empty string */</a>",
"<a href="#idl-def-IsTypeSupportedResult.maybe" class="idlEnumItem">maybe</a>",
"<a href="#idl-def-IsTypeSupportedResult.probably" class="idlEnumItem">probably</a>"
};</span></pre><table class="simple"><tbody><tr><th colspan="2">Enumeration description</th></tr><tr><td><code id="idl-def-IsTypeSupportedResult.empty-string">/* empty string */</code></td><td>
- The combination is not supported.
- </td></tr><tr><td><code id="idl-def-IsTypeSupportedResult.maybe">maybe</code></td><td>
- The combination may be supported.
- </td></tr><tr><td><code id="idl-def-IsTypeSupportedResult.probably">probably</code></td><td>
- The combination is likely supported.
- </td></tr></tbody></table>
-
- <pre class="idl"><span class="idlEnum" id="idl-def-SessionType">enum <span class="idlEnumID">SessionType</span> {
+ The combination is not supported.
+ </td></tr><tr><td><code id="idl-def-IsTypeSupportedResult.maybe">maybe</code></td><td>
+ The combination may be supported.
+ </td></tr><tr><td><code id="idl-def-IsTypeSupportedResult.probably">probably</code></td><td>
+ The combination is likely supported.
+ </td></tr></tbody></table>
+
+ <pre class="idl"><span class="idlEnum" id="idl-def-SessionType">enum <span class="idlEnumID">SessionType</span> {
"<a href="#idl-def-SessionType.temporary" class="idlEnumItem">temporary</a>",
"<a href="#idl-def-SessionType.persistent" class="idlEnumItem">persistent</a>"
};</span></pre><table class="simple"><tbody><tr><th colspan="2">Enumeration description</th></tr><tr><td><code id="idl-def-SessionType.temporary">temporary</code></td><td>
- A session for which a record of or data related to the session <em class="rfc2119" title="MUST NOT">MUST NOT</em> be persisted.
- The application need not worry about managing such storage.
- </td></tr><tr><td><code id="idl-def-SessionType.persistent">persistent</code></td><td>
- A session for which a record of or data related to the session <em class="rfc2119" title="MAY">MAY</em> be persisted.
- The application is responsible for managing any such storage that may be generated by the CDM.
- See <a href="#session-storage">Session Storage and Persistence</a>.
- </td></tr></tbody></table>
-
- <pre class="idl"><span class="idlInterface" id="idl-def-MediaKeys">interface <span class="idlInterfaceID">MediaKeys</span> {
+ A session for which a record of or data related to the session <em class="rfc2119" title="MUST NOT">MUST NOT</em> be persisted.
+ The application need not worry about managing such storage.
+ </td></tr><tr><td><code id="idl-def-SessionType.persistent">persistent</code></td><td>
+ A session for which a record of or data related to the session <em class="rfc2119" title="MAY">MAY</em> be persisted.
+ The application is responsible for managing any such storage that may be generated by the CDM.
+ See <a href="#session-storage">Session Storage and Persistence</a>.
+ </td></tr></tbody></table>
+
+ <pre class="idl"><span class="idlInterface" id="idl-def-MediaKeys">interface <span class="idlInterfaceID">MediaKeys</span> {
<span class="idlAttribute"> readonly attribute <span class="idlAttrType">DOMString</span> <span class="idlAttrName"><a href="#widl-MediaKeys-keySystem">keySystem</a></span>;</span>
<span class="idlMethod"> <span class="idlMethType"><a href="#idl-def-MediaKeySession" class="idlType"><code>MediaKeySession</code></a></span> <span class="idlMethName"><a href="#widl-MediaKeys-createSession-MediaKeySession-SessionType-sessionType">createSession</a></span> (<span class="idlParam">optional <span class="idlParamType"><a href="#idl-def-SessionType" class="idlType"><code>SessionType</code></a></span> <span class="idlParamName">sessionType</span> = <span class="idlDefaultValue">"temporary"</span></span>);</span>
<span class="idlMethod"> <span class="idlMethType">Promise<void></span> <span class="idlMethName"><a href="#widl-MediaKeys-setServerCertificate-Promise-void--ArrayBuffer-ArrayBufferView-serverCertificate">setServerCertificate</a></span> (<span class="idlParam"><span class="idlParamType">(ArrayBuffer or ArrayBufferView)</span> <span class="idlParamName">serverCertificate</span></span>);</span>
<span class="idlMethod"> static <span class="idlMethType">Promise<<a href="#idl-def-MediaKeys" class="idlType"><code>MediaKeys</code></a>></span> <span class="idlMethName"><a href="#widl-MediaKeys-create-Promise-MediaKeys--DOMString-keySystem">create</a></span> (<span class="idlParam"><span class="idlParamType">DOMString</span> <span class="idlParamName">keySystem</span></span>);</span>
<span class="idlMethod"> static <span class="idlMethType"><a href="#idl-def-IsTypeSupportedResult" class="idlType"><code>IsTypeSupportedResult</code></a></span> <span class="idlMethName"><a href="#widl-MediaKeys-isTypeSupported-IsTypeSupportedResult-DOMstring-keySystem-DOMString-initDataType-DOMString-contentType-DOMString-capability">isTypeSupported</a></span> (<span class="idlParam"><span class="idlParamType">DOMstring</span> <span class="idlParamName">keySystem</span></span>, <span class="idlParam">optional <span class="idlParamType">DOMString</span> <span class="idlParamName">initDataType</span></span>, <span class="idlParam">optional <span class="idlParamType">DOMString</span> <span class="idlParamName">contentType</span></span>, <span class="idlParam">optional <span class="idlParamType">DOMString</span> <span class="idlParamName">capability</span></span>);</span>
};</span></pre><section id="attributes"><h3 role="heading" id="h3_attributes"><span class="secno">2.1 </span>Attributes</h3><dl class="attributes"><dt id="widl-MediaKeys-keySystem"><code>keySystem</code> of type <span class="idlAttrType">DOMString</span>, readonly </dt><dd>
- Identifies the <a href="#key-system">Key System</a> being used.
- </dd></dl></section><section id="methods"><h3 role="heading" id="h3_methods"><span class="secno">2.2 </span>Methods</h3><dl class="methods"><dt id="widl-MediaKeys-create-Promise-MediaKeys--DOMString-keySystem"><code>create</code>, static</dt><dd>
- <p>Creates a new <code><a href="#idl-def-MediaKeys">MediaKeys</a></code> object for <var title="true">keySystem</var>.</p>
-
-
- <table class="parameters"><tbody><tr><th>Parameter</th><th>Type</th><th>Nullable</th><th>Optional</th><th>Description</th></tr><tr><td class="prmName">keySystem</td><td class="prmType"><code>DOMString</code></td><td class="prmNullFalse"><span role="img" aria-label="False">✘</span></td><td class="prmOptFalse"><span role="img" aria-label="False">✘</span></td><td class="prmDesc"></td></tr></tbody></table><div><em>Return type: </em><code>Promise<<a href="#idl-def-MediaKeys" class="idlType"><code>MediaKeys</code></a>></code></div><p>When this method is invoked, the user agent must run the following steps:</p><ol class="method-algorithm">
- <li><p>If <var title="true">keySystem</var> is an empty string, return a promise rejected with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is <code><a href="#dfn-InvalidAccessError">InvalidAccessError</a></code>.</p></li>
- <li><p>If <var title="true">keySystem</var> is not one of the <a href="#key-system">Key Systems</a> supported by the user agent, return a promise rejected with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is <code><a href="#dfn-NotSupportedError">NotSupportedError</a></code>. String comparison is case-sensitive.</p></li>
- <li><p>If <var title="true">keySystem</var> is not supported or not allowed in the <a href="http://www.w3.org/TR/html5/browsers.html#origin-0">origin</a> of the calling context's <a href="http://dom.spec.whatwg.org/#concept-document">Document</a>, return a promise rejected with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is <code><a href="#dfn-NotSupportedError">NotSupportedError</a></code>.</p></li>
- <li><p>Let <var>promise</var> be a new promise.</p></li>
- <li><p>Run the following steps asynchronously:</p>
- <ol>
- <li><p>Let <var title="true">cdm</var> be the <a href="#cdm">CDM</a> corresponding to <var title="true">keySystem</var>.</p></li>
- <li><p>Load and initialize the <var title="true">cdm</var> if necessary.</p></li>
- <li><p>If <var title="true">cdm</var> fails to load or initialize, reject <var>promise</var> with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is the appropriate <a href="#error-names">error name</a>.</p></li>
-
- <li>
- <p>Let <var title="true">media keys</var> be a new <code><a href="#idl-def-MediaKeys">MediaKeys</a></code> object, and initialize it as follows:</p>
- <ol>
- <li><p>Set the <code><a href="#widl-MediaKeys-keySystem">keySystem</a></code> attribute to <var title="true">keySystem</var>.</p></li>
- </ol>
- </li>
- <li><p>Resolve <var>promise</var> with <var title="true">media keys</var>.</p></li>
- </ol>
- </li>
- <li><p>Return <var>promise</var>.</p></li>
- </ol></dd><dt id="widl-MediaKeys-createSession-MediaKeySession-SessionType-sessionType"><code>createSession</code></dt><dd>
- <!-- TODO: Fix indentation here and for all other methods. -->
- <p>Returns a new <code><a href="#idl-def-MediaKeySession">MediaKeySession</a></code> object.</p>
-
-
- <table class="parameters"><tbody><tr><th>Parameter</th><th>Type</th><th>Nullable</th><th>Optional</th><th>Description</th></tr><tr><td class="prmName">sessionType</td><td class="prmType"><code><a href="#idl-def-SessionType" class="idlType"><code>SessionType</code></a> = "temporary"</code></td><td class="prmNullFalse"><span role="img" aria-label="False">✘</span></td><td class="prmOptTrue"><span role="img" aria-label="True">✔</span></td><td class="prmDesc"></td></tr></tbody></table><div><em>Return type: </em><code><a href="#idl-def-MediaKeySession" class="idlType"><code>MediaKeySession</code></a></code></div><p>When this method is invoked, the user agent must run the following steps:</p><ol class="method-algorithm">
- <!-- TODO: Reference the CDM loaded during initialization instead of "<a def-id="cdm"></a> corresponding to the <a def-id="keySystem-attribute"></a> attribute". Here and elsewhere. -->
- <li><p>If <var title="true">sessionType</var> is not supported by the <a href="#cdm">CDM</a> corresponding to the <code><a href="#widl-MediaKeys-keySystem">keySystem</a></code> attribute, throw a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is <code><a href="#dfn-NotSupportedError">NotSupportedError</a></code>.</p></li>
- <li><p>Let <var title="true">session</var> be a new <code><a href="#idl-def-MediaKeySession">MediaKeySession</a></code> object, and initialize it as follows:</p>
- <ol>
- <li><p>Let the <code><a href="#widl-MediaKeySession-sessionId">sessionId</a></code> attribute be the empty string.</p></li>
- <li><p>Let the <code><a href="#widl-MediaKeySession-expiration">expiration</a></code> attribute be <code>NaN</code>.</p></li>
- <li><p>Let the <code><a href="#widl-MediaKeySession-closed">closed</a></code> attribute be a new promise.</p></li>
- <li><p>Let the <var title="true">session type</var> be <var title="true">sessionType</var>.</p></li>
- <li><p>Let <var title="true">uninitialized</var> be true.</p></li>
- <li><p>Let <var title="true">callable</var> be false.</p></li>
- </ol>
- </li>
- <li><p>Return <var title="true">session</var>.</p></li>
- </ol></dd><dt id="widl-MediaKeys-isTypeSupported-IsTypeSupportedResult-DOMstring-keySystem-DOMString-initDataType-DOMString-contentType-DOMString-capability"><code>isTypeSupported</code>, static</dt><dd>
- <p>Returns whether <var title="true">keySystem</var> is supported with the <var title="true">initDataType</var>, container and codec(s) specified by <var title="true">contentType</var>, and <var title="true">capability</var>.</p>
- <p>The following list shows some examples.</p>
- <ul>
- <dl>
- <dt>Returns whether the Some System <a href="#key-system">Key System</a> may be supported. Specific containers and codecs may or may not be supported with Some System.</dt>
- <dd><div class="example">MediaKeys.isTypeSupported("com.example.somesystem")
- </div></dd><dt>Returns whether the Some System <a href="#key-system">Key System</a> may be supported and is capable of parsing the <a href="#initialization-data">Initialization Data</a> format "keyids". Specific containers and codecs may or may not be supported with Some System.</dt>
- <dd><div class="example">MediaKeys.isTypeSupported("com.example.somesystem", "keyids")</div></dd>
- <dt>Returns whether the Some System <a href="#key-system">Key System</a> may be supported and is capable of parsing the <a href="#initialization-data">Initialization Data</a> format <var title="true">initDataType</var>, the user agent is capable of demuxing the container specified by <var title="true">mimeType</var>, and the codec(s) specified by <var title="true">mimeType</var> are supported, all as specified by capability "foo".</dt>
- <dd><div class="example">MediaKeys.isTypeSupported("com.example.somesystem", <var title="true">initDataType</var>, <var title="true">mimeType</var>, "foo")</div></dd>
- <dt>Returns whether the user agent <em>probably</em> supports <a href="#clear-key">Clear Key</a> using the <a href="#initialization-data">Initialization Data</a> format <var title="true">initDataType</var> and the container and codec(s) specified by <var title="true">mimeType</var>.</dt>
- <dd><div class="example">"probably" == MediaKeys.isTypeSupported("org.w3.clearkey", <var title="true">initDataType</var>, <var title="true">mimeType</var>)</div></dd>
- </dl>
- </ul>
-
-
- <table class="parameters"><tbody><tr><th>Parameter</th><th>Type</th><th>Nullable</th><th>Optional</th><th>Description</th></tr><tr><td class="prmName">keySystem</td><td class="prmType"><code>DOMstring</code></td><td class="prmNullFalse"><span role="img" aria-label="False">✘</span></td><td class="prmOptFalse"><span role="img" aria-label="False">✘</span></td><td class="prmDesc"></td></tr><tr><td class="prmName">initDataType</td><td class="prmType"><code>DOMString</code></td><td class="prmNullFalse"><span role="img" aria-label="False">✘</span></td><td class="prmOptTrue"><span role="img" aria-label="True">✔</span></td><td class="prmDesc"></td></tr><tr><td class="prmName">contentType</td><td class="prmType"><code>DOMString</code></td><td class="prmNullFalse"><span role="img" aria-label="False">✘</span></td><td class="prmOptTrue"><span role="img" aria-label="True">✔</span></td><td class="prmDesc"></td></tr><tr><td class="prmName">capability</td><td class="prmType"><code>DOMString</code></td><td class="prmNullFalse"><span role="img" aria-label="False">✘</span></td><td class="prmOptTrue"><span role="img" aria-label="True">✔</span></td><td class="prmDesc"></td></tr></tbody></table><div><em>Return type: </em><code><a href="#idl-def-IsTypeSupportedResult" class="idlType"><code>IsTypeSupportedResult</code></a></code></div><p>When this method is invoked, the user agent must run the following steps:</p><ol class="method-algorithm">
- <li><p>If <var title="true">keySystem</var> is an empty string or contains an unrecognized or unsupported <a href="#key-system">Key System</a>, return <code><a href="#idl-def-IsTypeSupportedResult.empty-string">""</a></code> and abort these steps. String comparison is case-sensitive.</p></li>
- <li><p>If the <var title="true">keySystem</var> implementation is not available and usable, return <code><a href="#idl-def-IsTypeSupportedResult.empty-string">""</a></code> and abort these steps.</p></li>
- <li><p>Follow the steps for the first matching condition from the following list:</p>
- <dl class="switch">
- <dt>If <var title="true">keySystem</var> is a value that may be successfully passed to <code><a href="#widl-MediaKeys-create-Promise-MediaKeys--DOMString-keySystem">create()</a></code></dt>
- <dd>Let <var title="true">probably result</var> be <code><a href="#idl-def-IsTypeSupportedResult.probably">"probably"</a></code>.</dd>
- <dt>Otherwise</dt>
- <dd>Let <var title="true">probably result</var> be <code><a href="#idl-def-IsTypeSupportedResult.maybe">"maybe"</a></code>.</dd>
- <div class="note"><div class="note-title" aria-level="2" role="heading" id="h_note_7"><span>Note</span></div><p class="">This may, for example, be the case for strings that are only used for discovery.</p></div>
- </dl>
- </li>
+ Identifies the <a href="#key-system">Key System</a> being used.
+ </dd></dl></section><section id="methods"><h3 role="heading" id="h3_methods"><span class="secno">2.2 </span>Methods</h3><dl class="methods"><dt id="widl-MediaKeys-create-Promise-MediaKeys--DOMString-keySystem"><code>create</code>, static</dt><dd>
+ <p>Creates a new <code><a href="#idl-def-MediaKeys">MediaKeys</a></code> object for <var title="true">keySystem</var>.</p>
- <li><p>If <var title="true">initDataType</var> was not provided, follow the steps for the first matching condition from the following list and abort these steps:</p>
- <dl class="switch">
- <dt>If the user agent is <em>not</em> confident that the <var title="true">keySystem</var> implementation is available and usable</dt>
- <dd>Return <code><a href="#idl-def-IsTypeSupportedResult.maybe">"maybe"</a></code>.</dd>
- <dt>Otherwise</dt>
- <dd>Return <var title="true">probably result</var>.</dd>
- </dl>
- </li>
-
- <li><p>If <var title="true">initDataType</var> is an empty string or contains an unrecognized or unsupported <a href="#initialization-data">Initialization Data</a>, return <code><a href="#idl-def-IsTypeSupportedResult.empty-string">""</a></code> and abort these steps. String comparison is case-sensitive.</p></li>
- <li><p>If <var title="true">initDataType</var> is not an <a href="#initialization-data">Initialization Data</a> supported by the <var title="true">keySystem</var> implementation, return <code><a href="#idl-def-IsTypeSupportedResult.empty-string">""</a></code> and abort these steps.</p></li>
- <li><p>If the <var title="true">keySystem</var> implementation supporting <var title="true">initDataType</var> is not available and usable, return <code><a href="#idl-def-IsTypeSupportedResult.empty-string">""</a></code> and abort these steps.</p></li>
- <li><p>If <var title="true">contentType</var> was not provided, follow the steps for the first matching condition from the following list and abort these steps:</p>
- <dl class="switch">
- <dt>If the user agent is <em>not</em> confident that the <var title="true">keySystem</var> implementation supporting <var title="true">initDataType</var> is available and usable</dt>
- <dd>Return <code><a href="#idl-def-IsTypeSupportedResult.maybe">"maybe"</a></code>.</dd>
- <dt>Otherwise</dt>
- <dd>Return <var title="true">probably result</var>.</dd>
- </dl>
- </li>
-
- <li><p>If <var title="true">contentType</var> is an empty string or contains an invalid or unrecognized MIME type, return <code><a href="#idl-def-IsTypeSupportedResult.empty-string">""</a></code> and abort these steps.</p></li>
- <li><p>Let <var title="true">container</var> be the container type specified by <var title="true">contentType</var>.</p></li>
- <li><p>Let <var title="true">parameters</var> be the RFC 6381 [<cite><a class="bibref" href="#bib-RFC6381">RFC6381</a></cite>] parameters, if any, specified by <var title="true">contentType</var>.</p></li>
- <li><p>Let <var title="true">media types</var> be the set of media types specified by <var title="true">parameters</var>. It <em class="rfc2119" title="MAY">MAY</em> be empty. The case-sensitivity of string comparisons is determined by the appropriate RFC or other specification.</p>
- <div class="note"><div class="note-title" aria-level="2" role="heading" id="h_note_8"><span>Note</span></div><p class="">For example, all of the codecs. Case-sensitive string comparison is <em class="rfc2119" title="RECOMMENDED">RECOMMENDED</em> because RFC 6381 [<cite><a class="bibref" href="#bib-RFC6381">RFC6381</a></cite>] says, "Values are case sensitive" for some formats.</p></div>
- </li>
- <li><p>If the user agent does not support <var title="true">container</var>, return <code><a href="#idl-def-IsTypeSupportedResult.empty-string">""</a></code> and abort these steps. The case-sensitivity of string comparisons is determined by the appropriate RFC.</p>
- <div class="note"><div class="note-title" aria-level="2" role="heading" id="h_note_9"><span>Note</span></div><p class="">Per RFC 6838 [<cite><a class="bibref" href="#bib-RFC6838">RFC6838</a></cite>], "Both top-level type and subtype names are case-insensitive."</p></div>
- </li>
- <li><p>If the user agent and <var title="true">keySystem</var> implementation do not support playback of encrypted <a href="http://www.w3.org/TR/html5/embedded-content-0.html#media-data">media data</a> for all <var title="true">media types</var>, return <code><a href="#idl-def-IsTypeSupportedResult.empty-string">""</a></code> and abort these steps.</p></li>
- <li><p>If <var title="true">capability</var> was not provided, follow the steps for the first matching condition from the following list and abort these steps:</p>
- <dl class="switch">
- <dt>If the user agent is <em>not</em> confident that the <var title="true">keySystem</var> implementation supporting <var title="true">initDataType</var> is available and usable to decrypt and enable playback of support playback of encrypted <a href="http://www.w3.org/TR/html5/embedded-content-0.html#media-data">media data</a> for all <var title="true">media types</var></dt>
- <dd>Return <code><a href="#idl-def-IsTypeSupportedResult.maybe">"maybe"</a></code>.</dd>
- <dt>If the user agent did <em>not</em> recognize one or more <var title="true">parameters</var></dt>
- <dd>Return <code><a href="#idl-def-IsTypeSupportedResult.maybe">"maybe"</a></code>.</dd>
- <dt>Otherwise</dt>
- <dd>Return <var title="true">probably result</var>.</dd>
- </dl>
- </li>
+
+ <table class="parameters"><tbody><tr><th>Parameter</th><th>Type</th><th>Nullable</th><th>Optional</th><th>Description</th></tr><tr><td class="prmName">keySystem</td><td class="prmType"><code>DOMString</code></td><td class="prmNullFalse"><span role="img" aria-label="False">✘</span></td><td class="prmOptFalse"><span role="img" aria-label="False">✘</span></td><td class="prmDesc"></td></tr></tbody></table><div><em>Return type: </em><code>Promise<<a href="#idl-def-MediaKeys" class="idlType"><code>MediaKeys</code></a>></code></div><p>When this method is invoked, the user agent must run the following steps:</p><ol class="method-algorithm">
+ <li><p>If <var title="true">keySystem</var> is an empty string, return a promise rejected with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is <code><a href="#dfn-InvalidAccessError">InvalidAccessError</a></code>.</p></li>
+ <li><p>If <var title="true">keySystem</var> is not one of the <a href="#key-system">Key Systems</a> supported by the user agent, return a promise rejected with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is <code><a href="#dfn-NotSupportedError">NotSupportedError</a></code>. String comparison is case-sensitive.</p></li>
+ <li><p>If <var title="true">keySystem</var> is not supported or not allowed in the <a href="http://www.w3.org/TR/html5/browsers.html#origin-0">origin</a> of the calling context's <a href="http://dom.spec.whatwg.org/#concept-document">Document</a>, return a promise rejected with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is <code><a href="#dfn-NotSupportedError">NotSupportedError</a></code>.</p></li>
+ <li><p>Let <var>promise</var> be a new promise.</p></li>
+ <li><p>Run the following steps asynchronously:</p>
+ <ol>
+ <li><p>Let <var title="true">cdm</var> be the <a href="#cdm">CDM</a> corresponding to <var title="true">keySystem</var>.</p></li>
+ <li><p>Load and initialize the <var title="true">cdm</var> if necessary.</p></li>
+ <li><p>If <var title="true">cdm</var> fails to load or initialize, reject <var>promise</var> with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is the appropriate <a href="#error-names">error name</a>.</p></li>
- <li><p>If <var title="true">capability</var> is an empty string, return <code><a href="#idl-def-IsTypeSupportedResult.empty-string">""</a></code> and abort these steps.</p></li>
- <li><p>If the <var title="true">keySystem</var> implementation does not support <var title="true">capability</var>, return <code><a href="#idl-def-IsTypeSupportedResult.empty-string">""</a></code> and abort these steps. String comparison is case-sensitive.</p></li>
- <li><p>Follow the steps for the first matching condition from the following list:</p>
- <dl class="switch">
- <dt>If the user agent is <em>not</em> confident that the <var title="true">keySystem</var> implementation supporting <var title="true">initDataType</var> is available and usable to decrypt and enable playback of support playback of encrypted <a href="http://www.w3.org/TR/html5/embedded-content-0.html#media-data">media data</a> for all <var title="true">media types</var> as specified by <var title="true">capability</var></dt>
- <dd>Return <code><a href="#idl-def-IsTypeSupportedResult.maybe">"maybe"</a></code>.</dd>
- <dt>If the user agent did <em>not</em> recognize one or more <var title="true">parameters</var></dt>
- <dd>Return <code><a href="#idl-def-IsTypeSupportedResult.maybe">"maybe"</a></code>.</dd>
- <dt>Otherwise</dt>
- <dd>Return <var title="true">probably result</var>.</dd>
- </dl>
- </li>
- </ol></dd><dt id="widl-MediaKeys-setServerCertificate-Promise-void--ArrayBuffer-ArrayBufferView-serverCertificate"><code>setServerCertificate</code></dt><dd>
- <p id="server-certificate">Provides a server certificate to be used to encrypt messages to the license server.</p>
- <div class="note"><div class="note-title" aria-level="2" role="heading" id="h_note_10"><span>Note</span></div><p class="">The contents of <var title="true">serverCertificate</var> are <a href="#key-system">Key System</a>-specific.</p></div>
- <div class="note"><div class="note-title" aria-level="2" role="heading" id="h_note_11"><span>Note</span></div><p class="">Key systems that use such certificates should also support requesting the certificate from the server via an additional round trip. This simplifies interoperability for applications that are not designed to provide certificates to specific key systems.</p></div>
-
-
- <table class="parameters"><tbody><tr><th>Parameter</th><th>Type</th><th>Nullable</th><th>Optional</th><th>Description</th></tr><tr><td class="prmName">serverCertificate</td><td class="prmType"><code>(ArrayBuffer or ArrayBufferView)</code></td><td class="prmNullFalse"><span role="img" aria-label="False">✘</span></td><td class="prmOptFalse"><span role="img" aria-label="False">✘</span></td><td class="prmDesc"></td></tr></tbody></table><div><em>Return type: </em><code>Promise<void></code></div><p>When this method is invoked, the user agent must run the following steps:</p><ol class="method-algorithm">
- <li><p>If <var title="true">serverCertificate</var> is an empty array, return a promise rejected with a new a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is <code><a href="#dfn-InvalidAccessError">InvalidAccessError</a></code>.</p></li>
- <li><p>If the <a href="#cdm">CDM</a> corresponding to the <code><a href="#widl-MediaKeys-keySystem">keySystem</a></code> attribute does not support server certificates, return a promise rejected with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is <code><a href="#dfn-NotSupportedError">NotSupportedError</a></code>.</p></li>
- <li><p>Let <var>certificate</var> be a copy of the contents of the <var title="true">serverCertificate</var> parameter.</p></li>
- <li><p>Let <var>promise</var> be a new promise.</p></li>
- <li><p>Run the following steps asynchronously:</p>
- <ol>
- <li><p>Let <var title="true">cdm</var> be the <var title="true">cdm</var> during the <a href="#widl-MediaKeys-create-Promise-MediaKeys--DOMString-keySystem">initialization</a> of this object.</p></li>
- <li><p>Use the <var title="true">cdm</var> to process <var>certificate</var>.</p></li>
- <li><p>If any of the preceding steps failed, reject <var>promise</var> with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is the appropriate <a href="#error-names">error name</a>.</p></li>
- <li><p>Resolve <var>promise</var>.</p></li>
- </ol>
- </li>
- <li><p>Return <var>promise</var>.</p></li>
- </ol></dd></dl></section>
+ <li>
+ <p>Let <var title="true">media keys</var> be a new <code><a href="#idl-def-MediaKeys">MediaKeys</a></code> object, and initialize it as follows:</p>
+ <ol>
+ <li><p>Set the <code><a href="#widl-MediaKeys-keySystem">keySystem</a></code> attribute to <var title="true">keySystem</var>.</p></li>
+ </ol>
+ </li>
+ <li><p>Resolve <var>promise</var> with <var title="true">media keys</var>.</p></li>
+ </ol>
+ </li>
+ <li><p>Return <var>promise</var>.</p></li>
+ </ol></dd><dt id="widl-MediaKeys-createSession-MediaKeySession-SessionType-sessionType"><code>createSession</code></dt><dd>
+ <p>Returns a new <code><a href="#idl-def-MediaKeySession">MediaKeySession</a></code> object.</p>
+
+
+ <table class="parameters"><tbody><tr><th>Parameter</th><th>Type</th><th>Nullable</th><th>Optional</th><th>Description</th></tr><tr><td class="prmName">sessionType</td><td class="prmType"><code><a href="#idl-def-SessionType" class="idlType"><code>SessionType</code></a> = "temporary"</code></td><td class="prmNullFalse"><span role="img" aria-label="False">✘</span></td><td class="prmOptTrue"><span role="img" aria-label="True">✔</span></td><td class="prmDesc"></td></tr></tbody></table><div><em>Return type: </em><code><a href="#idl-def-MediaKeySession" class="idlType"><code>MediaKeySession</code></a></code></div><p>When this method is invoked, the user agent must run the following steps:</p><ol class="method-algorithm">
+ <!-- TODO: Reference the CDM loaded during initialization instead of "<a def-id="cdm"></a> corresponding to the <a def-id="keySystem-attribute"></a> attribute". Here and elsewhere. -->
+ <li><p>If <var title="true">sessionType</var> is not supported by the <a href="#cdm">CDM</a> corresponding to the <code><a href="#widl-MediaKeys-keySystem">keySystem</a></code> attribute, throw a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is <code><a href="#dfn-NotSupportedError">NotSupportedError</a></code>.</p></li>
+ <li><p>Let <var title="true">session</var> be a new <code><a href="#idl-def-MediaKeySession">MediaKeySession</a></code> object, and initialize it as follows:</p>
+ <ol>
+ <li><p>Let the <code><a href="#widl-MediaKeySession-sessionId">sessionId</a></code> attribute be the empty string.</p></li>
+ <li><p>Let the <code><a href="#widl-MediaKeySession-expiration">expiration</a></code> attribute be <code>NaN</code>.</p></li>
+ <li><p>Let the <code><a href="#widl-MediaKeySession-closed">closed</a></code> attribute be a new promise.</p></li>
+ <li><p>Let the <var title="true">session type</var> be <var title="true">sessionType</var>.</p></li>
+ <li><p>Let <var title="true">uninitialized</var> be true.</p></li>
+ <li><p>Let <var title="true">callable</var> be false.</p></li>
+ </ol>
+ </li>
+ <li><p>Return <var title="true">session</var>.</p></li>
+ </ol></dd><dt id="widl-MediaKeys-isTypeSupported-IsTypeSupportedResult-DOMstring-keySystem-DOMString-initDataType-DOMString-contentType-DOMString-capability"><code>isTypeSupported</code>, static</dt><dd>
+ <p>Returns whether <var title="true">keySystem</var> is supported with the <var title="true">initDataType</var>, container and codec(s) specified by <var title="true">contentType</var>, and <var title="true">capability</var>.</p>
+ <p>The following list shows some examples.</p>
+ <ul>
+ <dl>
+ <dt>Returns whether the Some System <a href="#key-system">Key System</a> may be supported. Specific containers and codecs may or may not be supported with Some System.</dt>
+ <dd><div class="example">MediaKeys.isTypeSupported("com.example.somesystem")
+ </div></dd><dt>Returns whether the Some System <a href="#key-system">Key System</a> may be supported and is capable of parsing the <a href="#initialization-data">Initialization Data</a> format "keyids". Specific containers and codecs may or may not be supported with Some System.</dt>
+ <dd><div class="example">MediaKeys.isTypeSupported("com.example.somesystem", "keyids")</div></dd>
+ <dt>Returns whether the Some System <a href="#key-system">Key System</a> may be supported and is capable of parsing the <a href="#initialization-data">Initialization Data</a> format <var title="true">initDataType</var>, the user agent is capable of demuxing the container specified by <var title="true">mimeType</var>, and the codec(s) specified by <var title="true">mimeType</var> are supported, all as specified by capability "foo".</dt>
+ <dd><div class="example">MediaKeys.isTypeSupported("com.example.somesystem", <var title="true">initDataType</var>, <var title="true">mimeType</var>, "foo")</div></dd>
+ <dt>Returns whether the user agent <em>probably</em> supports <a href="#clear-key">Clear Key</a> using the <a href="#initialization-data">Initialization Data</a> format <var title="true">initDataType</var> and the container and codec(s) specified by <var title="true">mimeType</var>.</dt>
+ <dd><div class="example">"probably" == MediaKeys.isTypeSupported("org.w3.clearkey", <var title="true">initDataType</var>, <var title="true">mimeType</var>)</div></dd>
+ </dl>
+ </ul>
+
+
+ <table class="parameters"><tbody><tr><th>Parameter</th><th>Type</th><th>Nullable</th><th>Optional</th><th>Description</th></tr><tr><td class="prmName">keySystem</td><td class="prmType"><code>DOMstring</code></td><td class="prmNullFalse"><span role="img" aria-label="False">✘</span></td><td class="prmOptFalse"><span role="img" aria-label="False">✘</span></td><td class="prmDesc"></td></tr><tr><td class="prmName">initDataType</td><td class="prmType"><code>DOMString</code></td><td class="prmNullFalse"><span role="img" aria-label="False">✘</span></td><td class="prmOptTrue"><span role="img" aria-label="True">✔</span></td><td class="prmDesc"></td></tr><tr><td class="prmName">contentType</td><td class="prmType"><code>DOMString</code></td><td class="prmNullFalse"><span role="img" aria-label="False">✘</span></td><td class="prmOptTrue"><span role="img" aria-label="True">✔</span></td><td class="prmDesc"></td></tr><tr><td class="prmName">capability</td><td class="prmType"><code>DOMString</code></td><td class="prmNullFalse"><span role="img" aria-label="False">✘</span></td><td class="prmOptTrue"><span role="img" aria-label="True">✔</span></td><td class="prmDesc"></td></tr></tbody></table><div><em>Return type: </em><code><a href="#idl-def-IsTypeSupportedResult" class="idlType"><code>IsTypeSupportedResult</code></a></code></div><p>When this method is invoked, the user agent must run the following steps:</p><ol class="method-algorithm">
+ <li><p>If <var title="true">keySystem</var> is an empty string or contains an unrecognized or unsupported <a href="#key-system">Key System</a>, return <code><a href="#idl-def-IsTypeSupportedResult.empty-string">""</a></code> and abort these steps. String comparison is case-sensitive.</p></li>
+ <li><p>If the <var title="true">keySystem</var> implementation is not available and usable, return <code><a href="#idl-def-IsTypeSupportedResult.empty-string">""</a></code> and abort these steps.</p></li>
+ <li><p>Follow the steps for the first matching condition from the following list:</p>
+ <dl class="switch">
+ <dt>If <var title="true">keySystem</var> is a value that may be successfully passed to <code><a href="#widl-MediaKeys-create-Promise-MediaKeys--DOMString-keySystem">create()</a></code></dt>
+ <dd>Let <var title="true">probably result</var> be <code><a href="#idl-def-IsTypeSupportedResult.probably">"probably"</a></code>.</dd>
+ <dt>Otherwise</dt>
+ <dd>Let <var title="true">probably result</var> be <code><a href="#idl-def-IsTypeSupportedResult.maybe">"maybe"</a></code>.</dd>
+ <div class="note"><div class="note-title" aria-level="2" role="heading" id="h_note_7"><span>Note</span></div><p class="">This may, for example, be the case for strings that are only used for discovery.</p></div>
+ </dl>
+ </li>
+
+ <li><p>If <var title="true">initDataType</var> was not provided, follow the steps for the first matching condition from the following list and abort these steps:</p>
+ <dl class="switch">
+ <dt>If the user agent is <em>not</em> confident that the <var title="true">keySystem</var> implementation is available and usable</dt>
+ <dd>Return <code><a href="#idl-def-IsTypeSupportedResult.maybe">"maybe"</a></code>.</dd>
+ <dt>Otherwise</dt>
+ <dd>Return <var title="true">probably result</var>.</dd>
+ </dl>
+ </li>
+
+ <li><p>If <var title="true">initDataType</var> is an empty string or contains an unrecognized or unsupported <a href="#initialization-data">Initialization Data</a>, return <code><a href="#idl-def-IsTypeSupportedResult.empty-string">""</a></code> and abort these steps. String comparison is case-sensitive.</p></li>
+ <li><p>If <var title="true">initDataType</var> is not an <a href="#initialization-data">Initialization Data</a> supported by the <var title="true">keySystem</var> implementation, return <code><a href="#idl-def-IsTypeSupportedResult.empty-string">""</a></code> and abort these steps.</p></li>
+ <li><p>If the <var title="true">keySystem</var> implementation supporting <var title="true">initDataType</var> is not available and usable, return <code><a href="#idl-def-IsTypeSupportedResult.empty-string">""</a></code> and abort these steps.</p></li>
+ <li><p>If <var title="true">contentType</var> was not provided, follow the steps for the first matching condition from the following list and abort these steps:</p>
+ <dl class="switch">
+ <dt>If the user agent is <em>not</em> confident that the <var title="true">keySystem</var> implementation supporting <var title="true">initDataType</var> is available and usable</dt>
+ <dd>Return <code><a href="#idl-def-IsTypeSupportedResult.maybe">"maybe"</a></code>.</dd>
+ <dt>Otherwise</dt>
+ <dd>Return <var title="true">probably result</var>.</dd>
+ </dl>
+ </li>
+
+ <li><p>If <var title="true">contentType</var> is an empty string or contains an invalid or unrecognized MIME type, return <code><a href="#idl-def-IsTypeSupportedResult.empty-string">""</a></code> and abort these steps.</p></li>
+ <li><p>Let <var title="true">container</var> be the container type specified by <var title="true">contentType</var>.</p></li>
+ <li><p>Let <var title="true">parameters</var> be the RFC 6381 [<cite><a class="bibref" href="#bib-RFC6381">RFC6381</a></cite>] parameters, if any, specified by <var title="true">contentType</var>.</p></li>
+ <li><p>Let <var title="true">media types</var> be the set of media types specified by <var title="true">parameters</var>. It <em class="rfc2119" title="MAY">MAY</em> be empty. The case-sensitivity of string comparisons is determined by the appropriate RFC or other specification.</p>
+ <div class="note"><div class="note-title" aria-level="2" role="heading" id="h_note_8"><span>Note</span></div><p class="">For example, all of the codecs. Case-sensitive string comparison is <em class="rfc2119" title="RECOMMENDED">RECOMMENDED</em> because RFC 6381 [<cite><a class="bibref" href="#bib-RFC6381">RFC6381</a></cite>] says, "Values are case sensitive" for some formats.</p></div>
+ </li>
+ <li><p>If the user agent does not support <var title="true">container</var>, return <code><a href="#idl-def-IsTypeSupportedResult.empty-string">""</a></code> and abort these steps. The case-sensitivity of string comparisons is determined by the appropriate RFC.</p>
+ <div class="note"><div class="note-title" aria-level="2" role="heading" id="h_note_9"><span>Note</span></div><p class="">Per RFC 6838 [<cite><a class="bibref" href="#bib-RFC6838">RFC6838</a></cite>], "Both top-level type and subtype names are case-insensitive."</p></div>
+ </li>
+ <li><p>If the user agent and <var title="true">keySystem</var> implementation do not support playback of encrypted <a href="http://www.w3.org/TR/html5/embedded-content-0.html#media-data">media data</a> for all <var title="true">media types</var>, return <code><a href="#idl-def-IsTypeSupportedResult.empty-string">""</a></code> and abort these steps.</p></li>
+ <li><p>If <var title="true">capability</var> was not provided, follow the steps for the first matching condition from the following list and abort these steps:</p>
+ <dl class="switch">
+ <dt>If the user agent is <em>not</em> confident that the <var title="true">keySystem</var> implementation supporting <var title="true">initDataType</var> is available and usable to decrypt and enable playback of support playback of encrypted <a href="http://www.w3.org/TR/html5/embedded-content-0.html#media-data">media data</a> for all <var title="true">media types</var></dt>
+ <dd>Return <code><a href="#idl-def-IsTypeSupportedResult.maybe">"maybe"</a></code>.</dd>
+ <dt>If the user agent did <em>not</em> recognize one or more <var title="true">parameters</var></dt>
+ <dd>Return <code><a href="#idl-def-IsTypeSupportedResult.maybe">"maybe"</a></code>.</dd>
+ <dt>Otherwise</dt>
+ <dd>Return <var title="true">probably result</var>.</dd>
+ </dl>
+ </li>
+
+ <li><p>If <var title="true">capability</var> is an empty string, return <code><a href="#idl-def-IsTypeSupportedResult.empty-string">""</a></code> and abort these steps.</p></li>
+ <li><p>If the <var title="true">keySystem</var> implementation does not support <var title="true">capability</var>, return <code><a href="#idl-def-IsTypeSupportedResult.empty-string">""</a></code> and abort these steps. String comparison is case-sensitive.</p></li>
+ <li><p>Follow the steps for the first matching condition from the following list:</p>
+ <dl class="switch">
+ <dt>If the user agent is <em>not</em> confident that the <var title="true">keySystem</var> implementation supporting <var title="true">initDataType</var> is available and usable to decrypt and enable playback of support playback of encrypted <a href="http://www.w3.org/TR/html5/embedded-content-0.html#media-data">media data</a> for all <var title="true">media types</var> as specified by <var title="true">capability</var></dt>
+ <dd>Return <code><a href="#idl-def-IsTypeSupportedResult.maybe">"maybe"</a></code>.</dd>
+ <dt>If the user agent did <em>not</em> recognize one or more <var title="true">parameters</var></dt>
+ <dd>Return <code><a href="#idl-def-IsTypeSupportedResult.maybe">"maybe"</a></code>.</dd>
+ <dt>Otherwise</dt>
+ <dd>Return <var title="true">probably result</var>.</dd>
+ </dl>
+ </li>
+ </ol></dd><dt id="widl-MediaKeys-setServerCertificate-Promise-void--ArrayBuffer-ArrayBufferView-serverCertificate"><code>setServerCertificate</code></dt><dd>
+ <p id="server-certificate">Provides a server certificate to be used to encrypt messages to the license server.</p>
+ <div class="note"><div class="note-title" aria-level="2" role="heading" id="h_note_10"><span>Note</span></div><p class="">The contents of <var title="true">serverCertificate</var> are <a href="#key-system">Key System</a>-specific.</p></div>
+ <div class="note"><div class="note-title" aria-level="2" role="heading" id="h_note_11"><span>Note</span></div><p class="">Key systems that use such certificates should also support requesting the certificate from the server via an additional round trip. This simplifies interoperability for applications that are not designed to provide certificates to specific key systems.</p></div>
+
+
+ <table class="parameters"><tbody><tr><th>Parameter</th><th>Type</th><th>Nullable</th><th>Optional</th><th>Description</th></tr><tr><td class="prmName">serverCertificate</td><td class="prmType"><code>(ArrayBuffer or ArrayBufferView)</code></td><td class="prmNullFalse"><span role="img" aria-label="False">✘</span></td><td class="prmOptFalse"><span role="img" aria-label="False">✘</span></td><td class="prmDesc"></td></tr></tbody></table><div><em>Return type: </em><code>Promise<void></code></div><p>When this method is invoked, the user agent must run the following steps:</p><ol class="method-algorithm">
+ <li><p>If <var title="true">serverCertificate</var> is an empty array, return a promise rejected with a new a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is <code><a href="#dfn-InvalidAccessError">InvalidAccessError</a></code>.</p></li>
+ <li><p>If the <a href="#cdm">CDM</a> corresponding to the <code><a href="#widl-MediaKeys-keySystem">keySystem</a></code> attribute does not support server certificates, return a promise rejected with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is <code><a href="#dfn-NotSupportedError">NotSupportedError</a></code>.</p></li>
+ <li><p>Let <var>certificate</var> be a copy of the contents of the <var title="true">serverCertificate</var> parameter.</p></li>
+ <li><p>Let <var>promise</var> be a new promise.</p></li>
+ <li><p>Run the following steps asynchronously:</p>
+ <ol>
+ <li><p>Let <var title="true">cdm</var> be the <var title="true">cdm</var> during the <a href="#widl-MediaKeys-create-Promise-MediaKeys--DOMString-keySystem">initialization</a> of this object.</p></li>
+ <li><p>Use the <var title="true">cdm</var> to process <var>certificate</var>.</p></li>
+ <li><p>If any of the preceding steps failed, reject <var>promise</var> with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is the appropriate <a href="#error-names">error name</a>.</p></li>
+ <li><p>Resolve <var>promise</var>.</p></li>
+ </ol>
+ </li>
+ <li><p>Return <var>promise</var>.</p></li>
+ </ol></dd></dl></section>
</section>
<section id="mediakeysession" typeof="bibo:Chapter" resource="#mediakeysession" rel="bibo:Chapter">
- <!--OddPage--><h2 role="heading" id="h2_mediakeysession"><span class="secno">3. </span>MediaKeySession Object</h2>
- <p>The MediaKeySession object represents a <a href="#key-session">key session</a>.</p>
-
- <p>For methods that return a promise, all errors are reported asynchronously by rejecting the returned Promise. This includes WebIDL type mapping errors.</p>
- <p>The steps of an algorithm are always aborted when resolving or rejecting a promise.</p>
-
- <pre class="idl"><span class="idlInterface" id="idl-def-MediaKeySession">interface <span class="idlInterfaceID">MediaKeySession</span> : <span class="idlSuperclass">EventTarget</span> {
+ <!--OddPage--><h2 role="heading" id="h2_mediakeysession"><span class="secno">3. </span>MediaKeySession Object</h2>
+ <p>The MediaKeySession object represents a <a href="#key-session">key session</a>.</p>
+
+ <p>For methods that return a promise, all errors are reported asynchronously by rejecting the returned Promise. This includes WebIDL type mapping errors.</p>
+ <p>The steps of an algorithm are always aborted when resolving or rejecting a promise.</p>
+
+ <pre class="idl"><span class="idlInterface" id="idl-def-MediaKeySession">interface <span class="idlInterfaceID">MediaKeySession</span> : <span class="idlSuperclass">EventTarget</span> {
<span class="idlAttribute"> readonly attribute <span class="idlAttrType">DOMString</span> <span class="idlAttrName"><a href="#widl-MediaKeySession-sessionId">sessionId</a></span>;</span>
<span class="idlAttribute"> readonly attribute <span class="idlAttrType">unrestricted double</span> <span class="idlAttrName"><a href="#widl-MediaKeySession-expiration">expiration</a></span>;</span>
<span class="idlAttribute"> readonly attribute <span class="idlAttrType">Promise<void></span> <span class="idlAttrName"><a href="#widl-MediaKeySession-closed">closed</a></span>;</span>
@@ -954,881 +955,881 @@
<span class="idlMethod"> <span class="idlMethType">Promise<void></span> <span class="idlMethName"><a href="#widl-MediaKeySession-remove-Promise-void">remove</a></span> ();</span>
<span class="idlMethod"> <span class="idlMethType">Promise<sequence<ArrayBuffer>></span> <span class="idlMethName"><a href="#widl-MediaKeySession-getUsableKeyIds-Promise-sequence-ArrayBuffer">getUsableKeyIds</a></span> ();</span>
};</span></pre><section id="attributes-1"><h3 role="heading" id="h3_attributes-1"><span class="secno">3.1 </span>Attributes</h3><dl class="attributes"><dt id="widl-MediaKeySession-closed"><code>closed</code> of type <span class="idlAttrType">Promise<void></span>, readonly </dt><dd>
- <p>Signals when object becomes closed as a result of the <a href="#algorithms-session-close">session close algorithm</a> being run.
- This promise can only be fulfilled and is never rejected.</p>
- </dd><dt id="widl-MediaKeySession-expiration"><code>expiration</code> of type <span class="idlAttrType">unrestricted double</span>, readonly </dt><dd>
- <p>The time, in milliseconds since 01 January, 1970 UTC, after which the key(s) in the session will no longer be usable to decrypt <a href="http://www.w3.org/TR/html5/embedded-content-0.html#media-data">media data</a>, or <code>NaN</code> if no such time exists, as determined by the CDM.</p>
- </dd><dt id="widl-MediaKeySession-sessionId"><code>sessionId</code> of type <span class="idlAttrType">DOMString</span>, readonly </dt><dd>
- <p>The <a href="#session-id">Session Id</a> for this object and the associated key(s) or license(s).</p>
- </dd></dl></section><section id="methods-1"><h3 role="heading" id="h3_methods-1"><span class="secno">3.2 </span>Methods</h3><dl class="methods"><dt id="widl-MediaKeySession-close-Promise-void"><code>close</code></dt><dd>
- <p>Indicates that the application no longer needs the session and the CDM should release any resources associated with this object and close it.</p>
- <div class="note"><div class="note-title" aria-level="2" role="heading" id="h_note_12"><span>Note</span></div><p class="">The returned promise is resolved when the request has been processed, and the <code><a href="#widl-MediaKeySession-closed">closed</a></code> attribute promise is resolved when the session is closed.</p></div>
-
-
- <div><em>No parameters.</em></div><div><em>Return type: </em><code>Promise<void></code></div><p>When this method is invoked, the user agent must run the following steps:</p><ol class="method-algorithm">
- <li><p>If this object's <var title="true">callable</var> value is false, return a promise rejected with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is <code><a href="#dfn-InvalidStateError">InvalidStateError</a></code>.</p></li>
- <li><p>If the <a href="#algorithms-session-close">session close algorithm</a> has been run on this object, return a resolved promise.</p></li>
- <li><p>Let <var>promise</var> be a new promise.</p></li>
- <li><p>Run the following steps asynchronously:</p>
- <ol>
- <li><p>Let <var title="true">cdm</var> be the CDM loaded during the <a href="#widl-MediaKeys-create-Promise-MediaKeys--DOMString-keySystem">initialization</a> of the <code><a href="#idl-def-MediaKeys">MediaKeys</a></code> object that created this object.</p></li>
- <li><p>Use the <var title="true">cdm</var> to execute the following steps:</p>
- <ol>
- <li>
- <p>Process the close request.</p>
- <p>Do not remove stored session data.</p>
- </li>
- <li><p>If the previous step caused the session to be closed, run the <a href="#algorithms-session-close">session close algorithm</a> on this object.</p></li>
- </ol>
- </li>
- <li><p>Resolve <var>promise</var>.</p></li>
- </ol>
- </li>
- <li><p>Return <var>promise</var>.</p></li>
- </ol></dd><dt id="widl-MediaKeySession-generateRequest-Promise-void--DOMString-initDataType-ArrayBuffer-ArrayBufferView-initData"><code>generateRequest</code></dt><dd>
- <p>Generates a request based on the <var title="true">initData</var>.</p>
- <p><var title="true">initData</var> is <a href="#initialization-data">Initialization Data</a>, and
- <var title="true">initDataType</var> is an <a href="#initialization-data">Initialization Data</a> that indicates how to interpret <var title="true">initData</var>.
- </p>
-
-
- <table class="parameters"><tbody><tr><th>Parameter</th><th>Type</th><th>Nullable</th><th>Optional</th><th>Description</th></tr><tr><td class="prmName">initDataType</td><td class="prmType"><code>DOMString</code></td><td class="prmNullFalse"><span role="img" aria-label="False">✘</span></td><td class="prmOptFalse"><span role="img" aria-label="False">✘</span></td><td class="prmDesc"></td></tr><tr><td class="prmName">initData</td><td class="prmType"><code>(ArrayBuffer or ArrayBufferView)</code></td><td class="prmNullFalse"><span role="img" aria-label="False">✘</span></td><td class="prmOptFalse"><span role="img" aria-label="False">✘</span></td><td class="prmDesc"></td></tr></tbody></table><div><em>Return type: </em><code>Promise<void></code></div><p>When this method is invoked, the user agent must run the following steps:</p><ol class="method-algorithm">
- <li><p>If this object's <var title="true">uninitialized</var> value is false, return a promise rejected with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is <code><a href="#dfn-InvalidStateError">InvalidStateError</a></code>.</p></li>
- <li><p>Let this object's <var title="true">uninitialized</var> be false.</p></li><!-- For simplicity and consistency, this object cannot be reused after any failure. -->
- <li><p>If <var title="true">initDataType</var> is an empty string, return a promise rejected with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is <code><a href="#dfn-InvalidAccessError">InvalidAccessError</a></code>.</p></li>
- <li><p>If <var title="true">initData</var> is an empty array, return a promise rejected with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is <code><a href="#dfn-InvalidAccessError">InvalidAccessError</a></code>.</p></li>
- <li><p>Let <var title="true">media keys</var> be the <code><a href="#idl-def-MediaKeys">MediaKeys</a></code> object that created this object.</p></li>
- <li><p>If the <a href="#cdm">CDM</a> corresponding to <var title="true">media keys</var>'s <code><a href="#widl-MediaKeys-keySystem">keySystem</a></code> attribute does not support <var title="true">initDataType</var> as an <a href="#initialization-data">Initialization Data</a>, return a promise rejected with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is <code><a href="#dfn-NotSupportedError">NotSupportedError</a></code>. String comparison is case-sensitive.</p></li>
- <li><p>Let <var>init data</var> be a copy of the contents of the <var title="true">initData</var> parameter.</p></li>
- <li><p>Let <var title="true">session type</var> be this object's <var title="true">session type</var>.</p></li>
- <li><p>Let <var>promise</var> be a new promise.</p></li>
- <li><p>Run the following steps asynchronously:</p>
- <ol>
- <li><p>If the <var>init data</var> is not valid for <var title="true">initDataType</var>, reject <var>promise</var> with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is <code><a href="#dfn-InvalidAccessError">InvalidAccessError</a></code>.</p></li>
- <li><p>Let <var>sanitized init data</var> be a validated and/or sanitized version of <var>init data</var>.</p>
- <div class="note"><div class="note-title" aria-level="2" role="heading" id="h_note_13"><span>Note</span></div><p class="">The user agent should thoroughly validate the Initialization Data before passing it to the CDM.
- This may include verifying values are within reasonable limits, stripping irrelevant data or fields, pre-parsing it, sanitizing it, and/or generating a fully sanitized version.
- The user agent should check that the length and values of fields are reasonable.
- Unknown fields should be rejected or removed.
- For Initialization Data formats that support multiple entries, the user agent should remove entries that are not needed by the CDM.
- </p></div>
- </li>
- <li><p>If the previous step failed, reject <var>promise</var> with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is <code><a href="#dfn-InvalidAccessError">InvalidAccessError</a></code>.</p></li>
- <li><p>Let <var title="true">session id</var> be the empty string.</p></li>
- <li><p>Let <var title="true">message</var> be null.</p></li>
- <li><p>Let <var title="true">cdm</var> be the CDM loaded during the <a href="#widl-MediaKeys-create-Promise-MediaKeys--DOMString-keySystem">initialization</a> of <var title="true">media keys</var>.</p></li>
- <li><p>Use the <var title="true">cdm</var> to execute the following steps:</p>
- <ol>
- <li><p>If the <var>init data</var> is not supported by the <var title="true">cdm</var>, reject <var>promise</var> with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is <code><a href="#dfn-NotSupportedError">NotSupportedError</a></code>.</p></li>
- <li><p>Follow the steps for the first matching condition from the following list:</p>
- <dl class="switch">
- <dt>If <var title="true">session type</var> is <code><a href="#idl-def-SessionType.temporary">"temporary"</a></code></dt>
- <dd>Let <var title="true">requested session type</var> be a temporary non-persisted session.<p></p>
- <div class="note"><div class="note-title" aria-level="2" role="heading" id="h_note_14"><span>Note</span></div><p class="">The returned license must not be persistable.</p></div>
- </dd>
- <dt>If <var title="true">session type</var> is <code><a href="#idl-def-SessionType.persistent">"persistent"</a></code></dt>
- <dd>Let <var title="true">requested session type</var> be a persistable session.<p>
- </p><div class="note"><div class="note-title" aria-level="2" role="heading" id="h_note_15"><span>Note</span></div><p class="">The returned license may be persistable.)</p></div>
- </dd>
- </dl>
- <div class="note"><div class="note-title" aria-level="2" role="heading" id="h_note_16"><span>Note</span></div><p class="">The license server determines the type of license that is returned, either persistent or non-persistent. A persistent license cannot be added to a non-persistable session.</p></div>
- </li>
-
- <li><p>Let <var title="true">session id</var> be a unique <a href="#session-id">Session Id</a> string.</p>
- <p>If <var title="true">session type</var> is <code><a href="#idl-def-SessionType.persistent">"persistent"</a></code>, the ID <em class="rfc2119" title="MUST">MUST</em> be unique within the the <a href="http://www.w3.org/TR/html5/browsers.html#origin-0">origin</a> of this object's <a href="http://dom.spec.whatwg.org/#concept-document">Document</a> over time, including across Documents and browsing sessions.</p>
- </li>
- <li><p>Let <var title="true">message</var> be a request for the <var title="true">requested session type</var> generated based on the <var>init data</var>, which is interpreted per <var title="true">initDataType</var>.</p>
- <div class="note"><div class="note-title" aria-level="2" role="heading" id="h_note_17"><span>Note</span></div><p class="">For example, a license request.</p></div>
- <p>The <var title="true">cdm</var> <em class="rfc2119" title="MUST NOT">MUST NOT</em> use any stream-specific data, including <a href="http://www.w3.org/TR/html5/embedded-content-0.html#media-data">media data</a>, not provided via the <var>init data</var>.</p>
- <p>The <var title="true">cdm</var> <em class="rfc2119" title="SHOULD NOT">SHOULD NOT</em> store session data, including the session ID, at this point. See <a href="#session-storage">Session Storage and Persistence</a>.</p>
- </li>
- </ol>
- </li>
- <li><p>If any of the preceding steps failed, reject <var>promise</var> with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is the appropriate <a href="#error-names">error name</a>.</p></li>
- <li><p>Set the <code><a href="#widl-MediaKeySession-sessionId">sessionId</a></code> attribute to <var title="true">session id</var>.</p></li>
- <li><p>Let this object's <var title="true">callable</var> be true.</p></li>
- <li><p>Run the <a href="#algorithms-queue-message">queue a "message" event algorithm</a> on the <var title="true">session</var>, providing <code><a href="#idl-def-MediaKeyMessageType.licenserequest">"licenserequest"</a></code> and <var title="true">message</var>.</p></li>
- <li><p>Resolve <var>promise</var>.</p></li>
- </ol>
- </li>
- <li><p>Return <var>promise</var>.</p></li>
- </ol></dd><dt id="widl-MediaKeySession-getUsableKeyIds-Promise-sequence-ArrayBuffer"><code>getUsableKeyIds</code></dt><dd>
- <div class="issue"><div class="issue-title" aria-level="2" role="heading" id="h_issue_2"><span>Issue 2</span></div><p class=""><a href="https://www.w3.org/Bugs/Public/show_bug.cgi?id=26372">Bug 26372</a> - getUsableKeyIds() may be replaced.</p></div>
- <p>Gets the key IDs for keys in the session that the CDM <em>knows</em> are currently usable to decrypt <a href="http://www.w3.org/TR/html5/embedded-content-0.html#media-data">media data</a>.</p>
-
-
- <div><em>No parameters.</em></div><div><em>Return type: </em><code>Promise<sequence<ArrayBuffer>></code></div><p>When this method is invoked, the user agent must run the following steps:</p><ol class="method-algorithm">
- <li><p>If this object's <var title="true">callable</var> value is false, return a promise rejected with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is <code><a href="#dfn-InvalidStateError">InvalidStateError</a></code>.</p></li>
- <li><p>Let <var>promise</var> be a new promise.</p></li>
- <li><p>Run the following steps asynchronously:</p>
- <ol>
- <li><p>Let <var title="true">cdm</var> be the CDM loaded during the <a href="#widl-MediaKeys-create-Promise-MediaKeys--DOMString-keySystem">initialization</a> of the <code><a href="#idl-def-MediaKeys">MediaKeys</a></code> object that created this object.</p></li>
- <li><p>Use the <var title="true">cdm</var> to execute the following steps:</p>
- <ol>
- <li><p>Let <var title="true">usable key ids</var> be a list of the key IDs for keys in the session that the CDM <em>knows</em> are currently usable to decrypt <a href="http://www.w3.org/TR/html5/embedded-content-0.html#media-data">media data</a>. <var title="true">usable key ids</var> <em class="rfc2119" title="MUST NOT">MUST NOT</em> contain IDs for keys that <em>may not</em> currently be usable. Each element <em class="rfc2119" title="MUST">MUST</em> be unique.</p></li>
- </ol>
- </li>
- <li>
- <p>If the preceding step failed, reject <var>promise</var> with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is the appropriate <a href="#error-names">error name</a>.</p>
- </li>
- <li>
- <p>Resolve <var>promise</var> with a new Sequence object, each element of which contains one element of <var title="true">usable key ids</var>.</p>
- </li>
- </ol>
- </li>
- </ol></dd><dt id="widl-MediaKeySession-load-Promise-boolean--DOMString-sessionId"><code>load</code></dt><dd>
- <p>Loads the data stored for the <var title="true">sessionId</var> into the session represented by the object.</p>
-
-
- <table class="parameters"><tbody><tr><th>Parameter</th><th>Type</th><th>Nullable</th><th>Optional</th><th>Description</th></tr><tr><td class="prmName">sessionId</td><td class="prmType"><code>DOMString</code></td><td class="prmNullFalse"><span role="img" aria-label="False">✘</span></td><td class="prmOptFalse"><span role="img" aria-label="False">✘</span></td><td class="prmDesc"></td></tr></tbody></table><div><em>Return type: </em><code>Promise<boolean></code></div><p>When this method is invoked, the user agent must run the following steps:</p><ol class="method-algorithm">
- <li><p>If this object's <var title="true">uninitialized</var> value is false, return a promise rejected with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is <code><a href="#dfn-InvalidStateError">InvalidStateError</a></code>.</p></li>
- <li><p>Let this object's <var title="true">uninitialized</var> be false.</p></li><!-- For simplicity and consistency, this object cannot be reused after any failure. -->
- <li><p>If <var title="true">sessionId</var> is an empty string, return a promise rejected with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is <code><a href="#dfn-InvalidAccessError">InvalidAccessError</a></code>.</p></li>
- <li><p>If this object's <var title="true">session type</var> is not <code><a href="#idl-def-SessionType.persistent">"persistent"</a></code>, return a promise rejected with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is <code><a href="#dfn-InvalidAccessError">InvalidAccessError</a></code>.</p></li>
- <li><p>Let <var title="true">media keys</var> be the <code><a href="#idl-def-MediaKeys">MediaKeys</a></code> object that created this object.</p></li>
- <li><p>If the <a href="#cdm">CDM</a> corresponding to <var title="true">media keys</var>'s <code><a href="#widl-MediaKeys-keySystem">keySystem</a></code> attribute does not support loading previous sessions, return a promise rejected with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is <code><a href="#dfn-NotSupportedError">NotSupportedError</a></code>.</p></li>
- <li><p>Let <var>promise</var> be a new promise.</p></li>
- <li><p>Run the following steps asynchronously:</p>
- <ol>
- <li><p>Let <var>sanitized session ID</var> be a validated and/or sanitized version of <var title="true">sessionId</var>.</p>
- <div class="note"><div class="note-title" aria-level="2" role="heading" id="h_note_18"><span>Note</span></div><p class="">The user agent should thoroughly validate the sessionId value before passing it to the CDM.
- At a minimum, this should include checking that the length and value (e.g. alphanumeric) are reasonable.
- </p></div>
- </li>
- <li><p>If the previous step failed, reject <var>promise</var> with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is <code><a href="#dfn-InvalidAccessError">InvalidAccessError</a></code>.</p></li>
- <li><p>Let <var title="true">expiration time</var> be <code>NaN</code>.</p></li>
- <li><p>Let <var title="true">message</var> be null.</p></li>
- <li><p>Let <var title="true">message type</var> be null.</p></li>
- <li><p>Let <var title="true">origin</var> be the <a href="http://www.w3.org/TR/html5/browsers.html#origin-0">origin</a> of this object's <a href="http://dom.spec.whatwg.org/#concept-document">Document</a>.</p></li>
- <li><p>Let <var title="true">cdm</var> be the CDM loaded during the <a href="#widl-MediaKeys-create-Promise-MediaKeys--DOMString-keySystem">initialization</a> of <var title="true">media keys</var>.</p></li>
- <li><p>Use the <var title="true">cdm</var> to execute the following steps:</p>
- <ol>
- <li><p>If there is no data stored for the <var>sanitized session ID</var> in the <var title="true">origin</var>, resolve <var>promise</var> with <code>false</code>.</p></li><!-- Per https://github.com/w3ctag/promises-guide#rejections-should-be-used-for-exceptional-situations. -->
- <li><p>Let <var title="true">session data</var> be the data stored for the <var>sanitized session ID</var> in the <var title="true">origin</var>.
- This <em class="rfc2119" title="MUST NOT">MUST NOT</em> include data from other origin(s) or that is not associated with an origin.</p></li>
- <li><p>If there is an unclosed <code><a href="#idl-def-SessionType.persistent">"persistent"</a></code> session in any <a href="http://dom.spec.whatwg.org/#concept-document">Document</a> representing the <var title="true">session data</var>, reject <var>promise</var> with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is <code><a href="#dfn-QuotaExceededError">QuotaExceededError</a></code>.</p>
- <div class="note"><div class="note-title" aria-level="2" role="heading" id="h_note_19"><span>Note</span></div><p class="">In other words, do not create a session if a non-closed persistent session already exists for this <var>sanitized session ID</var> in any browsing context.</p></div>
- </li>
- <li><p>Load the <var title="true">session data</var>.</p></li>
- <li><p>If the <var title="true">session data</var> indicates an expiration time for the session, let <var title="true">expiration time</var> be the expiration time in milliseconds since 01 January 1970 UTC.</p></li>
- <li><p>If the CDM needs to send a message:</p>
- <ol>
- <li><p>Let <var title="true">message</var> be a message generated by the <a href="#cdm">CDM</a> based on the <var title="true">session data</var>.</p></li>
- <li><p>Let <var title="true">message type</var> be the appropriate <code><a href="#idl-def-MediaKeyMessageType">MediaKeyMessageType</a></code> for the message.</p></li>
- </ol>
- </li>
- </ol>
- </li>
- <li><p>If any of the preceding steps failed, reject <var>promise</var> with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is the appropriate <a href="#error-names">error name</a>.</p></li>
- <li><p>Set the <code><a href="#widl-MediaKeySession-sessionId">sessionId</a></code> attribute to <var>sanitized session ID</var>.</p></li>
- <li><p>Let this object's <var title="true">callable</var> be true.</p></li>
- <li><p>If the loaded session contains usable keys, run the <a href="#algorithms-keys-changed">usable keys changed algorithm</a> on the <var title="true">session</var>.</p>
- <p>The algorithm <em class="rfc2119" title="MAY">MAY</em> also be run later should additional processing be necessary to determine with certainty whether one or more keys is usable.</p>
- </li>
- <li><p>Run the <a href="#algorithms-update-expiration">update expiration algorithm</a> on the <var title="true">session</var>, providing <var title="true">expiration time</var>.</p></li>
- <li><p>If <var title="true">message</var> is not null, run the <a href="#algorithms-queue-message">queue a "message" event algorithm</a> on the <var title="true">session</var>, providing <var title="true">message type</var> and <var title="true">message</var>.</p></li>
- <li><p>Resolve <var>promise</var> with <code>true</code>.</p></li>
- </ol>
- </li>
- <li><p>Return <var>promise</var>.</p></li>
- </ol></dd><dt id="widl-MediaKeySession-remove-Promise-void"><code>remove</code></dt><dd>
- <p>Removes stored session data associated with this object.</p>
-
-
- <div><em>No parameters.</em></div><div><em>Return type: </em><code>Promise<void></code></div><p>When this method is invoked, the user agent must run the following steps:</p><ol class="method-algorithm">
- <li><p>If this object's <var title="true">callable</var> value is false, return a promise rejected with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is <code><a href="#dfn-InvalidStateError">InvalidStateError</a></code>.</p></li>
- <li><p>If this object's <var title="true">session type</var> is not <code><a href="#idl-def-SessionType.persistent">"persistent"</a></code>, return a promise rejected with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is <code><a href="#dfn-InvalidAccessError">InvalidAccessError</a></code>.</p></li>
- <li><p>If the <a href="#algorithms-session-close">session close algorithm</a> has been run on this object, return a promise rejected with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is <code><a href="#dfn-InvalidStateError">InvalidStateError</a></code>.</p></li>
- <li><p>Let <var>promise</var> be a new promise.</p></li>
- <li><p>Run the following steps asynchronously:</p>
- <ol>
- <li><p>Let <var title="true">cdm</var> be the CDM loaded during the <a href="#widl-MediaKeys-create-Promise-MediaKeys--DOMString-keySystem">initialization</a> of the <code><a href="#idl-def-MediaKeys">MediaKeys</a></code> object that created this object.</p></li>
- <li><p>Use the <var title="true">cdm</var> to execute the following steps:</p>
- <ol>
- <li>
- <p>Process the remove request.</p>
- <p>This <em class="rfc2119" title="MAY">MAY</em> involve exchanging message(s) with the application.</p>
- <p>Unless this step fails, the CDM <em class="rfc2119" title="MUST">MUST</em> have cleared all stored session data associated with this object, including the <code><a href="#widl-MediaKeySession-sessionId">sessionId</a></code>, before proceeding to the next step.</p>
- <div class="note"><div class="note-title" aria-level="2" role="heading" id="h_note_20"><span>Note</span></div><p class="">A subsequent call to <code><a href="#widl-MediaKeySession-load-Promise-boolean--DOMString-sessionId">load()</a></code> with the value <code><a href="#widl-MediaKeySession-sessionId">sessionId</a></code> would fail because there is no data stored for that session ID.)</p></div>
- </li>
- </ol>
- </li>
- <li><p>Run the following steps asynchronously once the above step has completed:</p>
- <ol>
- <li><p>If any of the preceding steps failed, reject <var>promise</var> with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is the appropriate <a href="#error-names">error name</a>.</p></li>
- <li><p>Run the <a href="#algorithms-session-close">session close algorithm</a> on this object.</p></li>
- <li><p>Resolve <var>promise</var>.</p></li>
- </ol>
- </li>
- </ol>
- </li>
- <li><p>Return <var>promise</var>.</p></li>
- </ol></dd><dt id="widl-MediaKeySession-update-Promise-void--ArrayBuffer-ArrayBufferView-response"><code>update</code></dt><dd>
- <p>Provides messages, including licenses, to the CDM.</p>
- <div class="note"><div class="note-title" aria-level="2" role="heading" id="h_note_21"><span>Note</span></div><p class="">The contents of <var title="true">response</var> are <a href="#key-system">Key System</a>-specific.</p></div>
-
-
- <table class="parameters"><tbody><tr><th>Parameter</th><th>Type</th><th>Nullable</th><th>Optional</th><th>Description</th></tr><tr><td class="prmName">response</td><td class="prmType"><code>(ArrayBuffer or ArrayBufferView)</code></td><td class="prmNullFalse"><span role="img" aria-label="False">✘</span></td><td class="prmOptFalse"><span role="img" aria-label="False">✘</span></td><td class="prmDesc"></td></tr></tbody></table><div><em>Return type: </em><code>Promise<void></code></div><p>When this method is invoked, the user agent must run the following steps:</p><ol class="method-algorithm">
- <li><p>If this object's <var title="true">callable</var> value is false, return a promise rejected with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is <code><a href="#dfn-InvalidStateError">InvalidStateError</a></code>.</p></li>
- <li><p>If <var title="true">response</var> is an empty array, return a promise rejected with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is <code><a href="#dfn-InvalidAccessError">InvalidAccessError</a></code>.</p></li>
- <li><p>Let <var>response copy</var> be a copy of the contents of the <var title="true">response</var> parameter.</p></li>
- <li><p>Let <var>promise</var> be a new promise.</p></li>
- <li><p>Run the following steps asynchronously:</p>
- <ol>
- <li><p>Let <var>sanitized response</var> be a validated and/or sanitized version of <var>response copy</var>.</p>
- <div class="note"><div class="note-title" aria-level="2" role="heading" id="h_note_22"><span>Note</span></div><p class="">The user agent should thoroughly validate the response before passing it to the CDM.
- This may include verifying values are within reasonable limits, stripping irrelevant data or fields, pre-parsing it, sanitizing it, and/or generating a fully sanitized version.
- The user agent should check that the length and values of fields are reasonable.
- Unknown fields should be rejected or removed.
- </p></div>
- </li>
- <li><p>If the previous step failed, reject <var>promise</var> with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is <code><a href="#dfn-InvalidAccessError">InvalidAccessError</a></code>.</p></li>
- <li><p>Let <var title="true">cdm</var> be the CDM loaded during the <a href="#widl-MediaKeys-create-Promise-MediaKeys--DOMString-keySystem">initialization</a> of the <code><a href="#idl-def-MediaKeys">MediaKeys</a></code> object that created this object.</p></li>
- <li><p>Let <var title="true">message</var> be null.</p></li>
- <li><p>Let <var title="true">message type</var> be null.</p></li>
- <li><p>Use the <var title="true">cdm</var> to execute the following steps:</p>
- <ol>
- <li><p>If the format of <var>sanitized response</var> is invalid in any way, reject <var>promise</var> with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is <code><a href="#dfn-InvalidAccessError">InvalidAccessError</a></code>.</p></li>
- <li><p>Process <var>sanitized response</var>, following the stipulation for the first matching condition from the following list:</p>
- <dl class="switch">
- <dt>If <var title="true">sessionType</var> is <code><a href="#idl-def-SessionType.temporary">"temporary"</a></code> and <var>sanitized response</var> does not specify that session data, including any license, key(s), or similar session data it contains, should be stored</dt>
- <dd>Continue processing <var>sanitized response</var>, not storing any session data.</dd>
- <dt>If <var title="true">sessionType</var> is <code><a href="#idl-def-SessionType.persistent">"persistent"</a></code></dt>
- <dd>Continue processing <var>sanitized response</var>, storing the license, key(s), or similar session data contained in <var>sanitized response</var> as permitted or instructed by the license.
- Such data <em class="rfc2119" title="MUST">MUST</em> be stored such that only the <a href="http://www.w3.org/TR/html5/browsers.html#origin-0">origin</a> of this object's <a href="http://dom.spec.whatwg.org/#concept-document">Document</a> can access it.
- </dd>
- <dt>Otherwise</dt>
- <dd>Reject <var>promise</var> with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is <code><a href="#dfn-InvalidAccessError">InvalidAccessError</a></code>.</dd>
- </dl>
- <p>See also <a href="#session-storage">Session Storage and Persistence</a>.</p>
- <div class="note"><div class="note-title" aria-level="2" role="heading" id="h_note_23"><span>Note</span></div><p class="">When <var>sanitized response</var> contains key(s) and/or related data, <var title="true">cdm</var> will likely cache the key and related data indexed by key ID.</p></div>
- <div class="note"><div class="note-title" aria-level="2" role="heading" id="h_note_24"><span>Note</span></div><p class="">The replacement algorithm within a session is <a href="#key-system">Key System</a>-dependent.</p></div>
- <p>Keys from different sessions <em class="rfc2119" title="SHOULD">SHOULD</em> be cached independently such that closing one session does not affect keys in other sessions, even if they have overlapping key IDs.</p>
- <div class="note"><div class="note-title" aria-level="2" role="heading" id="h_note_25"><span>Note</span></div><p class="">It is <em class="rfc2119" title="RECOMMENDED">RECOMMENDED</em> that CDMs support a standard and reasonably high minimum number of keys per <code><a href="#idl-def-MediaKeySession">MediaKeySession</a></code> object, including a standard replacement algorithm, and a standard and reasonably high minimum number of <code><a href="#idl-def-MediaKeySession">MediaKeySession</a></code> objects.
- This enables a reasonable number of key rotation algorithms to be implemented across user agents and may reduce the likelihood of playback interruptions in use cases that involve various streams in the same element (i.e. adaptive streams, various audio and video tracks) using different keys.
- </p></div>
- </li>
- <li><p>If the set of usable keys changed, run the <a href="#algorithms-keys-changed">usable keys changed algorithm</a> on the <var title="true">session</var>.</p>
- <p>The algorithm <em class="rfc2119" title="MAY">MAY</em> also be run later should additional processing be necessary to determine with certainty whether one or more keys is usable.</p>
- </li>
- <li><p>If the expiration time for the session changed, run the <a href="#algorithms-update-expiration">update expiration algorithm</a> on the <var title="true">session</var>, providing the new expiration time.</p></li>
- <li><p>If a message needs to be sent to the server, execute the following steps:</p>
- <ol>
- <li><p>Let <var title="true">message</var> be that message.</p></li>
- <li><p>Let <var title="true">message type</var> be the appropriate <code><a href="#idl-def-MediaKeyMessageType">MediaKeyMessageType</a></code> for the message.</p></li>
- </ol>
- </li>
- </ol>
- </li>
- <li><p>If any of the preceding steps failed, reject <var>promise</var> with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is the appropriate <a href="#error-names">error name</a>.</p></li>
- <li><p>If <var title="true">message</var> is not null, run the <a href="#algorithms-queue-message">queue a "message" event algorithm</a> on the <var title="true">session</var>, providing <var title="true">message type</var> and <var title="true">message</var>.</p></li>
- <li><p>Resolve <var>promise</var>.</p></li>
- </ol>
- </li>
- <li><p>Return <var>promise</var>.</p></li>
- </ol></dd></dl></section>
-
- <section id="mediakeymessageevent" typeof="bibo:Chapter" resource="#mediakeymessageevent" rel="bibo:Chapter">
- <h3 role="heading" id="h3_mediakeymessageevent"><span class="secno">3.3 </span>MediaKeyMessageEvent</h3>
- <p>The MediaKeyMessageEvent object is used for the <code><a href="#dom-evt-message">message</a></code> event.</p>
- <p>Events are constructed as defined in <a href="http://dom.spec.whatwg.org/#constructing-events">Constructing events</a> [<cite><a class="bibref" href="#bib-DOM">DOM</a></cite>].</p>
-
- <pre class="idl"><span class="idlEnum" id="idl-def-MediaKeyMessageType">enum <span class="idlEnumID">MediaKeyMessageType</span> {
+ <p>Signals when object becomes closed as a result of the <a href="#algorithms-session-close">session close algorithm</a> being run.
+ This promise can only be fulfilled and is never rejected.</p>
+ </dd><dt id="widl-MediaKeySession-expiration"><code>expiration</code> of type <span class="idlAttrType">unrestricted double</span>, readonly </dt><dd>
+ <p>The time, in milliseconds since 01 January, 1970 UTC, after which the key(s) in the session will no longer be usable to decrypt <a href="http://www.w3.org/TR/html5/embedded-content-0.html#media-data">media data</a>, or <code>NaN</code> if no such time exists, as determined by the CDM.</p>
+ </dd><dt id="widl-MediaKeySession-sessionId"><code>sessionId</code> of type <span class="idlAttrType">DOMString</span>, readonly </dt><dd>
+ <p>The <a href="#session-id">Session Id</a> for this object and the associated key(s) or license(s).</p>
+ </dd></dl></section><section id="methods-1"><h3 role="heading" id="h3_methods-1"><span class="secno">3.2 </span>Methods</h3><dl class="methods"><dt id="widl-MediaKeySession-close-Promise-void"><code>close</code></dt><dd>
+ <p>Indicates that the application no longer needs the session and the CDM should release any resources associated with this object and close it.</p>
+ <div class="note"><div class="note-title" aria-level="2" role="heading" id="h_note_12"><span>Note</span></div><p class="">The returned promise is resolved when the request has been processed, and the <code><a href="#widl-MediaKeySession-closed">closed</a></code> attribute promise is resolved when the session is closed.</p></div>
+
+
+ <div><em>No parameters.</em></div><div><em>Return type: </em><code>Promise<void></code></div><p>When this method is invoked, the user agent must run the following steps:</p><ol class="method-algorithm">
+ <li><p>If this object's <var title="true">callable</var> value is false, return a promise rejected with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is <code><a href="#dfn-InvalidStateError">InvalidStateError</a></code>.</p></li>
+ <li><p>If the <a href="#algorithms-session-close">session close algorithm</a> has been run on this object, return a resolved promise.</p></li>
+ <li><p>Let <var>promise</var> be a new promise.</p></li>
+ <li><p>Run the following steps asynchronously:</p>
+ <ol>
+ <li><p>Let <var title="true">cdm</var> be the CDM loaded during the <a href="#widl-MediaKeys-create-Promise-MediaKeys--DOMString-keySystem">initialization</a> of the <code><a href="#idl-def-MediaKeys">MediaKeys</a></code> object that created this object.</p></li>
+ <li><p>Use the <var title="true">cdm</var> to execute the following steps:</p>
+ <ol>
+ <li>
+ <p>Process the close request.</p>
+ <p>Do not remove stored session data.</p>
+ </li>
+ <li><p>If the previous step caused the session to be closed, run the <a href="#algorithms-session-close">session close algorithm</a> on this object.</p></li>
+ </ol>
+ </li>
+ <li><p>Resolve <var>promise</var>.</p></li>
+ </ol>
+ </li>
+ <li><p>Return <var>promise</var>.</p></li>
+ </ol></dd><dt id="widl-MediaKeySession-generateRequest-Promise-void--DOMString-initDataType-ArrayBuffer-ArrayBufferView-initData"><code>generateRequest</code></dt><dd>
+ <p>Generates a request based on the <var title="true">initData</var>.</p>
+ <p><var title="true">initData</var> is <a href="#initialization-data">Initialization Data</a>, and
+ <var title="true">initDataType</var> is an <a href="#initialization-data">Initialization Data</a> that indicates how to interpret <var title="true">initData</var>.
+ </p>
+
+
+ <table class="parameters"><tbody><tr><th>Parameter</th><th>Type</th><th>Nullable</th><th>Optional</th><th>Description</th></tr><tr><td class="prmName">initDataType</td><td class="prmType"><code>DOMString</code></td><td class="prmNullFalse"><span role="img" aria-label="False">✘</span></td><td class="prmOptFalse"><span role="img" aria-label="False">✘</span></td><td class="prmDesc"></td></tr><tr><td class="prmName">initData</td><td class="prmType"><code>(ArrayBuffer or ArrayBufferView)</code></td><td class="prmNullFalse"><span role="img" aria-label="False">✘</span></td><td class="prmOptFalse"><span role="img" aria-label="False">✘</span></td><td class="prmDesc"></td></tr></tbody></table><div><em>Return type: </em><code>Promise<void></code></div><p>When this method is invoked, the user agent must run the following steps:</p><ol class="method-algorithm">
+ <li><p>If this object's <var title="true">uninitialized</var> value is false, return a promise rejected with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is <code><a href="#dfn-InvalidStateError">InvalidStateError</a></code>.</p></li>
+ <li><p>Let this object's <var title="true">uninitialized</var> be false.</p></li><!-- For simplicity and consistency, this object cannot be reused after any failure. -->
+ <li><p>If <var title="true">initDataType</var> is an empty string, return a promise rejected with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is <code><a href="#dfn-InvalidAccessError">InvalidAccessError</a></code>.</p></li>
+ <li><p>If <var title="true">initData</var> is an empty array, return a promise rejected with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is <code><a href="#dfn-InvalidAccessError">InvalidAccessError</a></code>.</p></li>
+ <li><p>Let <var title="true">media keys</var> be the <code><a href="#idl-def-MediaKeys">MediaKeys</a></code> object that created this object.</p></li>
+ <li><p>If the <a href="#cdm">CDM</a> corresponding to <var title="true">media keys</var>'s <code><a href="#widl-MediaKeys-keySystem">keySystem</a></code> attribute does not support <var title="true">initDataType</var> as an <a href="#initialization-data">Initialization Data</a>, return a promise rejected with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is <code><a href="#dfn-NotSupportedError">NotSupportedError</a></code>. String comparison is case-sensitive.</p></li>
+ <li><p>Let <var>init data</var> be a copy of the contents of the <var title="true">initData</var> parameter.</p></li>
+ <li><p>Let <var title="true">session type</var> be this object's <var title="true">session type</var>.</p></li>
+ <li><p>Let <var>promise</var> be a new promise.</p></li>
+ <li><p>Run the following steps asynchronously:</p>
+ <ol>
+ <li><p>If the <var>init data</var> is not valid for <var title="true">initDataType</var>, reject <var>promise</var> with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is <code><a href="#dfn-InvalidAccessError">InvalidAccessError</a></code>.</p></li>
+ <li><p>Let <var>sanitized init data</var> be a validated and/or sanitized version of <var>init data</var>.</p>
+ <div class="note"><div class="note-title" aria-level="2" role="heading" id="h_note_13"><span>Note</span></div><p class="">The user agent should thoroughly validate the Initialization Data before passing it to the CDM.
+ This may include verifying values are within reasonable limits, stripping irrelevant data or fields, pre-parsing it, sanitizing it, and/or generating a fully sanitized version.
+ The user agent should check that the length and values of fields are reasonable.
+ Unknown fields should be rejected or removed.
+ For Initialization Data formats that support multiple entries, the user agent should remove entries that are not needed by the CDM.
+ </p></div>
+ </li>
+ <li><p>If the previous step failed, reject <var>promise</var> with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is <code><a href="#dfn-InvalidAccessError">InvalidAccessError</a></code>.</p></li>
+ <li><p>Let <var title="true">session id</var> be the empty string.</p></li>
+ <li><p>Let <var title="true">message</var> be null.</p></li>
+ <li><p>Let <var title="true">cdm</var> be the CDM loaded during the <a href="#widl-MediaKeys-create-Promise-MediaKeys--DOMString-keySystem">initialization</a> of <var title="true">media keys</var>.</p></li>
+ <li><p>Use the <var title="true">cdm</var> to execute the following steps:</p>
+ <ol>
+ <li><p>If the <var>init data</var> is not supported by the <var title="true">cdm</var>, reject <var>promise</var> with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is <code><a href="#dfn-NotSupportedError">NotSupportedError</a></code>.</p></li>
+ <li><p>Follow the steps for the first matching condition from the following list:</p>
+ <dl class="switch">
+ <dt>If <var title="true">session type</var> is <code><a href="#idl-def-SessionType.temporary">"temporary"</a></code></dt>
+ <dd>Let <var title="true">requested session type</var> be a temporary non-persisted session.<p></p>
+ <div class="note"><div class="note-title" aria-level="2" role="heading" id="h_note_14"><span>Note</span></div><p class="">The returned license must not be persistable.</p></div>
+ </dd>
+ <dt>If <var title="true">session type</var> is <code><a href="#idl-def-SessionType.persistent">"persistent"</a></code></dt>
+ <dd>Let <var title="true">requested session type</var> be a persistable session.<p>
+ </p><div class="note"><div class="note-title" aria-level="2" role="heading" id="h_note_15"><span>Note</span></div><p class="">The returned license may be persistable.)</p></div>
+ </dd>
+ </dl>
+ <div class="note"><div class="note-title" aria-level="2" role="heading" id="h_note_16"><span>Note</span></div><p class="">The license server determines the type of license that is returned, either persistent or non-persistent. A persistent license cannot be added to a non-persistable session.</p></div>
+ </li>
+
+ <li><p>Let <var title="true">session id</var> be a unique <a href="#session-id">Session Id</a> string.</p>
+ <p>If <var title="true">session type</var> is <code><a href="#idl-def-SessionType.persistent">"persistent"</a></code>, the ID <em class="rfc2119" title="MUST">MUST</em> be unique within the the <a href="http://www.w3.org/TR/html5/browsers.html#origin-0">origin</a> of this object's <a href="http://dom.spec.whatwg.org/#concept-document">Document</a> over time, including across Documents and browsing sessions.</p>
+ </li>
+ <li><p>Let <var title="true">message</var> be a request for the <var title="true">requested session type</var> generated based on the <var>init data</var>, which is interpreted per <var title="true">initDataType</var>.</p>
+ <div class="note"><div class="note-title" aria-level="2" role="heading" id="h_note_17"><span>Note</span></div><p class="">For example, a license request.</p></div>
+ <p>The <var title="true">cdm</var> <em class="rfc2119" title="MUST NOT">MUST NOT</em> use any stream-specific data, including <a href="http://www.w3.org/TR/html5/embedded-content-0.html#media-data">media data</a>, not provided via the <var>init data</var>.</p>
+ <p>The <var title="true">cdm</var> <em class="rfc2119" title="SHOULD NOT">SHOULD NOT</em> store session data, including the session ID, at this point. See <a href="#session-storage">Session Storage and Persistence</a>.</p>
+ </li>
+ </ol>
+ </li>
+ <li><p>If any of the preceding steps failed, reject <var>promise</var> with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is the appropriate <a href="#error-names">error name</a>.</p></li>
+ <li><p>Set the <code><a href="#widl-MediaKeySession-sessionId">sessionId</a></code> attribute to <var title="true">session id</var>.</p></li>
+ <li><p>Let this object's <var title="true">callable</var> be true.</p></li>
+ <li><p>Run the <a href="#algorithms-queue-message">queue a "message" event algorithm</a> on the <var title="true">session</var>, providing <code><a href="#idl-def-MediaKeyMessageType.licenserequest">"licenserequest"</a></code> and <var title="true">message</var>.</p></li>
+ <li><p>Resolve <var>promise</var>.</p></li>
+ </ol>
+ </li>
+ <li><p>Return <var>promise</var>.</p></li>
+ </ol></dd><dt id="widl-MediaKeySession-getUsableKeyIds-Promise-sequence-ArrayBuffer"><code>getUsableKeyIds</code></dt><dd>
+ <div class="issue"><div class="issue-title" aria-level="2" role="heading" id="h_issue_2"><span>Issue 2</span></div><p class=""><a href="https://www.w3.org/Bugs/Public/show_bug.cgi?id=26372">Bug 26372</a> - getUsableKeyIds() may be replaced.</p></div>
+ <p>Gets the key IDs for keys in the session that the CDM <em>knows</em> are currently usable to decrypt <a href="http://www.w3.org/TR/html5/embedded-content-0.html#media-data">media data</a>.</p>
+
+
+ <div><em>No parameters.</em></div><div><em>Return type: </em><code>Promise<sequence<ArrayBuffer>></code></div><p>When this method is invoked, the user agent must run the following steps:</p><ol class="method-algorithm">
+ <li><p>If this object's <var title="true">callable</var> value is false, return a promise rejected with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is <code><a href="#dfn-InvalidStateError">InvalidStateError</a></code>.</p></li>
+ <li><p>Let <var>promise</var> be a new promise.</p></li>
+ <li><p>Run the following steps asynchronously:</p>
+ <ol>
+ <li><p>Let <var title="true">cdm</var> be the CDM loaded during the <a href="#widl-MediaKeys-create-Promise-MediaKeys--DOMString-keySystem">initialization</a> of the <code><a href="#idl-def-MediaKeys">MediaKeys</a></code> object that created this object.</p></li>
+ <li><p>Use the <var title="true">cdm</var> to execute the following steps:</p>
+ <ol>
+ <li><p>Let <var title="true">usable key ids</var> be a list of the key IDs for keys in the session that the CDM <em>knows</em> are currently usable to decrypt <a href="http://www.w3.org/TR/html5/embedded-content-0.html#media-data">media data</a>. <var title="true">usable key ids</var> <em class="rfc2119" title="MUST NOT">MUST NOT</em> contain IDs for keys that <em>may not</em> currently be usable. Each element <em class="rfc2119" title="MUST">MUST</em> be unique.</p></li>
+ </ol>
+ </li>
+ <li>
+ <p>If the preceding step failed, reject <var>promise</var> with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is the appropriate <a href="#error-names">error name</a>.</p>
+ </li>
+ <li>
+ <p>Resolve <var>promise</var> with a new Sequence object, each element of which contains one element of <var title="true">usable key ids</var>.</p>
+ </li>
+ </ol>
+ </li>
+ </ol></dd><dt id="widl-MediaKeySession-load-Promise-boolean--DOMString-sessionId"><code>load</code></dt><dd>
+ <p>Loads the data stored for the <var title="true">sessionId</var> into the session represented by the object.</p>
+
+
+ <table class="parameters"><tbody><tr><th>Parameter</th><th>Type</th><th>Nullable</th><th>Optional</th><th>Description</th></tr><tr><td class="prmName">sessionId</td><td class="prmType"><code>DOMString</code></td><td class="prmNullFalse"><span role="img" aria-label="False">✘</span></td><td class="prmOptFalse"><span role="img" aria-label="False">✘</span></td><td class="prmDesc"></td></tr></tbody></table><div><em>Return type: </em><code>Promise<boolean></code></div><p>When this method is invoked, the user agent must run the following steps:</p><ol class="method-algorithm">
+ <li><p>If this object's <var title="true">uninitialized</var> value is false, return a promise rejected with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is <code><a href="#dfn-InvalidStateError">InvalidStateError</a></code>.</p></li>
+ <li><p>Let this object's <var title="true">uninitialized</var> be false.</p></li><!-- For simplicity and consistency, this object cannot be reused after any failure. -->
+ <li><p>If <var title="true">sessionId</var> is an empty string, return a promise rejected with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is <code><a href="#dfn-InvalidAccessError">InvalidAccessError</a></code>.</p></li>
+ <li><p>If this object's <var title="true">session type</var> is not <code><a href="#idl-def-SessionType.persistent">"persistent"</a></code>, return a promise rejected with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is <code><a href="#dfn-InvalidAccessError">InvalidAccessError</a></code>.</p></li>
+ <li><p>Let <var title="true">media keys</var> be the <code><a href="#idl-def-MediaKeys">MediaKeys</a></code> object that created this object.</p></li>
+ <li><p>If the <a href="#cdm">CDM</a> corresponding to <var title="true">media keys</var>'s <code><a href="#widl-MediaKeys-keySystem">keySystem</a></code> attribute does not support loading previous sessions, return a promise rejected with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is <code><a href="#dfn-NotSupportedError">NotSupportedError</a></code>.</p></li>
+ <li><p>Let <var>promise</var> be a new promise.</p></li>
+ <li><p>Run the following steps asynchronously:</p>
+ <ol>
+ <li><p>Let <var>sanitized session ID</var> be a validated and/or sanitized version of <var title="true">sessionId</var>.</p>
+ <div class="note"><div class="note-title" aria-level="2" role="heading" id="h_note_18"><span>Note</span></div><p class="">The user agent should thoroughly validate the sessionId value before passing it to the CDM.
+ At a minimum, this should include checking that the length and value (e.g. alphanumeric) are reasonable.
+ </p></div>
+ </li>
+ <li><p>If the previous step failed, reject <var>promise</var> with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is <code><a href="#dfn-InvalidAccessError">InvalidAccessError</a></code>.</p></li>
+ <li><p>Let <var title="true">expiration time</var> be <code>NaN</code>.</p></li>
+ <li><p>Let <var title="true">message</var> be null.</p></li>
+ <li><p>Let <var title="true">message type</var> be null.</p></li>
+ <li><p>Let <var title="true">origin</var> be the <a href="http://www.w3.org/TR/html5/browsers.html#origin-0">origin</a> of this object's <a href="http://dom.spec.whatwg.org/#concept-document">Document</a>.</p></li>
+ <li><p>Let <var title="true">cdm</var> be the CDM loaded during the <a href="#widl-MediaKeys-create-Promise-MediaKeys--DOMString-keySystem">initialization</a> of <var title="true">media keys</var>.</p></li>
+ <li><p>Use the <var title="true">cdm</var> to execute the following steps:</p>
+ <ol>
+ <li><p>If there is no data stored for the <var>sanitized session ID</var> in the <var title="true">origin</var>, resolve <var>promise</var> with <code>false</code>.</p></li><!-- Per https://github.com/w3ctag/promises-guide#rejections-should-be-used-for-exceptional-situations. -->
+ <li><p>Let <var title="true">session data</var> be the data stored for the <var>sanitized session ID</var> in the <var title="true">origin</var>.
+ This <em class="rfc2119" title="MUST NOT">MUST NOT</em> include data from other origin(s) or that is not associated with an origin.</p></li>
+ <li><p>If there is an unclosed <code><a href="#idl-def-SessionType.persistent">"persistent"</a></code> session in any <a href="http://dom.spec.whatwg.org/#concept-document">Document</a> representing the <var title="true">session data</var>, reject <var>promise</var> with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is <code><a href="#dfn-QuotaExceededError">QuotaExceededError</a></code>.</p>
+ <div class="note"><div class="note-title" aria-level="2" role="heading" id="h_note_19"><span>Note</span></div><p class="">In other words, do not create a session if a non-closed persistent session already exists for this <var>sanitized session ID</var> in any browsing context.</p></div>
+ </li>
+ <li><p>Load the <var title="true">session data</var>.</p></li>
+ <li><p>If the <var title="true">session data</var> indicates an expiration time for the session, let <var title="true">expiration time</var> be the expiration time in milliseconds since 01 January 1970 UTC.</p></li>
+ <li><p>If the CDM needs to send a message:</p>
+ <ol>
+ <li><p>Let <var title="true">message</var> be a message generated by the <a href="#cdm">CDM</a> based on the <var title="true">session data</var>.</p></li>
+ <li><p>Let <var title="true">message type</var> be the appropriate <code><a href="#idl-def-MediaKeyMessageType">MediaKeyMessageType</a></code> for the message.</p></li>
+ </ol>
+ </li>
+ </ol>
+ </li>
+ <li><p>If any of the preceding steps failed, reject <var>promise</var> with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is the appropriate <a href="#error-names">error name</a>.</p></li>
+ <li><p>Set the <code><a href="#widl-MediaKeySession-sessionId">sessionId</a></code> attribute to <var>sanitized session ID</var>.</p></li>
+ <li><p>Let this object's <var title="true">callable</var> be true.</p></li>
+ <li><p>If the loaded session contains usable keys, run the <a href="#algorithms-keys-changed">usable keys changed algorithm</a> on the <var title="true">session</var>.</p>
+ <p>The algorithm <em class="rfc2119" title="MAY">MAY</em> also be run later should additional processing be necessary to determine with certainty whether one or more keys is usable.</p>
+ </li>
+ <li><p>Run the <a href="#algorithms-update-expiration">update expiration algorithm</a> on the <var title="true">session</var>, providing <var title="true">expiration time</var>.</p></li>
+ <li><p>If <var title="true">message</var> is not null, run the <a href="#algorithms-queue-message">queue a "message" event algorithm</a> on the <var title="true">session</var>, providing <var title="true">message type</var> and <var title="true">message</var>.</p></li>
+ <li><p>Resolve <var>promise</var> with <code>true</code>.</p></li>
+ </ol>
+ </li>
+ <li><p>Return <var>promise</var>.</p></li>
+ </ol></dd><dt id="widl-MediaKeySession-remove-Promise-void"><code>remove</code></dt><dd>
+ <p>Removes stored session data associated with this object.</p>
+
+
+ <div><em>No parameters.</em></div><div><em>Return type: </em><code>Promise<void></code></div><p>When this method is invoked, the user agent must run the following steps:</p><ol class="method-algorithm">
+ <li><p>If this object's <var title="true">callable</var> value is false, return a promise rejected with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is <code><a href="#dfn-InvalidStateError">InvalidStateError</a></code>.</p></li>
+ <li><p>If this object's <var title="true">session type</var> is not <code><a href="#idl-def-SessionType.persistent">"persistent"</a></code>, return a promise rejected with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is <code><a href="#dfn-InvalidAccessError">InvalidAccessError</a></code>.</p></li>
+ <li><p>If the <a href="#algorithms-session-close">session close algorithm</a> has been run on this object, return a promise rejected with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is <code><a href="#dfn-InvalidStateError">InvalidStateError</a></code>.</p></li>
+ <li><p>Let <var>promise</var> be a new promise.</p></li>
+ <li><p>Run the following steps asynchronously:</p>
+ <ol>
+ <li><p>Let <var title="true">cdm</var> be the CDM loaded during the <a href="#widl-MediaKeys-create-Promise-MediaKeys--DOMString-keySystem">initialization</a> of the <code><a href="#idl-def-MediaKeys">MediaKeys</a></code> object that created this object.</p></li>
+ <li><p>Use the <var title="true">cdm</var> to execute the following steps:</p>
+ <ol>
+ <li>
+ <p>Process the remove request.</p>
+ <p>This <em class="rfc2119" title="MAY">MAY</em> involve exchanging message(s) with the application.</p>
+ <p>Unless this step fails, the CDM <em class="rfc2119" title="MUST">MUST</em> have cleared all stored session data associated with this object, including the <code><a href="#widl-MediaKeySession-sessionId">sessionId</a></code>, before proceeding to the next step.</p>
+ <div class="note"><div class="note-title" aria-level="2" role="heading" id="h_note_20"><span>Note</span></div><p class="">A subsequent call to <code><a href="#widl-MediaKeySession-load-Promise-boolean--DOMString-sessionId">load()</a></code> with the value <code><a href="#widl-MediaKeySession-sessionId">sessionId</a></code> would fail because there is no data stored for that session ID.)</p></div>
+ </li>
+ </ol>
+ </li>
+ <li><p>Run the following steps asynchronously once the above step has completed:</p>
+ <ol>
+ <li><p>If any of the preceding steps failed, reject <var>promise</var> with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is the appropriate <a href="#error-names">error name</a>.</p></li>
+ <li><p>Run the <a href="#algorithms-session-close">session close algorithm</a> on this object.</p></li>
+ <li><p>Resolve <var>promise</var>.</p></li>
+ </ol>
+ </li>
+ </ol>
+ </li>
+ <li><p>Return <var>promise</var>.</p></li>
+ </ol></dd><dt id="widl-MediaKeySession-update-Promise-void--ArrayBuffer-ArrayBufferView-response"><code>update</code></dt><dd>
+ <p>Provides messages, including licenses, to the CDM.</p>
+ <div class="note"><div class="note-title" aria-level="2" role="heading" id="h_note_21"><span>Note</span></div><p class="">The contents of <var title="true">response</var> are <a href="#key-system">Key System</a>-specific.</p></div>
+
+
+ <table class="parameters"><tbody><tr><th>Parameter</th><th>Type</th><th>Nullable</th><th>Optional</th><th>Description</th></tr><tr><td class="prmName">response</td><td class="prmType"><code>(ArrayBuffer or ArrayBufferView)</code></td><td class="prmNullFalse"><span role="img" aria-label="False">✘</span></td><td class="prmOptFalse"><span role="img" aria-label="False">✘</span></td><td class="prmDesc"></td></tr></tbody></table><div><em>Return type: </em><code>Promise<void></code></div><p>When this method is invoked, the user agent must run the following steps:</p><ol class="method-algorithm">
+ <li><p>If this object's <var title="true">callable</var> value is false, return a promise rejected with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is <code><a href="#dfn-InvalidStateError">InvalidStateError</a></code>.</p></li>
+ <li><p>If <var title="true">response</var> is an empty array, return a promise rejected with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is <code><a href="#dfn-InvalidAccessError">InvalidAccessError</a></code>.</p></li>
+ <li><p>Let <var>response copy</var> be a copy of the contents of the <var title="true">response</var> parameter.</p></li>
+ <li><p>Let <var>promise</var> be a new promise.</p></li>
+ <li><p>Run the following steps asynchronously:</p>
+ <ol>
+ <li><p>Let <var>sanitized response</var> be a validated and/or sanitized version of <var>response copy</var>.</p>
+ <div class="note"><div class="note-title" aria-level="2" role="heading" id="h_note_22"><span>Note</span></div><p class="">The user agent should thoroughly validate the response before passing it to the CDM.
+ This may include verifying values are within reasonable limits, stripping irrelevant data or fields, pre-parsing it, sanitizing it, and/or generating a fully sanitized version.
+ The user agent should check that the length and values of fields are reasonable.
+ Unknown fields should be rejected or removed.
+ </p></div>
+ </li>
+ <li><p>If the previous step failed, reject <var>promise</var> with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is <code><a href="#dfn-InvalidAccessError">InvalidAccessError</a></code>.</p></li>
+ <li><p>Let <var title="true">cdm</var> be the CDM loaded during the <a href="#widl-MediaKeys-create-Promise-MediaKeys--DOMString-keySystem">initialization</a> of the <code><a href="#idl-def-MediaKeys">MediaKeys</a></code> object that created this object.</p></li>
+ <li><p>Let <var title="true">message</var> be null.</p></li>
+ <li><p>Let <var title="true">message type</var> be null.</p></li>
+ <li><p>Use the <var title="true">cdm</var> to execute the following steps:</p>
+ <ol>
+ <li><p>If the format of <var>sanitized response</var> is invalid in any way, reject <var>promise</var> with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is <code><a href="#dfn-InvalidAccessError">InvalidAccessError</a></code>.</p></li>
+ <li><p>Process <var>sanitized response</var>, following the stipulation for the first matching condition from the following list:</p>
+ <dl class="switch">
+ <dt>If <var title="true">sessionType</var> is <code><a href="#idl-def-SessionType.temporary">"temporary"</a></code> and <var>sanitized response</var> does not specify that session data, including any license, key(s), or similar session data it contains, should be stored</dt>
+ <dd>Continue processing <var>sanitized response</var>, not storing any session data.</dd>
+ <dt>If <var title="true">sessionType</var> is <code><a href="#idl-def-SessionType.persistent">"persistent"</a></code></dt>
+ <dd>Continue processing <var>sanitized response</var>, storing the license, key(s), or similar session data contained in <var>sanitized response</var> as permitted or instructed by the license.
+ Such data <em class="rfc2119" title="MUST">MUST</em> be stored such that only the <a href="http://www.w3.org/TR/html5/browsers.html#origin-0">origin</a> of this object's <a href="http://dom.spec.whatwg.org/#concept-document">Document</a> can access it.
+ </dd>
+ <dt>Otherwise</dt>
+ <dd>Reject <var>promise</var> with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is <code><a href="#dfn-InvalidAccessError">InvalidAccessError</a></code>.</dd>
+ </dl>
+ <p>See also <a href="#session-storage">Session Storage and Persistence</a>.</p>
+ <div class="note"><div class="note-title" aria-level="2" role="heading" id="h_note_23"><span>Note</span></div><p class="">When <var>sanitized response</var> contains key(s) and/or related data, <var title="true">cdm</var> will likely cache the key and related data indexed by key ID.</p></div>
+ <div class="note"><div class="note-title" aria-level="2" role="heading" id="h_note_24"><span>Note</span></div><p class="">The replacement algorithm within a session is <a href="#key-system">Key System</a>-dependent.</p></div>
+ <p>Keys from different sessions <em class="rfc2119" title="SHOULD">SHOULD</em> be cached independently such that closing one session does not affect keys in other sessions, even if they have overlapping key IDs.</p>
+ <div class="note"><div class="note-title" aria-level="2" role="heading" id="h_note_25"><span>Note</span></div><p class="">It is <em class="rfc2119" title="RECOMMENDED">RECOMMENDED</em> that CDMs support a standard and reasonably high minimum number of keys per <code><a href="#idl-def-MediaKeySession">MediaKeySession</a></code> object, including a standard replacement algorithm, and a standard and reasonably high minimum number of <code><a href="#idl-def-MediaKeySession">MediaKeySession</a></code> objects.
+ This enables a reasonable number of key rotation algorithms to be implemented across user agents and may reduce the likelihood of playback interruptions in use cases that involve various streams in the same element (i.e. adaptive streams, various audio and video tracks) using different keys.
+ </p></div>
+ </li>
+ <li><p>If the set of usable keys changed, run the <a href="#algorithms-keys-changed">usable keys changed algorithm</a> on the <var title="true">session</var>.</p>
+ <p>The algorithm <em class="rfc2119" title="MAY">MAY</em> also be run later should additional processing be necessary to determine with certainty whether one or more keys is usable.</p>
+ </li>
+ <li><p>If the expiration time for the session changed, run the <a href="#algorithms-update-expiration">update expiration algorithm</a> on the <var title="true">session</var>, providing the new expiration time.</p></li>
+ <li><p>If a message needs to be sent to the server, execute the following steps:</p>
+ <ol>
+ <li><p>Let <var title="true">message</var> be that message.</p></li>
+ <li><p>Let <var title="true">message type</var> be the appropriate <code><a href="#idl-def-MediaKeyMessageType">MediaKeyMessageType</a></code> for the message.</p></li>
+ </ol>
+ </li>
+ </ol>
+ </li>
+ <li><p>If any of the preceding steps failed, reject <var>promise</var> with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is the appropriate <a href="#error-names">error name</a>.</p></li>
+ <li><p>If <var title="true">message</var> is not null, run the <a href="#algorithms-queue-message">queue a "message" event algorithm</a> on the <var title="true">session</var>, providing <var title="true">message type</var> and <var title="true">message</var>.</p></li>
+ <li><p>Resolve <var>promise</var>.</p></li>
+ </ol>
+ </li>
+ <li><p>Return <var>promise</var>.</p></li>
+ </ol></dd></dl></section>
+
+ <section id="mediakeymessageevent" typeof="bibo:Chapter" resource="#mediakeymessageevent" rel="bibo:Chapter">
+ <h3 role="heading" id="h3_mediakeymessageevent"><span class="secno">3.3 </span>MediaKeyMessageEvent</h3>
+ <p>The MediaKeyMessageEvent object is used for the <code><a href="#dom-evt-message">message</a></code> event.</p>
+ <p>Events are constructed as defined in <a href="http://dom.spec.whatwg.org/#constructing-events">Constructing events</a> [<cite><a class="bibref" href="#bib-DOM">DOM</a></cite>].</p>
+
+ <pre class="idl"><span class="idlEnum" id="idl-def-MediaKeyMessageType">enum <span class="idlEnumID">MediaKeyMessageType</span> {
"<a href="#idl-def-MediaKeyMessageType.licenserequest" class="idlEnumItem">licenserequest</a>",
"<a href="#idl-def-MediaKeyMessageType.licenserenewal" class="idlEnumItem">licenserenewal</a>",
"<a href="#idl-def-MediaKeyMessageType.licenserelease" class="idlEnumItem">licenserelease</a>"
};</span></pre><table class="simple"><tbody><tr><th colspan="2">Enumeration description</th></tr><tr><td><code id="idl-def-MediaKeyMessageType.licenserequest">licenserequest</code></td><td>The message contains a request for a new license.</td></tr><tr><td><code id="idl-def-MediaKeyMessageType.licenserenewal">licenserenewal</code></td><td>The message contains a request to renew an existing license.</td></tr><tr><td><code id="idl-def-MediaKeyMessageType.licenserelease">licenserelease</code></td><td>The message contains a proof of key release.</td></tr></tbody></table>
-
- <pre class="idl"><span class="idlInterface" id="idl-def-MediaKeyMessageEvent">[<span class="idlCtor"> <span class="idlCtorKeyword"></span><span class="idlCtorName"><a href="#widl-ctor-MediaKeyMessageEvent--DOMString-type-MediaKeyMessageEventInit-eventInitDict">Constructor</a></span> (<span class="idlParam"><span class="idlParamType">DOMString</span> <span class="idlParamName">type</span></span>, <span class="idlParam">optional <span class="idlParamType"><a href="#idl-def-MediaKeyMessageEventInit" class="idlType"><code>MediaKeyMessageEventInit</code></a></span> <span class="idlParamName">eventInitDict</span></span>)</span>]
+
+ <pre class="idl"><span class="idlInterface" id="idl-def-MediaKeyMessageEvent">[<span class="idlCtor"> <span class="idlCtorKeyword"></span><span class="idlCtorName"><a href="#widl-ctor-MediaKeyMessageEvent--DOMString-type-MediaKeyMessageEventInit-eventInitDict">Constructor</a></span> (<span class="idlParam"><span class="idlParamType">DOMString</span> <span class="idlParamName">type</span></span>, <span class="idlParam">optional <span class="idlParamType"><a href="#idl-def-MediaKeyMessageEventInit" class="idlType"><code>MediaKeyMessageEventInit</code></a></span> <span class="idlParamName">eventInitDict</span></span>)</span>]
interface <span class="idlInterfaceID">MediaKeyMessageEvent</span> : <span class="idlSuperclass">Event</span> {
<span class="idlAttribute"> readonly attribute <span class="idlAttrType"><a href="#idl-def-MediaKeyMessageType" class="idlType"><code>MediaKeyMessageType</code></a></span> <span class="idlAttrName"><a href="#widl-MediaKeyMessageEvent-type">type</a></span>;</span>
<span class="idlAttribute"> readonly attribute <span class="idlAttrType">ArrayBuffer</span> <span class="idlAttrName"><a href="#widl-MediaKeyMessageEvent-message">message</a></span>;</span>
};</span></pre><section id="constructors"><h4 role="heading" id="h4_constructors"><span class="secno">3.3.1 </span>Constructors</h4><dl class="constructors"><dt id="widl-ctor-MediaKeyMessageEvent--DOMString-type-MediaKeyMessageEventInit-eventInitDict"><code>MediaKeyMessageEvent</code></dt><dd>
-
- <table class="parameters"><tbody><tr><th>Parameter</th><th>Type</th><th>Nullable</th><th>Optional</th><th>Description</th></tr><tr><td class="prmName">type</td><td class="prmType"><code>DOMString</code></td><td class="prmNullFalse"><span role="img" aria-label="False">✘</span></td><td class="prmOptFalse"><span role="img" aria-label="False">✘</span></td><td class="prmDesc"></td></tr><tr><td class="prmName">eventInitDict</td><td class="prmType"><code><a href="#idl-def-MediaKeyMessageEventInit" class="idlType"><code>MediaKeyMessageEventInit</code></a></code></td><td class="prmNullFalse"><span role="img" aria-label="False">✘</span></td><td class="prmOptTrue"><span role="img" aria-label="True">✔</span></td><td class="prmDesc"></td></tr></tbody></table></dd></dl></section><section id="attributes-2"><h4 role="heading" id="h4_attributes-2"><span class="secno">3.3.2 </span>Attributes</h4><dl class="attributes"><dt id="widl-MediaKeyMessageEvent-message"><code>message</code> of type <span class="idlAttrType">ArrayBuffer</span>, readonly </dt><dd>
- The message from the CDM. Messages are Key System-specific.
- </dd><dt id="widl-MediaKeyMessageEvent-type"><code>type</code> of type <span class="idlAttrType"><a href="#idl-def-MediaKeyMessageType" class="idlType"><code>MediaKeyMessageType</code></a></span>, readonly </dt><dd>
- The type of the message.
- </dd></dl></section>
-
- <section id="mediakeymessageeventinit" typeof="bibo:Chapter" resource="#mediakeymessageeventinit" rel="bibo:Chapter">
- <h4 role="heading" id="h4_mediakeymessageeventinit"><span class="secno">3.3.3 </span>MediaKeyMessageEventInit</h4>
- <pre class="idl"><span class="idlDictionary" id="idl-def-MediaKeyMessageEventInit">dictionary <span class="idlDictionaryID">MediaKeyMessageEventInit</span> : <span class="idlSuperclass">EventInit</span> {
+
+ <table class="parameters"><tbody><tr><th>Parameter</th><th>Type</th><th>Nullable</th><th>Optional</th><th>Description</th></tr><tr><td class="prmName">type</td><td class="prmType"><code>DOMString</code></td><td class="prmNullFalse"><span role="img" aria-label="False">✘</span></td><td class="prmOptFalse"><span role="img" aria-label="False">✘</span></td><td class="prmDesc"></td></tr><tr><td class="prmName">eventInitDict</td><td class="prmType"><code><a href="#idl-def-MediaKeyMessageEventInit" class="idlType"><code>MediaKeyMessageEventInit</code></a></code></td><td class="prmNullFalse"><span role="img" aria-label="False">✘</span></td><td class="prmOptTrue"><span role="img" aria-label="True">✔</span></td><td class="prmDesc"></td></tr></tbody></table></dd></dl></section><section id="attributes-2"><h4 role="heading" id="h4_attributes-2"><span class="secno">3.3.2 </span>Attributes</h4><dl class="attributes"><dt id="widl-MediaKeyMessageEvent-message"><code>message</code> of type <span class="idlAttrType">ArrayBuffer</span>, readonly </dt><dd>
+ The message from the CDM. Messages are Key System-specific.
+ </dd><dt id="widl-MediaKeyMessageEvent-type"><code>type</code> of type <span class="idlAttrType"><a href="#idl-def-MediaKeyMessageType" class="idlType"><code>MediaKeyMessageType</code></a></span>, readonly </dt><dd>
+ The type of the message.
+ </dd></dl></section>
+
+ <section id="mediakeymessageeventinit" typeof="bibo:Chapter" resource="#mediakeymessageeventinit" rel="bibo:Chapter">
+ <h4 role="heading" id="h4_mediakeymessageeventinit"><span class="secno">3.3.3 </span>MediaKeyMessageEventInit</h4>
+ <pre class="idl"><span class="idlDictionary" id="idl-def-MediaKeyMessageEventInit">dictionary <span class="idlDictionaryID">MediaKeyMessageEventInit</span> : <span class="idlSuperclass">EventInit</span> {
<span class="idlMember"> <span class="idlMemberType"><a href="#idl-def-MediaKeyMessageType" class="idlType"><code>MediaKeyMessageType</code></a></span> <span class="idlMemberName"><a href="#widl-MediaKeyMessageEventInit-type">type</a></span> = <span class="idlMemberValue">"licenserequest"</span>;</span>
<span class="idlMember"> <span class="idlMemberType">ArrayBuffer</span> <span class="idlMemberName"><a href="#widl-MediaKeyMessageEventInit-message">message</a></span> = <span class="idlMemberValue">ArrayBuffer()</span>;</span>
};</span></pre><section id="dictionary-mediakeymessageeventinit-members"><h5 role="heading" id="h5_dictionary-mediakeymessageeventinit-members"><span class="secno">3.3.3.1 </span>Dictionary <a class="idlType" href="#idl-def-MediaKeyMessageEventInit"><code>MediaKeyMessageEventInit</code></a> Members</h5><dl class="dictionary-members"><dt id="widl-MediaKeyMessageEventInit-message"><code>message</code> of type <span class="idlMemberType">ArrayBuffer</span>, defaulting to <code>ArrayBuffer()</code></dt><dd>
- The message.
- </dd><dt id="widl-MediaKeyMessageEventInit-type"><code>type</code> of type <span class="idlMemberType"><a href="#idl-def-MediaKeyMessageType" class="idlType"><code>MediaKeyMessageType</code></a></span>, defaulting to <code>"licenserequest"</code></dt><dd>
- The type of the message.
- </dd></dl></section>
+ The message.
+ </dd><dt id="widl-MediaKeyMessageEventInit-type"><code>type</code> of type <span class="idlMemberType"><a href="#idl-def-MediaKeyMessageType" class="idlType"><code>MediaKeyMessageType</code></a></span>, defaulting to <code>"licenserequest"</code></dt><dd>
+ The type of the message.
+ </dd></dl></section>
+ </section>
</section>
- </section>
-
- <section id="mediakeysession-events" class="informative" typeof="bibo:Chapter" resource="#mediakeysession-events" rel="bibo:Chapter">
- <h3 role="heading" id="h3_mediakeysession-events"><span class="secno">3.4 </span>Event Summary</h3><p><em>This section is non-normative.</em></p>
-
- <div class="note"><div class="note-title" aria-level="2" role="heading" id="h_note_26"><span>Note</span></div><p class="">In some implementations, <code><a href="#idl-def-MediaKeySession">MediaKeySession</a></code> objects may not fire any events until the <code><a href="#idl-def-MediaKeys">MediaKeys</a></code> object is associated with a media element using <code><a href="#widl-HTMLMediaElement-setMediaKeys-Promise-void--MediaKeys-mediaKeys">setMediaKeys()</a></code>.</p></div>
-
- <table class="old-table">
- <thead>
- <tr>
- <th>Event name</th>
- <th>Interface</th>
- <th>Dispatched when...</th>
- </tr>
- </thead>
- <tbody>
- <tr>
- <td><dfn id="dom-evt-keyschange"><code>keyschange</code></dfn></td>
- <td><code><a href="http://dom.spec.whatwg.org/#event">Event</a></code></td>
- <td>There has been a change in usable keys in the session.</td>
- </tr>
- <tr>
- <td><dfn id="dom-evt-message"><code>message</code></dfn></td>
- <td><a href="#idl-def-MediaKeyMessageEvent" class="idlType"><code>MediaKeyMessageEvent</code></a></td>
- <td>The CDM has generated a message for the session.</td>
- </tr>
- </tbody>
- </table>
- </section>
-
- <section id="mediakeysession-algorithms" typeof="bibo:Chapter" resource="#mediakeysession-algorithms" rel="bibo:Chapter">
- <h3 role="heading" id="h3_mediakeysession-algorithms"><span class="secno">3.5 </span>Algorithms</h3>
-
- <section id="algorithms-queue-message" typeof="bibo:Chapter" resource="#algorithms-queue-message" rel="bibo:Chapter">
- <h4 role="heading" id="h4_algorithms-queue-message"><span class="secno">3.5.1 </span>Queue a "message" Event</h4>
- <p>The Queue a "message" Event algorithm is run when the CDM needs to queue a message event to a <code><a href="#idl-def-MediaKeySession">MediaKeySession</a></code> object.
- Requests to run this algorithm include a target <code><a href="#idl-def-MediaKeySession">MediaKeySession</a></code> object, a <var title="true">message type</var>, and a <var title="true">message</var>.
- </p>
- <p>The following steps are run:</p>
- <ol>
- <li><p>Let the <var title="true">session</var> be the specified <code><a href="#idl-def-MediaKeySession">MediaKeySession</a></code> object.</p></li>
- <li>
- <p><a href="http://www.w3.org/TR/html5/webappapis.html#queue-a-task">Queue a task</a> to <a href="http://www.w3.org/TR/html5/webappapis.html#fire-a-simple-event">fire a simple event</a> named <code><a href="#dom-evt-message">message</a></code> at the <var title="true">session</var>.</p>
- <p>The event is of type <code><a href="#idl-def-MediaKeyMessageEvent">MediaKeyMessageEvent</a></code> and has:</p>
- <ul style="list-style-type:none"><li>
- <code><a href="#widl-MediaKeyMessageEvent-type">type</a></code> = the specified <var title="true">message type</var><br><br>
- <code><a href="#widl-MediaKeyMessageEvent-message">message</a></code> = the specified <var title="true">message</var>
- </li></ul>
- </li>
- </ol>
- </section>
-
- <section id="algorithms-keys-changed" typeof="bibo:Chapter" resource="#algorithms-keys-changed" rel="bibo:Chapter">
- <h4 role="heading" id="h4_algorithms-keys-changed"><span class="secno">3.5.2 </span>Usable Keys Changed</h4>
- <p>The Usable Keys Changed algorithm is run when the CDM changes the set of keys in the session that may be used for decryption.
- This can happen as the result of an <code><a href="#widl-MediaKeySession-update-Promise-void--ArrayBuffer-ArrayBufferView-response">update()</a></code> call or some other event.
- Requests to run this algorithm include a target <code><a href="#idl-def-MediaKeySession">MediaKeySession</a></code> object.
- </p>
- <p>The following steps are run:</p>
- <ol>
- <li><p>Let the <var title="true">session</var> be the associated <code><a href="#idl-def-MediaKeySession">MediaKeySession</a></code> object.</p></li>
- <li><p><a href="http://www.w3.org/TR/html5/webappapis.html#queue-a-task">Queue a task</a> to <a href="http://www.w3.org/TR/html5/webappapis.html#fire-a-simple-event">fire a simple event</a> named <code><a href="#dom-evt-keyschange">keyschange</a></code> at the <var title="true">session</var>.</p></li>
- <li><p><a href="http://www.w3.org/TR/html5/webappapis.html#queue-a-task">Queue a task</a> to run the <a href="#algorithms-resume-playback">attempt to resume playback if necessary algorithm</a> on each of the media element(s) whose <code><a href="#widl-HTMLMediaElement-mediaKeys">mediaKeys</a></code> attribute is the MediaKeys object that created the <var title="true">session</var>.</p>
- <p>The user agent <em class="rfc2119" title="MAY">MAY</em> choose to skip this step if it knows resuming will fail.</p>
- <div class="note"><div class="note-title" aria-level="3" role="heading" id="h_note_27"><span>Note</span></div><p class="">For example, the user agent may skip this step if no additional keys became available.</p></div>
- </li>
- </ol>
- </section>
-
- <section id="algorithms-update-expiration" typeof="bibo:Chapter" resource="#algorithms-update-expiration" rel="bibo:Chapter">
- <h4 role="heading" id="h4_algorithms-update-expiration"><span class="secno">3.5.3 </span>Update Expiration</h4>
- <p>The Update Expiration algorithm is run when the CDM changes the expiration time of a session.
- This can happen as the result of an <code><a href="#widl-MediaKeySession-update-Promise-void--ArrayBuffer-ArrayBufferView-response">update()</a></code> call or some other event.
- Requests to run this algorithm include a target <code><a href="#idl-def-MediaKeySession">MediaKeySession</a></code> object and the new expiration time, which may be <code>NaN</code>.
- </p>
- <p>The following steps are run:</p>
- <ol>
- <li><p>Let the <var title="true">session</var> be the associated <code><a href="#idl-def-MediaKeySession">MediaKeySession</a></code> object.</p></li>
- <li><p>Let <var title="true">expiration time</var> be <code>NaN</code>.</p></li>
- <li><p>If the new expiration time is not <code>NaN</code>, let <var title="true">expiration time</var> be the new expiration time in milliseconds since 01 January 1970 UTC.</p></li>
- <li><p>Set the <var title="true">session</var>'s <code><a href="#widl-MediaKeySession-expiration">expiration</a></code> attribute to <var title="true">expiration time</var>.</p></li>
- </ol>
- </section>
-
- <section id="algorithms-session-close" typeof="bibo:Chapter" resource="#algorithms-session-close" rel="bibo:Chapter">
- <h4 role="heading" id="h4_algorithms-session-close"><span class="secno">3.5.4 </span>Session Close</h4>
- <p>The Session Close algorithm is run when the CDM closes the session associated with a <code><a href="#idl-def-MediaKeySession">MediaKeySession</a></code> object.</p>
- <div class="note"><div class="note-title" aria-level="3" role="heading" id="h_note_28"><span>Note</span></div><p class="">The CDM may close a session at any point, such as in response to a <code><a href="#widl-MediaKeySession-close-Promise-void">close()</a></code> call, when the session is no longer needed, or when system resources are lost.
- Keys in other sessions <em class="rfc2119" title="SHOULD">SHOULD</em> be unaffected, even if they have overlapping key IDs.
- </p></div>
- <p>The following steps are run:</p>
- <ol>
- <li><p>Let the <var title="true">session</var> be the associated <code><a href="#idl-def-MediaKeySession">MediaKeySession</a></code> object.</p></li>
- <li><p>Let <var title="true">media keys</var> be the <code><a href="#idl-def-MediaKeys">MediaKeys</a></code> object that created this object.</p></li>
- <li><p>Let <var>promise</var> be the <code><a href="#widl-MediaKeySession-closed">closed</a></code> attribute of the <var title="true">session</var>.</p></li>
- <li><p>Resolve <var>promise</var>.</p></li>
- </ol>
- </section>
- </section>
-
- <section id="exceptions" typeof="bibo:Chapter" resource="#exceptions" rel="bibo:Chapter">
- <h3 role="heading" id="h3_exceptions"><span class="secno">3.6 </span>Exceptions</h3>
- <p id="error-names">The methods report errors by rejecting the returned promise with a <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code>.
- The following <a href="http://heycam.github.io/webidl/#idl-DOMException-error-names">DOMException names from WebIDL</a> are used in the algorithms.
- Causes specified specified in the algorithms are listed alongside each name, though these names <em class="rfc2119" title="MAY">MAY</em> be used for other reasons as well.
- </p>
-
- <table class="old-table">
- <tbody>
- <tr>
- <th>Name</th>
- <th>Possible Causes (non-exhaustive)</th>
- </tr>
- <tr>
- <td><dfn id="dfn-NotSupportedError"><code>NotSupportedError</code></dfn></td>
- <td>
- The existing MediaKeys object cannot be removed.<br>
- The key system is not supported.<br>
- The key system is not supported on insecure origins.<br>
- The initialization data type is not supported by the key system.<br>
- The session type is not supported by the key system.<br>
- The initialization data is not supported by the key system.<br>
- The operation is not supported by the key system.
- </td>
- </tr>
- <tr>
- <td><dfn id="dfn-InvalidStateError"><code>InvalidStateError</code></dfn></td>
- <td>The existing MediaKeys object cannot be removed at this time.<br>
- The session has already been used.<br>
- The session is not yet initialized.<br>
- The session is closed.
- </td>
- </tr>
- <tr>
- <td><dfn id="dfn-InvalidAccessError"><code>InvalidAccessError</code></dfn></td>
- <td>
- The parameter is empty.<br>
- Invalid initialization data.<br>
- The operation is not supported on sessions of this type.<br>
- Invalid response format.<br>
- A persistent license was provided for a "temporary" session.
- </td>
- </tr>
- <tr>
- <td><dfn id="dfn-QuotaExceededError"><code>QuotaExceededError</code></dfn></td>
- <td>The MediaKeys object cannot be used with additional HTMLMediaElements.<br>
- A non-closed session already exists for this sessionId.
- </td>
- </tr>
- </tbody>
- </table>
- </section>
-
- <section id="session-storage" typeof="bibo:Chapter" resource="#session-storage" rel="bibo:Chapter">
- <h3 role="heading" id="h3_session-storage"><span class="secno">3.7 </span>Session Storage and Persistence</h3>
- <p>This section provides an overview of session stroage and persistence that complements the algorithms.</p>
- <p>If this object's <var title="true">session type</var> is not <code><a href="#idl-def-SessionType.persistent">"persistent"</a></code>, the user agent and CDM <em class="rfc2119" title="MUST NOT">MUST NOT</em> persist a record of or data related to the session at any point.
- This includes license(s), key(s), and the <a href="#session-id">Session Id</a>.
- </p>
- <p>The remainder of this section applies to <code><a href="#idl-def-SessionType.persistent">"persistent"</a></code> sessions, which are <em class="rfc2119" title="OPTIONAL">OPTIONAL</em> for implementatations to support.</p>
- <p>Persisted data <em class="rfc2119" title="MUST">MUST</em> always be stored such that only the <a href="http://www.w3.org/TR/html5/browsers.html#origin-0">origin</a> of this object's <a href="http://dom.spec.whatwg.org/#concept-document">Document</a> can access it.
- In addition, the data <em class="rfc2119" title="MUST">MUST</em> only be accessible by the current profile of this user agent - other user agent profiles, user agents, and applications <em class="rfc2119" title="MUST NOT">MUST NOT</em> be able to access the stored data.
- </p>
- <p>The CDM <em class="rfc2119" title="SHOULD NOT">SHOULD NOT</em> store session data, including the Session ID, until <code><a href="#widl-MediaKeySession-update-Promise-void--ArrayBuffer-ArrayBufferView-response">update()</a></code> is called the first time.
- Specifically, the CDM <em class="rfc2119" title="SHOULD NOT">SHOULD NOT</em> store session data during the <code><a href="#widl-MediaKeySession-generateRequest-Promise-void--DOMString-initDataType-ArrayBuffer-ArrayBufferView-initData">generateRequest()</a></code> algorithm.
- This ensures that the application is aware of the session and knows it needs to eventually remove it.
- </p>
- <p>The CDM <em class="rfc2119" title="MUST">MUST</em> ensure that data for a given session is only present in one active unclosed session in any <a href="http://dom.spec.whatwg.org/#concept-document">Document</a>.
- In other words, <code><a href="#widl-MediaKeySession-load-Promise-boolean--DOMString-sessionId">load()</a></code> <em class="rfc2119" title="MUST">MUST</em> fail when there is already a <code><a href="#idl-def-MediaKeySession">MediaKeySession</a></code> representing the session specified by the <var title="true">sessionId</var> parameter, either because the object that created it via <code><a href="#widl-MediaKeySession-generateRequest-Promise-void--DOMString-initDataType-ArrayBuffer-ArrayBufferView-initData">generateRequest()</a></code> is still active or it has been loaded into another object via <code><a href="#widl-MediaKeySession-load-Promise-boolean--DOMString-sessionId">load()</a></code>.
- A session <em class="rfc2119" title="MAY">MAY</em> only be loaded again after the <a href="#algorithms-session-close">session close algorithm</a> has not been run on the object representing it.
- </p>
- <p>An application that creates a <code><a href="#idl-def-SessionType.persistent">"persistent"</a></code> session <em class="rfc2119" title="SHOULD">SHOULD</em> later remove the stored data using <code><a href="#widl-MediaKeySession-remove-Promise-void">remove()</a></code>.
- The CDM <em class="rfc2119" title="MAY">MAY</em> also remove sessions as appropriate, but applications <em class="rfc2119" title="SHOULD NOT">SHOULD NOT</em> rely on this.
- </p>
- <div class="note"><div class="note-title" aria-level="2" role="heading" id="h_note_29"><span>Note</span></div><p class="">See the <a href="#security">Security Considerations</a> and <a href="#privacy">Privacy Considerations</a> sections for additional considerations when supporting persistent storage.</p></div>
- </section>
+
+ <section id="mediakeysession-events" class="informative" typeof="bibo:Chapter" resource="#mediakeysession-events" rel="bibo:Chapter">
+ <h3 role="heading" id="h3_mediakeysession-events"><span class="secno">3.4 </span>Event Summary</h3><p><em>This section is non-normative.</em></p>
+
+ <div class="note"><div class="note-title" aria-level="2" role="heading" id="h_note_26"><span>Note</span></div><p class="">In some implementations, <code><a href="#idl-def-MediaKeySession">MediaKeySession</a></code> objects may not fire any events until the <code><a href="#idl-def-MediaKeys">MediaKeys</a></code> object is associated with a media element using <code><a href="#widl-HTMLMediaElement-setMediaKeys-Promise-void--MediaKeys-mediaKeys">setMediaKeys()</a></code>.</p></div>
+
+ <table class="old-table">
+ <thead>
+ <tr>
+ <th>Event name</th>
+ <th>Interface</th>
+ <th>Dispatched when...</th>
+ </tr>
+ </thead>
+ <tbody>
+ <tr>
+ <td><dfn id="dom-evt-keyschange"><code>keyschange</code></dfn></td>
+ <td><code><a href="http://dom.spec.whatwg.org/#event">Event</a></code></td>
+ <td>There has been a change in usable keys in the session.</td>
+ </tr>
+ <tr>
+ <td><dfn id="dom-evt-message"><code>message</code></dfn></td>
+ <td><a href="#idl-def-MediaKeyMessageEvent" class="idlType"><code>MediaKeyMessageEvent</code></a></td>
+ <td>The CDM has generated a message for the session.</td>
+ </tr>
+ </tbody>
+ </table>
+ </section>
+
+ <section id="mediakeysession-algorithms" typeof="bibo:Chapter" resource="#mediakeysession-algorithms" rel="bibo:Chapter">
+ <h3 role="heading" id="h3_mediakeysession-algorithms"><span class="secno">3.5 </span>Algorithms</h3>
+
+ <section id="algorithms-queue-message" typeof="bibo:Chapter" resource="#algorithms-queue-message" rel="bibo:Chapter">
+ <h4 role="heading" id="h4_algorithms-queue-message"><span class="secno">3.5.1 </span>Queue a "message" Event</h4>
+ <p>The Queue a "message" Event algorithm is run when the CDM needs to queue a message event to a <code><a href="#idl-def-MediaKeySession">MediaKeySession</a></code> object.
+ Requests to run this algorithm include a target <code><a href="#idl-def-MediaKeySession">MediaKeySession</a></code> object, a <var title="true">message type</var>, and a <var title="true">message</var>.
+ </p>
+ <p>The following steps are run:</p>
+ <ol>
+ <li><p>Let the <var title="true">session</var> be the specified <code><a href="#idl-def-MediaKeySession">MediaKeySession</a></code> object.</p></li>
+ <li>
+ <p><a href="http://www.w3.org/TR/html5/webappapis.html#queue-a-task">Queue a task</a> to <a href="http://www.w3.org/TR/html5/webappapis.html#fire-a-simple-event">fire a simple event</a> named <code><a href="#dom-evt-message">message</a></code> at the <var title="true">session</var>.</p>
+ <p>The event is of type <code><a href="#idl-def-MediaKeyMessageEvent">MediaKeyMessageEvent</a></code> and has:</p>
+ <ul style="list-style-type:none"><li>
+ <code><a href="#widl-MediaKeyMessageEvent-type">type</a></code> = the specified <var title="true">message type</var><br><br>
+ <code><a href="#widl-MediaKeyMessageEvent-message">message</a></code> = the specified <var title="true">message</var>
+ </li></ul>
+ </li>
+ </ol>
+ </section>
+
+ <section id="algorithms-keys-changed" typeof="bibo:Chapter" resource="#algorithms-keys-changed" rel="bibo:Chapter">
+ <h4 role="heading" id="h4_algorithms-keys-changed"><span class="secno">3.5.2 </span>Usable Keys Changed</h4>
+ <p>The Usable Keys Changed algorithm is run when the CDM changes the set of keys in the session that may be used for decryption.
+ This can happen as the result of an <code><a href="#widl-MediaKeySession-update-Promise-void--ArrayBuffer-ArrayBufferView-response">update()</a></code> call or some other event.
+ Requests to run this algorithm include a target <code><a href="#idl-def-MediaKeySession">MediaKeySession</a></code> object.
+ </p>
+ <p>The following steps are run:</p>
+ <ol>
+ <li><p>Let the <var title="true">session</var> be the associated <code><a href="#idl-def-MediaKeySession">MediaKeySession</a></code> object.</p></li>
+ <li><p><a href="http://www.w3.org/TR/html5/webappapis.html#queue-a-task">Queue a task</a> to <a href="http://www.w3.org/TR/html5/webappapis.html#fire-a-simple-event">fire a simple event</a> named <code><a href="#dom-evt-keyschange">keyschange</a></code> at the <var title="true">session</var>.</p></li>
+ <li><p><a href="http://www.w3.org/TR/html5/webappapis.html#queue-a-task">Queue a task</a> to run the <a href="#algorithms-resume-playback">attempt to resume playback if necessary algorithm</a> on each of the media element(s) whose <code><a href="#widl-HTMLMediaElement-mediaKeys">mediaKeys</a></code> attribute is the MediaKeys object that created the <var title="true">session</var>.</p>
+ <p>The user agent <em class="rfc2119" title="MAY">MAY</em> choose to skip this step if it knows resuming will fail.</p>
+ <div class="note"><div class="note-title" aria-level="3" role="heading" id="h_note_27"><span>Note</span></div><p class="">For example, the user agent may skip this step if no additional keys became available.</p></div>
+ </li>
+ </ol>
+ </section>
+
+ <section id="algorithms-update-expiration" typeof="bibo:Chapter" resource="#algorithms-update-expiration" rel="bibo:Chapter">
+ <h4 role="heading" id="h4_algorithms-update-expiration"><span class="secno">3.5.3 </span>Update Expiration</h4>
+ <p>The Update Expiration algorithm is run when the CDM changes the expiration time of a session.
+ This can happen as the result of an <code><a href="#widl-MediaKeySession-update-Promise-void--ArrayBuffer-ArrayBufferView-response">update()</a></code> call or some other event.
+ Requests to run this algorithm include a target <code><a href="#idl-def-MediaKeySession">MediaKeySession</a></code> object and the new expiration time, which may be <code>NaN</code>.
+ </p>
+ <p>The following steps are run:</p>
+ <ol>
+ <li><p>Let the <var title="true">session</var> be the associated <code><a href="#idl-def-MediaKeySession">MediaKeySession</a></code> object.</p></li>
+ <li><p>Let <var title="true">expiration time</var> be <code>NaN</code>.</p></li>
+ <li><p>If the new expiration time is not <code>NaN</code>, let <var title="true">expiration time</var> be the new expiration time in milliseconds since 01 January 1970 UTC.</p></li>
+ <li><p>Set the <var title="true">session</var>'s <code><a href="#widl-MediaKeySession-expiration">expiration</a></code> attribute to <var title="true">expiration time</var>.</p></li>
+ </ol>
+ </section>
+
+ <section id="algorithms-session-close" typeof="bibo:Chapter" resource="#algorithms-session-close" rel="bibo:Chapter">
+ <h4 role="heading" id="h4_algorithms-session-close"><span class="secno">3.5.4 </span>Session Close</h4>
+ <p>The Session Close algorithm is run when the CDM closes the session associated with a <code><a href="#idl-def-MediaKeySession">MediaKeySession</a></code> object.</p>
+ <div class="note"><div class="note-title" aria-level="3" role="heading" id="h_note_28"><span>Note</span></div><p class="">The CDM may close a session at any point, such as in response to a <code><a href="#widl-MediaKeySession-close-Promise-void">close()</a></code> call, when the session is no longer needed, or when system resources are lost.
+ Keys in other sessions <em class="rfc2119" title="SHOULD">SHOULD</em> be unaffected, even if they have overlapping key IDs.
+ </p></div>
+ <p>The following steps are run:</p>
+ <ol>
+ <li><p>Let the <var title="true">session</var> be the associated <code><a href="#idl-def-MediaKeySession">MediaKeySession</a></code> object.</p></li>
+ <li><p>Let <var title="true">media keys</var> be the <code><a href="#idl-def-MediaKeys">MediaKeys</a></code> object that created this object.</p></li>
+ <li><p>Let <var>promise</var> be the <code><a href="#widl-MediaKeySession-closed">closed</a></code> attribute of the <var title="true">session</var>.</p></li>
+ <li><p>Resolve <var>promise</var>.</p></li>
+ </ol>
+ </section>
+ </section>
+
+ <section id="exceptions" typeof="bibo:Chapter" resource="#exceptions" rel="bibo:Chapter">
+ <h3 role="heading" id="h3_exceptions"><span class="secno">3.6 </span>Exceptions</h3>
+ <p id="error-names">The methods report errors by rejecting the returned promise with a <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code>.
+ The following <a href="http://heycam.github.io/webidl/#idl-DOMException-error-names">DOMException names from WebIDL</a> are used in the algorithms.
+ Causes specified specified in the algorithms are listed alongside each name, though these names <em class="rfc2119" title="MAY">MAY</em> be used for other reasons as well.
+ </p>
+
+ <table class="old-table">
+ <tbody>
+ <tr>
+ <th>Name</th>
+ <th>Possible Causes (non-exhaustive)</th>
+ </tr>
+ <tr>
+ <td><dfn id="dfn-NotSupportedError"><code>NotSupportedError</code></dfn></td>
+ <td>
+ The existing MediaKeys object cannot be removed.<br>
+ The key system is not supported.<br>
+ The key system is not supported on insecure origins.<br>
+ The initialization data type is not supported by the key system.<br>
+ The session type is not supported by the key system.<br>
+ The initialization data is not supported by the key system.<br>
+ The operation is not supported by the key system.
+ </td>
+ </tr>
+ <tr>
+ <td><dfn id="dfn-InvalidStateError"><code>InvalidStateError</code></dfn></td>
+ <td>The existing MediaKeys object cannot be removed at this time.<br>
+ The session has already been used.<br>
+ The session is not yet initialized.<br>
+ The session is closed.
+ </td>
+ </tr>
+ <tr>
+ <td><dfn id="dfn-InvalidAccessError"><code>InvalidAccessError</code></dfn></td>
+ <td>
+ The parameter is empty.<br>
+ Invalid initialization data.<br>
+ The operation is not supported on sessions of this type.<br>
+ Invalid response format.<br>
+ A persistent license was provided for a "temporary" session.
+ </td>
+ </tr>
+ <tr>
+ <td><dfn id="dfn-QuotaExceededError"><code>QuotaExceededError</code></dfn></td>
+ <td>The MediaKeys object cannot be used with additional HTMLMediaElements.<br>
+ A non-closed session already exists for this sessionId.
+ </td>
+ </tr>
+ </tbody>
+ </table>
+ </section>
+
+ <section id="session-storage" typeof="bibo:Chapter" resource="#session-storage" rel="bibo:Chapter">
+ <h3 role="heading" id="h3_session-storage"><span class="secno">3.7 </span>Session Storage and Persistence</h3>
+ <p>This section provides an overview of session stroage and persistence that complements the algorithms.</p>
+ <p>If this object's <var title="true">session type</var> is not <code><a href="#idl-def-SessionType.persistent">"persistent"</a></code>, the user agent and CDM <em class="rfc2119" title="MUST NOT">MUST NOT</em> persist a record of or data related to the session at any point.
+ This includes license(s), key(s), and the <a href="#session-id">Session Id</a>.
+ </p>
+ <p>The remainder of this section applies to <code><a href="#idl-def-SessionType.persistent">"persistent"</a></code> sessions, which are <em class="rfc2119" title="OPTIONAL">OPTIONAL</em> for implementatations to support.</p>
+ <p>Persisted data <em class="rfc2119" title="MUST">MUST</em> always be stored such that only the <a href="http://www.w3.org/TR/html5/browsers.html#origin-0">origin</a> of this object's <a href="http://dom.spec.whatwg.org/#concept-document">Document</a> can access it.
+ In addition, the data <em class="rfc2119" title="MUST">MUST</em> only be accessible by the current profile of this user agent - other user agent profiles, user agents, and applications <em class="rfc2119" title="MUST NOT">MUST NOT</em> be able to access the stored data.
+ </p>
+ <p>The CDM <em class="rfc2119" title="SHOULD NOT">SHOULD NOT</em> store session data, including the Session ID, until <code><a href="#widl-MediaKeySession-update-Promise-void--ArrayBuffer-ArrayBufferView-response">update()</a></code> is called the first time.
+ Specifically, the CDM <em class="rfc2119" title="SHOULD NOT">SHOULD NOT</em> store session data during the <code><a href="#widl-MediaKeySession-generateRequest-Promise-void--DOMString-initDataType-ArrayBuffer-ArrayBufferView-initData">generateRequest()</a></code> algorithm.
+ This ensures that the application is aware of the session and knows it needs to eventually remove it.
+ </p>
+ <p>The CDM <em class="rfc2119" title="MUST">MUST</em> ensure that data for a given session is only present in one active unclosed session in any <a href="http://dom.spec.whatwg.org/#concept-document">Document</a>.
+ In other words, <code><a href="#widl-MediaKeySession-load-Promise-boolean--DOMString-sessionId">load()</a></code> <em class="rfc2119" title="MUST">MUST</em> fail when there is already a <code><a href="#idl-def-MediaKeySession">MediaKeySession</a></code> representing the session specified by the <var title="true">sessionId</var> parameter, either because the object that created it via <code><a href="#widl-MediaKeySession-generateRequest-Promise-void--DOMString-initDataType-ArrayBuffer-ArrayBufferView-initData">generateRequest()</a></code> is still active or it has been loaded into another object via <code><a href="#widl-MediaKeySession-load-Promise-boolean--DOMString-sessionId">load()</a></code>.
+ A session <em class="rfc2119" title="MAY">MAY</em> only be loaded again after the <a href="#algorithms-session-close">session close algorithm</a> has not been run on the object representing it.
+ </p>
+ <p>An application that creates a <code><a href="#idl-def-SessionType.persistent">"persistent"</a></code> session <em class="rfc2119" title="SHOULD">SHOULD</em> later remove the stored data using <code><a href="#widl-MediaKeySession-remove-Promise-void">remove()</a></code>.
+ The CDM <em class="rfc2119" title="MAY">MAY</em> also remove sessions as appropriate, but applications <em class="rfc2119" title="SHOULD NOT">SHOULD NOT</em> rely on this.
+ </p>
+ <div class="note"><div class="note-title" aria-level="2" role="heading" id="h_note_29"><span>Note</span></div><p class="">See the <a href="#security">Security Considerations</a> and <a href="#privacy">Privacy Considerations</a> sections for additional considerations when supporting persistent storage.</p></div>
+ </section>
</section>
<section id="htmlmediaelement-extensions" typeof="bibo:Chapter" resource="#htmlmediaelement-extensions" rel="bibo:Chapter">
- <!--OddPage--><h2 role="heading" id="h2_htmlmediaelement-extensions"><span class="secno">4. </span>HTMLMediaElement Extensions</h2>
- <p>This section specifies additions to and modifications of the <code><a href="http://www.w3.org/TR/html5/embedded-content-0.html#htmlmediaelement">HTMLMediaElement</a></code> [<cite><a class="bibref" href="#bib-HTML5">HTML5</a></cite>] when the Encrypted Media Extensions are supported.</p>
-
- <p>For methods that return a promise, all errors are reported asynchronously by rejecting the returned Promise. This includes WebIDL type mapping errors.</p>
- <p>The steps of an algorithm are always aborted when resolving or rejecting a promise.</p>
-
- <pre class="idl"><span class="idlEnum" id="idl-def-MediaWaitingFor">enum <span class="idlEnumID">MediaWaitingFor</span> {
+ <!--OddPage--><h2 role="heading" id="h2_htmlmediaelement-extensions"><span class="secno">4. </span>HTMLMediaElement Extensions</h2>
+ <p>This section specifies additions to and modifications of the <code><a href="http://www.w3.org/TR/html5/embedded-content-0.html#htmlmediaelement">HTMLMediaElement</a></code> [<cite><a class="bibref" href="#bib-HTML5">HTML5</a></cite>] when the Encrypted Media Extensions are supported.</p>
+
+ <p>For methods that return a promise, all errors are reported asynchronously by rejecting the returned Promise. This includes WebIDL type mapping errors.</p>
+ <p>The steps of an algorithm are always aborted when resolving or rejecting a promise.</p>
+
+ <pre class="idl"><span class="idlEnum" id="idl-def-MediaWaitingFor">enum <span class="idlEnumID">MediaWaitingFor</span> {
"<a href="#idl-def-MediaWaitingFor.none" class="idlEnumItem">none</a>",
"<a href="#idl-def-MediaWaitingFor.data" class="idlEnumItem">data</a>",
"<a href="#idl-def-MediaWaitingFor.key" class="idlEnumItem">key</a>"
};</span></pre><table class="simple"><tbody><tr><th colspan="2">Enumeration description</th></tr><tr><td><code id="idl-def-MediaWaitingFor.none">none</code></td><td>
- The media element is not waiting for anything.
- </td></tr><tr><td><code id="idl-def-MediaWaitingFor.data">data</code></td><td>
- The media element is not waiting for data.
- </td></tr><tr><td><code id="idl-def-MediaWaitingFor.key">key</code></td><td>
- The media element is not waiting for a key.
- </td></tr></tbody></table>
-
- <pre class="idl"><span class="idlInterface" id="idl-def-HTMLMediaElement">partial interface <span class="idlInterfaceID">HTMLMediaElement</span> : <span class="idlSuperclass">EventTarget</span> {
+ The media element is not waiting for anything.
+ </td></tr><tr><td><code id="idl-def-MediaWaitingFor.data">data</code></td><td>
+ The media element is not waiting for data.
+ </td></tr><tr><td><code id="idl-def-MediaWaitingFor.key">key</code></td><td>
+ The media element is not waiting for a key.
+ </td></tr></tbody></table>
+
+ <pre class="idl"><span class="idlInterface" id="idl-def-HTMLMediaElement">partial interface <span class="idlInterfaceID">HTMLMediaElement</span> : <span class="idlSuperclass">EventTarget</span> {
<span class="idlAttribute"> readonly attribute <span class="idlAttrType"><a href="#idl-def-MediaKeys" class="idlType"><code>MediaKeys</code></a>?</span> <span class="idlAttrName"><a href="#widl-HTMLMediaElement-mediaKeys">mediaKeys</a></span>;</span>
<span class="idlAttribute"> readonly attribute <span class="idlAttrType"><a href="#idl-def-MediaWaitingFor" class="idlType"><code>MediaWaitingFor</code></a></span> <span class="idlAttrName"><a href="#widl-HTMLMediaElement-waitingFor">waitingFor</a></span>;</span>
<span class="idlAttribute"> attribute <span class="idlAttrType">EventHandler</span> <span class="idlAttrName"><a href="#widl-HTMLMediaElement-onencrypted">onencrypted</a></span>;</span>
<span class="idlMethod"> <span class="idlMethType">Promise<void></span> <span class="idlMethName"><a href="#widl-HTMLMediaElement-setMediaKeys-Promise-void--MediaKeys-mediaKeys">setMediaKeys</a></span> (<span class="idlParam"><span class="idlParamType"><a href="#idl-def-MediaKeys" class="idlType"><code>MediaKeys</code></a>?</span> <span class="idlParamName">mediaKeys</span></span>);</span>
};</span></pre><section id="attributes-3"><h3 role="heading" id="h3_attributes-3"><span class="secno">4.1 </span>Attributes</h3><dl class="attributes"><dt id="widl-HTMLMediaElement-mediaKeys"><code>mediaKeys</code> of type <span class="idlAttrType"><a href="#idl-def-MediaKeys" class="idlType"><code>MediaKeys</code></a></span>, readonly , nullable</dt><dd>
- <p>The <code><a href="#idl-def-MediaKeys">MediaKeys</a></code> being used when decrypting encrypted <a href="http://www.w3.org/TR/html5/embedded-content-0.html#media-data">media data</a> for this media element.</p>
- </dd><dt id="widl-HTMLMediaElement-onencrypted"><code>onencrypted</code> of type <span class="idlAttrType">EventHandler</span>, </dt><dd>
- <p>Event handler for the <code><a href="#dom-evt-encrypted">encrypted</a></code> event <em class="rfc2119" title="MUST">MUST</em> be supported by all HTMLMediaElements as both a content attribute and an IDL attribute.</p>
- </dd><dt id="widl-HTMLMediaElement-waitingFor"><code>waitingFor</code> of type <span class="idlAttrType"><a href="#idl-def-MediaWaitingFor" class="idlType"><code>MediaWaitingFor</code></a></span>, readonly </dt><dd>
- <p>Indicates what the media element is waiting for, if anything (indicated by the <code><a href="http://www.w3.org/TR/html5/embedded-content-0.html#event-media-waiting">waiting</a></code> and <code><a href="http://www.w3.org/TR/html5/embedded-content-0.html#event-media-canplay">canplay</a></code> events). This is described in the <a href="#algorithms-encrypted-block">encrypted block encountered algorithm</a>.</p>
- </dd></dl></section><section id="methods-2"><h3 role="heading" id="h3_methods-2"><span class="secno">4.2 </span>Methods</h3><dl class="methods"><dt id="widl-HTMLMediaElement-setMediaKeys-Promise-void--MediaKeys-mediaKeys"><code>setMediaKeys</code></dt><dd>
- <p>Provides the <code><a href="#idl-def-MediaKeys">MediaKeys</a></code> to use when decrypting media data during playback.</p>
-
-
-
- <div class="note"><div class="note-title" aria-level="2" role="heading" id="h_note_32"><span>Note</span></div><p class="">Support for clearing or replacing the associated <code><a href="#idl-def-MediaKeys">MediaKeys</a></code> object during playback is a quality of implementation issue. In many cases it will result in a bad user experience or rejected promise.</p></div>
- <div class="note"><div class="note-title" aria-level="2" role="heading" id="h_note_33"><span>Note</span></div><p class="">As a best practice, applications should create a MediaKeys object and call <code><a href="#widl-HTMLMediaElement-setMediaKeys-Promise-void--MediaKeys-mediaKeys">setMediaKeys()</a></code> before providing <a href="http://www.w3.org/TR/html5/embedded-content-0.html#media-data">media data</a> (for example, setting the <code><a href="http://www.w3.org/TR/html5/embedded-content-0.html#attr-media-src">src</a></code> attribute). This avoids potential delays in some implementations.</p></div>
- <table class="parameters"><tbody><tr><th>Parameter</th><th>Type</th><th>Nullable</th><th>Optional</th><th>Description</th></tr><tr><td class="prmName">mediaKeys</td><td class="prmType"><code><a href="#idl-def-MediaKeys" class="idlType"><code>MediaKeys</code></a></code></td><td class="prmNullTrue"><span role="img" aria-label="True">✔</span></td><td class="prmOptFalse"><span role="img" aria-label="False">✘</span></td><td class="prmDesc"></td></tr></tbody></table><div><em>Return type: </em><code>Promise<void></code></div><p>When this method is invoked, the user agent must run the following steps:</p><ol class="method-algorithm">
- <!-- For simplicity and consistency, do not allow multiple pending calls. -->
- <li><p>If <var>mediaKeys</var> and the <code><a href="#widl-HTMLMediaElement-mediaKeys">mediaKeys</a></code> attribute are the same object, return a resolved promise.</p></li>
- <li><p>If this object's <var title="true">attaching media keys</var> value is true, return a promise rejected with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is <code><a href="#dfn-InvalidStateError">InvalidStateError</a></code>.</p></li>
- <li><p>Let this object's <var title="true">attaching media keys</var> value be true.</p></li>
- <li><p>Let <var>promise</var> be a new promise.</p></li>
- <li><p>Run the following steps asynchronously:</p>
- <ol>
- <li><p>If <var>mediaKeys</var> is not null, it is already in use by another media element, and the user agent is unable to use it with this element, let this object's <var title="true">attaching media keys</var> value be false and reject <var>promise</var> with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is <code><a href="#dfn-QuotaExceededError">QuotaExceededError</a></code>.</p></li>
- <li><p>If the <code><a href="#widl-HTMLMediaElement-mediaKeys">mediaKeys</a></code> attribute is not null, run the following steps:</p>
- <ol>
- <li><p>If the user agent or CDM do not support removing the association, let this object's <var title="true">attaching media keys</var> value be false and reject <var>promise</var> with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is <code><a href="#dfn-NotSupportedError">NotSupportedError</a></code>.</p></li>
- <li><p>If the association cannot currently be removed, let this object's <var title="true">attaching media keys</var> value be false and reject <var>promise</var> with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is <code><a href="#dfn-InvalidStateError">InvalidStateError</a></code>.</p>
- <div class="note"><div class="note-title" aria-level="2" role="heading" id="h_note_30"><span>Note</span></div><p class="">For example, some implementations may not allow removal during playback.</p></div>
- </li>
- <li><p>Stop using the CDM instance represented by the <code><a href="#widl-HTMLMediaElement-mediaKeys">mediaKeys</a></code> attribute to decrypt <a href="http://www.w3.org/TR/html5/embedded-content-0.html#media-data">media data</a> and remove the association with the media element.</p></li>
- <li><p>If the preceding step failed, let this object's <var title="true">attaching media keys</var> value be false and reject <var>promise</var> with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is the appropriate <a href="#error-names">error name</a>.</p></li>
- </ol>
- </li>
- <li><p>If <var>mediaKeys</var> is not null, run the following steps:</p>
- <ol>
- <li><p>Associate the CDM instance represented by <var>mediaKeys</var> with the media element for decrypting <a href="http://www.w3.org/TR/html5/embedded-content-0.html#media-data">media data</a>.</p></li>
- <li><p>If the preceding step failed, run the following steps:</p>
- <ol>
- <li><p>Set the <code><a href="#widl-HTMLMediaElement-mediaKeys">mediaKeys</a></code> attribute to null.</p></li><!-- In case it was previously not null since the previous association has been removed. -->
- <li><p>Let this object's <var title="true">attaching media keys</var> value be false.</p></li>
- <li><p>Reject <var>promise</var> with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is the appropriate <a href="#error-names">error name</a>.</p></li>
- </ol>
- </li>
- <li><p><a href="http://www.w3.org/TR/html5/webappapis.html#queue-a-task">Queue a task</a> to run the <a href="#algorithms-resume-playback">attempt to resume playback if necessary algorithm</a> on the media element.</p>
- <p>The user agent <em class="rfc2119" title="MAY">MAY</em> choose to skip this step if it knows resuming will fail.</p><p>
- </p><div class="note"><div class="note-title" aria-level="2" role="heading" id="h_note_31"><span>Note</span></div><p class="">For example, the user agent may skip this step if <var>mediaKeys</var> has no sessions.</p></div>
- </li>
- </ol>
- </li>
- <li><p>Set the <code><a href="#widl-HTMLMediaElement-mediaKeys">mediaKeys</a></code> attribute to <var>mediaKeys</var>.</p></li>
- <li><p>Let this object's <var title="true">attaching media keys</var> value be false.</p></li>
- <li><p>Resolve <var>promise</var>.</p></li>
- </ol>
- </li>
- <li><p>Return <var>promise</var>.</p></li>
- </ol></dd></dl></section>
-
- <section id="mediaencryptedevent" typeof="bibo:Chapter" resource="#mediaencryptedevent" rel="bibo:Chapter">
- <h3 role="heading" id="h3_mediaencryptedevent"><span class="secno">4.3 </span>MediaEncryptedEvent</h3>
- <p>The MediaEncryptedEvent object is used for the <code><a href="#dom-evt-encrypted">encrypted</a></code> event.</p>
- <p>Events are constructed as defined in <a href="http://dom.spec.whatwg.org/#constructing-events">Constructing events</a> [<cite><a class="bibref" href="#bib-DOM">DOM</a></cite>].</p>
-
- <pre class="idl"><span class="idlInterface" id="idl-def-MediaEncryptedEvent">[<span class="idlCtor"> <span class="idlCtorKeyword"></span><span class="idlCtorName"><a href="#widl-ctor-MediaEncryptedEvent--DOMString-type-MediaEncryptedEventInit-eventInitDict">Constructor</a></span> (<span class="idlParam"><span class="idlParamType">DOMString</span> <span class="idlParamName">type</span></span>, <span class="idlParam">optional <span class="idlParamType"><a href="#idl-def-MediaEncryptedEventInit" class="idlType"><code>MediaEncryptedEventInit</code></a></span> <span class="idlParamName">eventInitDict</span></span>)</span>]
+ <p>The <code><a href="#idl-def-MediaKeys">MediaKeys</a></code> being used when decrypting encrypted <a href="http://www.w3.org/TR/html5/embedded-content-0.html#media-data">media data</a> for this media element.</p>
+ </dd><dt id="widl-HTMLMediaElement-onencrypted"><code>onencrypted</code> of type <span class="idlAttrType">EventHandler</span>, </dt><dd>
+ <p>Event handler for the <code><a href="#dom-evt-encrypted">encrypted</a></code> event <em class="rfc2119" title="MUST">MUST</em> be supported by all HTMLMediaElements as both a content attribute and an IDL attribute.</p>
+ </dd><dt id="widl-HTMLMediaElement-waitingFor"><code>waitingFor</code> of type <span class="idlAttrType"><a href="#idl-def-MediaWaitingFor" class="idlType"><code>MediaWaitingFor</code></a></span>, readonly </dt><dd>
+ <p>Indicates what the media element is waiting for, if anything (indicated by the <code><a href="http://www.w3.org/TR/html5/embedded-content-0.html#event-media-waiting">waiting</a></code> and <code><a href="http://www.w3.org/TR/html5/embedded-content-0.html#event-media-canplay">canplay</a></code> events). This is described in the <a href="#algorithms-encrypted-block">encrypted block encountered algorithm</a>.</p>
+ </dd></dl></section><section id="methods-2"><h3 role="heading" id="h3_methods-2"><span class="secno">4.2 </span>Methods</h3><dl class="methods"><dt id="widl-HTMLMediaElement-setMediaKeys-Promise-void--MediaKeys-mediaKeys"><code>setMediaKeys</code></dt><dd>
+ <p>Provides the <code><a href="#idl-def-MediaKeys">MediaKeys</a></code> to use when decrypting media data during playback.</p>
+
+
+
+ <div class="note"><div class="note-title" aria-level="2" role="heading" id="h_note_32"><span>Note</span></div><p class="">Support for clearing or replacing the associated <code><a href="#idl-def-MediaKeys">MediaKeys</a></code> object during playback is a quality of implementation issue. In many cases it will result in a bad user experience or rejected promise.</p></div>
+ <div class="note"><div class="note-title" aria-level="2" role="heading" id="h_note_33"><span>Note</span></div><p class="">As a best practice, applications should create a MediaKeys object and call <code><a href="#widl-HTMLMediaElement-setMediaKeys-Promise-void--MediaKeys-mediaKeys">setMediaKeys()</a></code> before providing <a href="http://www.w3.org/TR/html5/embedded-content-0.html#media-data">media data</a> (for example, setting the <code><a href="http://www.w3.org/TR/html5/embedded-content-0.html#attr-media-src">src</a></code> attribute). This avoids potential delays in some implementations.</p></div>
+ <table class="parameters"><tbody><tr><th>Parameter</th><th>Type</th><th>Nullable</th><th>Optional</th><th>Description</th></tr><tr><td class="prmName">mediaKeys</td><td class="prmType"><code><a href="#idl-def-MediaKeys" class="idlType"><code>MediaKeys</code></a></code></td><td class="prmNullTrue"><span role="img" aria-label="True">✔</span></td><td class="prmOptFalse"><span role="img" aria-label="False">✘</span></td><td class="prmDesc"></td></tr></tbody></table><div><em>Return type: </em><code>Promise<void></code></div><p>When this method is invoked, the user agent must run the following steps:</p><ol class="method-algorithm">
+ <!-- For simplicity and consistency, do not allow multiple pending calls. -->
+ <li><p>If <var>mediaKeys</var> and the <code><a href="#widl-HTMLMediaElement-mediaKeys">mediaKeys</a></code> attribute are the same object, return a resolved promise.</p></li>
+ <li><p>If this object's <var title="true">attaching media keys</var> value is true, return a promise rejected with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is <code><a href="#dfn-InvalidStateError">InvalidStateError</a></code>.</p></li>
+ <li><p>Let this object's <var title="true">attaching media keys</var> value be true.</p></li>
+ <li><p>Let <var>promise</var> be a new promise.</p></li>
+ <li><p>Run the following steps asynchronously:</p>
+ <ol>
+ <li><p>If <var>mediaKeys</var> is not null, it is already in use by another media element, and the user agent is unable to use it with this element, let this object's <var title="true">attaching media keys</var> value be false and reject <var>promise</var> with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is <code><a href="#dfn-QuotaExceededError">QuotaExceededError</a></code>.</p></li>
+ <li><p>If the <code><a href="#widl-HTMLMediaElement-mediaKeys">mediaKeys</a></code> attribute is not null, run the following steps:</p>
+ <ol>
+ <li><p>If the user agent or CDM do not support removing the association, let this object's <var title="true">attaching media keys</var> value be false and reject <var>promise</var> with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is <code><a href="#dfn-NotSupportedError">NotSupportedError</a></code>.</p></li>
+ <li><p>If the association cannot currently be removed, let this object's <var title="true">attaching media keys</var> value be false and reject <var>promise</var> with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is <code><a href="#dfn-InvalidStateError">InvalidStateError</a></code>.</p>
+ <div class="note"><div class="note-title" aria-level="2" role="heading" id="h_note_30"><span>Note</span></div><p class="">For example, some implementations may not allow removal during playback.</p></div>
+ </li>
+ <li><p>Stop using the CDM instance represented by the <code><a href="#widl-HTMLMediaElement-mediaKeys">mediaKeys</a></code> attribute to decrypt <a href="http://www.w3.org/TR/html5/embedded-content-0.html#media-data">media data</a> and remove the association with the media element.</p></li>
+ <li><p>If the preceding step failed, let this object's <var title="true">attaching media keys</var> value be false and reject <var>promise</var> with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is the appropriate <a href="#error-names">error name</a>.</p></li>
+ </ol>
+ </li>
+ <li><p>If <var>mediaKeys</var> is not null, run the following steps:</p>
+ <ol>
+ <li><p>Associate the CDM instance represented by <var>mediaKeys</var> with the media element for decrypting <a href="http://www.w3.org/TR/html5/embedded-content-0.html#media-data">media data</a>.</p></li>
+ <li><p>If the preceding step failed, run the following steps:</p>
+ <ol>
+ <li><p>Set the <code><a href="#widl-HTMLMediaElement-mediaKeys">mediaKeys</a></code> attribute to null.</p></li><!-- In case it was previously not null since the previous association has been removed. -->
+ <li><p>Let this object's <var title="true">attaching media keys</var> value be false.</p></li>
+ <li><p>Reject <var>promise</var> with a new <code><a href="http://heycam.github.io/webidl/#dfn-DOMException">DOMException</a></code> whose name is the appropriate <a href="#error-names">error name</a>.</p></li>
+ </ol>
+ </li>
+ <li><p><a href="http://www.w3.org/TR/html5/webappapis.html#queue-a-task">Queue a task</a> to run the <a href="#algorithms-resume-playback">attempt to resume playback if necessary algorithm</a> on the media element.</p>
+ <p>The user agent <em class="rfc2119" title="MAY">MAY</em> choose to skip this step if it knows resuming will fail.</p><p>
+ </p><div class="note"><div class="note-title" aria-level="2" role="heading" id="h_note_31"><span>Note</span></div><p class="">For example, the user agent may skip this step if <var>mediaKeys</var> has no sessions.</p></div>
+ </li>
+ </ol>
+ </li>
+ <li><p>Set the <code><a href="#widl-HTMLMediaElement-mediaKeys">mediaKeys</a></code> attribute to <var>mediaKeys</var>.</p></li>
+ <li><p>Let this object's <var title="true">attaching media keys</var> value be false.</p></li>
+ <li><p>Resolve <var>promise</var>.</p></li>
+ </ol>
+ </li>
+ <li><p>Return <var>promise</var>.</p></li>
+ </ol></dd></dl></section>
+
+ <section id="mediaencryptedevent" typeof="bibo:Chapter" resource="#mediaencryptedevent" rel="bibo:Chapter">
+ <h3 role="heading" id="h3_mediaencryptedevent"><span class="secno">4.3 </span>MediaEncryptedEvent</h3>
+ <p>The MediaEncryptedEvent object is used for the <code><a href="#dom-evt-encrypted">encrypted</a></code> event.</p>
+ <p>Events are constructed as defined in <a href="http://dom.spec.whatwg.org/#constructing-events">Constructing events</a> [<cite><a class="bibref" href="#bib-DOM">DOM</a></cite>].</p>
+
+ <pre class="idl"><span class="idlInterface" id="idl-def-MediaEncryptedEvent">[<span class="idlCtor"> <span class="idlCtorKeyword"></span><span class="idlCtorName"><a href="#widl-ctor-MediaEncryptedEvent--DOMString-type-MediaEncryptedEventInit-eventInitDict">Constructor</a></span> (<span class="idlParam"><span class="idlParamType">DOMString</span> <span class="idlParamName">type</span></span>, <span class="idlParam">optional <span class="idlParamType"><a href="#idl-def-MediaEncryptedEventInit" class="idlType"><code>MediaEncryptedEventInit</code></a></span> <span class="idlParamName">eventInitDict</span></span>)</span>]
interface <span class="idlInterfaceID">MediaEncryptedEvent</span> : <span class="idlSuperclass">Event</span> {
<span class="idlAttribute"> readonly attribute <span class="idlAttrType">DOMString</span> <span class="idlAttrName"><a href="#widl-MediaEncryptedEvent-initDataType">initDataType</a></span>;</span>
<span class="idlAttribute"> readonly attribute <span class="idlAttrType">ArrayBuffer?</span> <span class="idlAttrName"><a href="#widl-MediaEncryptedEvent-initData">initData</a></span>;</span>
};</span></pre><section id="constructors-1"><h4 role="heading" id="h4_constructors-1"><span class="secno">4.3.1 </span>Constructors</h4><dl class="constructors"><dt id="widl-ctor-MediaEncryptedEvent--DOMString-type-MediaEncryptedEventInit-eventInitDict"><code>MediaEncryptedEvent</code></dt><dd>
-
- <table class="parameters"><tbody><tr><th>Parameter</th><th>Type</th><th>Nullable</th><th>Optional</th><th>Description</th></tr><tr><td class="prmName">type</td><td class="prmType"><code>DOMString</code></td><td class="prmNullFalse"><span role="img" aria-label="False">✘</span></td><td class="prmOptFalse"><span role="img" aria-label="False">✘</span></td><td class="prmDesc"></td></tr><tr><td class="prmName">eventInitDict</td><td class="prmType"><code><a href="#idl-def-MediaEncryptedEventInit" class="idlType"><code>MediaEncryptedEventInit</code></a></code></td><td class="prmNullFalse"><span role="img" aria-label="False">✘</span></td><td class="prmOptTrue"><span role="img" aria-label="True">✔</span></td><td class="prmDesc"></td></tr></tbody></table></dd></dl></section><section id="attributes-4"><h4 role="heading" id="h4_attributes-4"><span class="secno">4.3.2 </span>Attributes</h4><dl class="attributes"><dt id="widl-MediaEncryptedEvent-initData"><code>initData</code> of type <span class="idlAttrType">ArrayBuffer</span>, readonly , nullable</dt><dd>
- The <a href="#initialization-data">Initialization Data</a> for the event.
- </dd><dt id="widl-MediaEncryptedEvent-initDataType"><code>initDataType</code> of type <span class="idlAttrType">DOMString</span>, readonly </dt><dd>
- Indicates the <a href="#initialization-data">Initialization Data</a> of the <a href="#initialization-data">Initialization Data</a> contained in the <code><a href="#widl-MediaEncryptedEventInit-initData">initData</a></code> attribute.
- </dd></dl></section>
-
- <section id="mediaencryptedeventinit" typeof="bibo:Chapter" resource="#mediaencryptedeventinit" rel="bibo:Chapter">
- <h4 role="heading" id="h4_mediaencryptedeventinit"><span class="secno">4.3.3 </span>MediaEncryptedEventInit</h4>
- <pre class="idl"><span class="idlDictionary" id="idl-def-MediaEncryptedEventInit">dictionary <span class="idlDictionaryID">MediaEncryptedEventInit</span> : <span class="idlSuperclass">EventInit</span> {
+
+ <table class="parameters"><tbody><tr><th>Parameter</th><th>Type</th><th>Nullable</th><th>Optional</th><th>Description</th></tr><tr><td class="prmName">type</td><td class="prmType"><code>DOMString</code></td><td class="prmNullFalse"><span role="img" aria-label="False">✘</span></td><td class="prmOptFalse"><span role="img" aria-label="False">✘</span></td><td class="prmDesc"></td></tr><tr><td class="prmName">eventInitDict</td><td class="prmType"><code><a href="#idl-def-MediaEncryptedEventInit" class="idlType"><code>MediaEncryptedEventInit</code></a></code></td><td class="prmNullFalse"><span role="img" aria-label="False">✘</span></td><td class="prmOptTrue"><span role="img" aria-label="True">✔</span></td><td class="prmDesc"></td></tr></tbody></table></dd></dl></section><section id="attributes-4"><h4 role="heading" id="h4_attributes-4"><span class="secno">4.3.2 </span>Attributes</h4><dl class="attributes"><dt id="widl-MediaEncryptedEvent-initData"><code>initData</code> of type <span class="idlAttrType">ArrayBuffer</span>, readonly , nullable</dt><dd>
+ The <a href="#initialization-data">Initialization Data</a> for the event.
+ </dd><dt id="widl-MediaEncryptedEvent-initDataType"><code>initDataType</code> of type <span class="idlAttrType">DOMString</span>, readonly </dt><dd>
+ Indicates the <a href="#initialization-data">Initialization Data</a> of the <a href="#initialization-data">Initialization Data</a> contained in the <code><a href="#widl-MediaEncryptedEventInit-initData">initData</a></code> attribute.
+ </dd></dl></section>
+
+ <section id="mediaencryptedeventinit" typeof="bibo:Chapter" resource="#mediaencryptedeventinit" rel="bibo:Chapter">
+ <h4 role="heading" id="h4_mediaencryptedeventinit"><span class="secno">4.3.3 </span>MediaEncryptedEventInit</h4>
+ <pre class="idl"><span class="idlDictionary" id="idl-def-MediaEncryptedEventInit">dictionary <span class="idlDictionaryID">MediaEncryptedEventInit</span> : <span class="idlSuperclass">EventInit</span> {
<span class="idlMember"> <span class="idlMemberType">DOMString</span> <span class="idlMemberName"><a href="#widl-MediaEncryptedEventInit-initDataType">initDataType</a></span> = <span class="idlMemberValue">""</span>;</span>
<span class="idlMember"> <span class="idlMemberType">ArrayBuffer?</span> <span class="idlMemberName"><a href="#widl-MediaEncryptedEventInit-initData">initData</a></span> = <span class="idlMemberValue">null</span>;</span>
};</span></pre><section id="dictionary-mediaencryptedeventinit-members"><h5 role="heading" id="h5_dictionary-mediaencryptedeventinit-members"><span class="secno">4.3.3.1 </span>Dictionary <a class="idlType" href="#idl-def-MediaEncryptedEventInit"><code>MediaEncryptedEventInit</code></a> Members</h5><dl class="dictionary-members"><dt id="widl-MediaEncryptedEventInit-initData"><code>initData</code> of type <span class="idlMemberType">ArrayBuffer</span>, nullable, defaulting to <code>null</code></dt><dd>
- The <a href="#initialization-data">Initialization Data</a>.
- </dd><dt id="widl-MediaEncryptedEventInit-initDataType"><code>initDataType</code> of type <span class="idlMemberType">DOMString</span>, defaulting to <code>""</code></dt><dd>
- The <a href="#initialization-data">Initialization Data</a>.
- </dd></dl></section>
+ The <a href="#initialization-data">Initialization Data</a>.
+ </dd><dt id="widl-MediaEncryptedEventInit-initDataType"><code>initDataType</code> of type <span class="idlMemberType">DOMString</span>, defaulting to <code>""</code></dt><dd>
+ The <a href="#initialization-data">Initialization Data</a>.
+ </dd></dl></section>
+ </section>
</section>
- </section>
-
- <section id="htmlmediaelement-events" class="informative" typeof="bibo:Chapter" resource="#htmlmediaelement-events" rel="bibo:Chapter">
- <h3 role="heading" id="h3_htmlmediaelement-events"><span class="secno">4.4 </span>Event Summary</h3><p><em>This section is non-normative.</em></p>
-
- <table class="old-table">
- <thead>
- <tr>
- <th>Event name</th>
- <th>Interface</th>
- <th>Dispatched when...</th>
- <th>Preconditions</th>
- </tr>
- </thead>
- <tbody>
- <tr>
- <td><dfn id="dom-evt-encrypted"><code>encrypted</code></dfn></td>
- <td><a href="#idl-def-MediaEncryptedEvent" class="idlType"><code>MediaEncryptedEvent</code></a></td>
- <td>The user agent encounters <a href="#initialization-data">Initialization Data</a> in the <a href="http://www.w3.org/TR/html5/embedded-content-0.html#media-data">media data</a>.</td>
- <td><code><a href="http://www.w3.org/TR/html5/embedded-content-0.html#dom-media-readystate">readyState</a></code> is equal to <code><a href="http://www.w3.org/TR/html5/embedded-content-0.html#dom-media-have_metadata">HAVE_METADATA</a></code> or greater.
- <div class="note"><div class="note-title" aria-level="2" role="heading" id="h_note_34"><span>Note</span></div><p class="">It is possible that the element is playing or has played.</p></div>
- </td>
- </tr>
- </tbody>
- </table>
- </section>
-
- <section id="htmlmediaelement-algorithms" typeof="bibo:Chapter" resource="#htmlmediaelement-algorithms" rel="bibo:Chapter">
- <h3 role="heading" id="h3_htmlmediaelement-algorithms"><span class="secno">4.5 </span>Algorithms</h3>
-
- <section id="algorithms-initdata-encountered" typeof="bibo:Chapter" resource="#algorithms-initdata-encountered" rel="bibo:Chapter">
- <h4 role="heading" id="h4_algorithms-initdata-encountered"><span class="secno">4.5.1 </span>Initialization Data Encountered</h4>
- <p>The following steps are run when the media element encounters <a href="#initialization-data">Initialization Data</a> in the <a href="http://www.w3.org/TR/html5/embedded-content-0.html#media-data">media data</a> during the <a href="http://www.w3.org/TR/html5/embedded-content-0.html#concept-media-load-resource">resource fetch algorithm</a>:</p>
-
- <ol>
- <li><p>Let <var title="">initDataType</var> be the empty string.</p></li>
- <li><p>Let <var title="">initData</var> be null.</p></li>
- <li>
- <p>If the <a href="http://www.w3.org/TR/html5/embedded-content-0.html#media-data">media data</a> is <a href="http://www.w3.org/TR/html5/infrastructure.html#cors-same-origin">CORS-same-origin</a> and <em>not</em> <a href="#mixed-content">mixed content</a>, run the following steps:</p>
- <ol>
- <li><p>Let <var title="">initDataType</var> be the string representing the <a href="#initialization-data">Initialization Data</a> of the Initialization Data.</p></li>
- <li><p>Let <var title="">initData</var> be the Initialization Data.</p></li>
- </ol>
- <div class="note"><div class="note-title" aria-level="3" role="heading" id="h_note_35"><span>Note</span></div><p class="">While the media element may allow loading of "Optionally-blockable Content" [MIXED-CONTENT], the user agent <em class="rfc2119" title="MUST NOT">MUST NOT</em> expose Initialization Data from such media data to the application.</p></div>
- </li>
- <li>
- <p><a href="http://www.w3.org/TR/html5/webappapis.html#queue-a-task">Queue a task</a> to <a href="http://www.w3.org/TR/html5/webappapis.html#fire-a-simple-event">fire a simple event</a> named <code><a href="#dom-evt-encrypted">encrypted</a></code> at the media element.</p>
- <p>The event is of type <code><a href="#idl-def-MediaEncryptedEvent">MediaEncryptedEvent</a></code> and has:</p>
- <ul style="list-style-type:none"><li>
- <code><a href="#widl-MediaEncryptedEventInit-initDataType">initDataType</a></code> = <var title="">initDataType</var><br><br>
- <code><a href="#widl-MediaEncryptedEventInit-initData">initData</a></code> = <var title="">initData</var>
- </li></ul>
- <div class="note"><div class="note-title" aria-level="3" role="heading" id="h_note_36"><span>Note</span></div><p class=""><code><a href="http://www.w3.org/TR/html5/embedded-content-0.html#dom-media-readystate">readyState</a></code> is <em>not</em> changed and no algorithms are aborted. This event merely provides information.</p></div>
- <div class="note"><div class="note-title" aria-level="3" role="heading" id="h_note_37"><span>Note</span></div><p class="">The <code><a href="#widl-MediaEncryptedEventInit-initData">initData</a></code> attribute will be null if the media data is <em>not</em> <a href="http://www.w3.org/TR/html5/infrastructure.html#cors-same-origin">CORS-same-origin</a> or is <a href="#mixed-content">mixed content</a>.
- Applications may retrieve the Initialization Data from an alternate source.
- </p></div>
- </li>
-
- <li><p><i>Continue Normal Flow</i>: Continue with the existing media element's <a href="http://www.w3.org/TR/html5/embedded-content-0.html#concept-media-load-resource">resource fetch algorithm</a>.</p></li>
- </ol>
- </section>
-
- <section id="algorithms-encrypted-block" typeof="bibo:Chapter" resource="#algorithms-encrypted-block" rel="bibo:Chapter">
- <h4 role="heading" id="h4_algorithms-encrypted-block"><span class="secno">4.5.2 </span>Encrypted Block Encountered</h4>
- <p>The following steps are run when the media element encounters a block of encrypted <a href="http://www.w3.org/TR/html5/embedded-content-0.html#media-data">media data</a> during the <a href="http://www.w3.org/TR/html5/embedded-content-0.html#concept-media-load-resource">resource fetch algorithm</a>:</p>
-
- <ol>
- <li><p>If the media element's <code><a href="#widl-HTMLMediaElement-mediaKeys">mediaKeys</a></code> attribute is not null, run the following steps:</p>
- <ol>
- <li><p>Let <var title="true">media keys</var> be the <code><a href="#idl-def-MediaKeys">MediaKeys</a></code> object referenced by that atribute.</p></li>
- <li><p>Let <var title="true">cdm</var> be the CDM loaded during the <a href="#widl-MediaKeys-create-Promise-MediaKeys--DOMString-keySystem">initialization</a> of the <var title="true">media keys</var>.</p></li>
- <li><p>If there is at least one <code><a href="#idl-def-MediaKeySession">MediaKeySession</a></code> created by the <var title="true">media keys</var> on which the <a href="#algorithms-session-close">session close algorithm</a> has not been run, run the following steps:</p>
- <div class="note"><div class="note-title" aria-level="3" role="heading" id="h_note_38"><span>Note</span></div><p class="">This check ensures the <var title="true">cdm</var> has finished loading and is a prequisite for a matching key being available.</p></div>
- <ol>
- <li><p>Let the <var title="true">block key ID</var> be the key ID of the current block.</p>
- <div class="note"><div class="note-title" aria-level="3" role="heading" id="h_note_39"><span>Note</span></div><p class="">The key ID is generally specified by the container.</p></div>
- </li>
- <li><p>Use the <var title="true">cdm</var> to execute the following steps:</p>
- <ol>
- <li><p>Let <var title="true">available keys</var> be the union of keys in sessions that were created by the <var title="true">media keys</var>.</p></li>
- <li><p>Follow the steps for the first matching condition from the following list:</p>
- <dl class="switch">
- <dt>If any of the <var title="true">available keys</var> corresponds to the <var title="">block key ID</var> and is usable</dt>
- <dd>Run the following steps:
+
+ <section id="htmlmediaelement-events" class="informative" typeof="bibo:Chapter" resource="#htmlmediaelement-events" rel="bibo:Chapter">
+ <h3 role="heading" id="h3_htmlmediaelement-events"><span class="secno">4.4 </span>Event Summary</h3><p><em>This section is non-normative.</em></p>
+
+ <table class="old-table">
+ <thead>
+ <tr>
+ <th>Event name</th>
+ <th>Interface</th>
+ <th>Dispatched when...</th>
+ <th>Preconditions</th>
+ </tr>
+ </thead>
+ <tbody>
+ <tr>
+ <td><dfn id="dom-evt-encrypted"><code>encrypted</code></dfn></td>
+ <td><a href="#idl-def-MediaEncryptedEvent" class="idlType"><code>MediaEncryptedEvent</code></a></td>
+ <td>The user agent encounters <a href="#initialization-data">Initialization Data</a> in the <a href="http://www.w3.org/TR/html5/embedded-content-0.html#media-data">media data</a>.</td>
+ <td><code><a href="http://www.w3.org/TR/html5/embedded-content-0.html#dom-media-readystate">readyState</a></code> is equal to <code><a href="http://www.w3.org/TR/html5/embedded-content-0.html#dom-media-have_metadata">HAVE_METADATA</a></code> or greater.
+ <div class="note"><div class="note-title" aria-level="2" role="heading" id="h_note_34"><span>Note</span></div><p class="">It is possible that the element is playing or has played.</p></div>
+ </td>
+ </tr>
+ </tbody>
+ </table>
+ </section>
+
+ <section id="htmlmediaelement-algorithms" typeof="bibo:Chapter" resource="#htmlmediaelement-algorithms" rel="bibo:Chapter">
+ <h3 role="heading" id="h3_htmlmediaelement-algorithms"><span class="secno">4.5 </span>Algorithms</h3>
+
+ <section id="algorithms-initdata-encountered" typeof="bibo:Chapter" resource="#algorithms-initdata-encountered" rel="bibo:Chapter">
+ <h4 role="heading" id="h4_algorithms-initdata-encountered"><span class="secno">4.5.1 </span>Initialization Data Encountered</h4>
+ <p>The following steps are run when the media element encounters <a href="#initialization-data">Initialization Data</a> in the <a href="http://www.w3.org/TR/html5/embedded-content-0.html#media-data">media data</a> during the <a href="http://www.w3.org/TR/html5/embedded-content-0.html#concept-media-load-resource">resource fetch algorithm</a>:</p>
+
+ <ol>
+ <li><p>Let <var title="">initDataType</var> be the empty string.</p></li>
+ <li><p>Let <var title="">initData</var> be null.</p></li>
+ <li>
+ <p>If the <a href="http://www.w3.org/TR/html5/embedded-content-0.html#media-data">media data</a> is <a href="http://www.w3.org/TR/html5/infrastructure.html#cors-same-origin">CORS-same-origin</a> and <em>not</em> <a href="#mixed-content">mixed content</a>, run the following steps:</p>
+ <ol>
+ <li><p>Let <var title="">initDataType</var> be the string representing the <a href="#initialization-data">Initialization Data</a> of the Initialization Data.</p></li>
+ <li><p>Let <var title="">initData</var> be the Initialization Data.</p></li>
+ </ol>
+ <div class="note"><div class="note-title" aria-level="3" role="heading" id="h_note_35"><span>Note</span></div><p class="">While the media element may allow loading of "Optionally-blockable Content" [MIXED-CONTENT], the user agent <em class="rfc2119" title="MUST NOT">MUST NOT</em> expose Initialization Data from such media data to the application.</p></div>
+ </li>
+ <li>
+ <p><a href="http://www.w3.org/TR/html5/webappapis.html#queue-a-task">Queue a task</a> to <a href="http://www.w3.org/TR/html5/webappapis.html#fire-a-simple-event">fire a simple event</a> named <code><a href="#dom-evt-encrypted">encrypted</a></code> at the media element.</p>
+ <p>The event is of type <code><a href="#idl-def-MediaEncryptedEvent">MediaEncryptedEvent</a></code> and has:</p>
+ <ul style="list-style-type:none"><li>
+ <code><a href="#widl-MediaEncryptedEventInit-initDataType">initDataType</a></code> = <var title="">initDataType</var><br><br>
+ <code><a href="#widl-MediaEncryptedEventInit-initData">initData</a></code> = <var title="">initData</var>
+ </li></ul>
+ <div class="note"><div class="note-title" aria-level="3" role="heading" id="h_note_36"><span>Note</span></div><p class=""><code><a href="http://www.w3.org/TR/html5/embedded-content-0.html#dom-media-readystate">readyState</a></code> is <em>not</em> changed and no algorithms are aborted. This event merely provides information.</p></div>
+ <div class="note"><div class="note-title" aria-level="3" role="heading" id="h_note_37"><span>Note</span></div><p class="">The <code><a href="#widl-MediaEncryptedEventInit-initData">initData</a></code> attribute will be null if the media data is <em>not</em> <a href="http://www.w3.org/TR/html5/infrastructure.html#cors-same-origin">CORS-same-origin</a> or is <a href="#mixed-content">mixed content</a>.
+ Applications may retrieve the Initialization Data from an alternate source.
+ </p></div>
+ </li>
+
+ <li><p><i>Continue Normal Flow</i>: Continue with the existing media element's <a href="http://www.w3.org/TR/html5/embedded-content-0.html#concept-media-load-resource">resource fetch algorithm</a>.</p></li>
+ </ol>
+ </section>
+
+ <section id="algorithms-encrypted-block" typeof="bibo:Chapter" resource="#algorithms-encrypted-block" rel="bibo:Chapter">
+ <h4 role="heading" id="h4_algorithms-encrypted-block"><span class="secno">4.5.2 </span>Encrypted Block Encountered</h4>
+ <p>The following steps are run when the media element encounters a block of encrypted <a href="http://www.w3.org/TR/html5/embedded-content-0.html#media-data">media data</a> during the <a href="http://www.w3.org/TR/html5/embedded-content-0.html#concept-media-load-resource">resource fetch algorithm</a>:</p>
+
+ <ol>
+ <li><p>If the media element's <code><a href="#widl-HTMLMediaElement-mediaKeys">mediaKeys</a></code> attribute is not null, run the following steps:</p>
+ <ol>
+ <li><p>Let <var title="true">media keys</var> be the <code><a href="#idl-def-MediaKeys">MediaKeys</a></code> object referenced by that atribute.</p></li>
+ <li><p>Let <var title="true">cdm</var> be the CDM loaded during the <a href="#widl-MediaKeys-create-Promise-MediaKeys--DOMString-keySystem">initialization</a> of the <var title="true">media keys</var>.</p></li>
+ <li><p>If there is at least one <code><a href="#idl-def-MediaKeySession">MediaKeySession</a></code> created by the <var title="true">media keys</var> on which the <a href="#algorithms-session-close">session close algorithm</a> has not been run, run the following steps:</p>
+ <div class="note"><div class="note-title" aria-level="3" role="heading" id="h_note_38"><span>Note</span></div><p class="">This check ensures the <var title="true">cdm</var> has finished loading and is a prequisite for a matching key being available.</p></div>
+ <ol>
+ <li><p>Let the <var title="true">block key ID</var> be the key ID of the current block.</p>
+ <div class="note"><div class="note-title" aria-level="3" role="heading" id="h_note_39"><span>Note</span></div><p class="">The key ID is generally specified by the container.</p></div>
+ </li>
+ <li><p>Use the <var title="true">cdm</var> to execute the following steps:</p>
<ol>
- <li><p>Let <var title="">block key</var> be the matching key.</p>
- <div class="note"><div class="note-title" aria-level="3" role="heading" id="h_note_40"><span>Note</span></div><p class="">If multiple sessions contain a <em>usable</em> key for the <var title="">block key ID</var>, which key to use is <a href="#key-system">Key System</a>-dependent.</p></div>
- </li>
- <li><p>Use the <var title="true">cdm</var> to decrypt the block using <var title="">block key</var>.</p></li>
+ <li><p>Let <var title="true">available keys</var> be the union of keys in sessions that were created by the <var title="true">media keys</var>.</p></li>
<li><p>Follow the steps for the first matching condition from the following list:</p>
<dl class="switch">
- <dt>If decryption fails</dt>
- <dd>Abort the media element's <a href="http://www.w3.org/TR/html5/embedded-content-0.html#concept-media-load-resource">resource fetch algorithm</a>, run the steps to report a <a href="http://www.w3.org/TR/html5/embedded-content-0.html#dom-mediaerror-media_err_decode">MEDIA_ERR_DECODE</a> error, and abort these steps.</dd>
- <dt>Otherwise</dt>
- <dd>Run the following steps:
- <ol>
- <li><p>If the <code><a href="#widl-HTMLMediaElement-waitingFor">waitingFor</a></code> attribute on the media element is <code><a href="#idl-def-MediaWaitingFor.key">"key"</a></code>, set the <code><a href="#widl-HTMLMediaElement-waitingFor">waitingFor</a></code> attribute on the media element to <code><a href="#idl-def-MediaWaitingFor.none">"none"</a></code>.</p></li>
- <li><p>Abort these steps and process the decrypted block as normal.</p>
- <div class="note"><div class="note-title" aria-level="3" role="heading" id="h_note_41"><span>Note</span></div><p class="">In other words, decode the block.</p></div>
- </li>
- </ol>
- </dd>
+ <dt>If any of the <var title="true">available keys</var> corresponds to the <var title="">block key ID</var> and is usable</dt>
+ <dd>Run the following steps:
+ <ol>
+ <li><p>Let <var title="">block key</var> be the matching key.</p>
+ <div class="note"><div class="note-title" aria-level="3" role="heading" id="h_note_40"><span>Note</span></div><p class="">If multiple sessions contain a <em>usable</em> key for the <var title="">block key ID</var>, which key to use is <a href="#key-system">Key System</a>-dependent.</p></div>
+ </li>
+ <li><p>Use the <var title="true">cdm</var> to decrypt the block using <var title="">block key</var>.</p></li>
+ <li><p>Follow the steps for the first matching condition from the following list:</p>
+ <dl class="switch">
+ <dt>If decryption fails</dt>
+ <dd>Abort the media element's <a href="http://www.w3.org/TR/html5/embedded-content-0.html#concept-media-load-resource">resource fetch algorithm</a>, run the steps to report a <a href="http://www.w3.org/TR/html5/embedded-content-0.html#dom-mediaerror-media_err_decode">MEDIA_ERR_DECODE</a> error, and abort these steps.</dd>
+ <dt>Otherwise</dt>
+ <dd>Run the following steps:
+ <ol>
+ <li><p>If the <code><a href="#widl-HTMLMediaElement-waitingFor">waitingFor</a></code> attribute on the media element is <code><a href="#idl-def-MediaWaitingFor.key">"key"</a></code>, set the <code><a href="#widl-HTMLMediaElement-waitingFor">waitingFor</a></code> attribute on the media element to <code><a href="#idl-def-MediaWaitingFor.none">"none"</a></code>.</p></li>
+ <li><p>Abort these steps and process the decrypted block as normal.</p>
+ <div class="note"><div class="note-title" aria-level="3" role="heading" id="h_note_41"><span>Note</span></div><p class="">In other words, decode the block.</p></div>
+ </li>
+ </ol>
+ </dd>
+ </dl>
+ <div class="note"><div class="note-title" aria-level="3" role="heading" id="h_note_42"><span>Note</span></div><p class="">Not all decryption problems (i.e. using the wrong key) will result in a decryption failure. In such cases, no error is fired here but one may be fired during decode.</p></div>
+ </li>
+ </ol>
+ </dd>
+ <dt>If any of the <var title="true">available keys</var> corresponds to the <var title="">block key ID</var> and is unusable</dt>
+ <dd>
+ <div class="issue"><div class="issue-title" aria-level="3" role="heading" id="h_issue_3"><span>Issue 3</span></div><p class=""><a href="https://www.w3.org/Bugs/Public/show_bug.cgi?id=26372">Bug 26372</a> - It is TBD whether anything should happen in this case.</p></div>
+ </dd>
+ <div class="note"><div class="note-title" aria-level="3" role="heading" id="h_note_43"><span>Note</span></div><p class="">Otherwise, there is no key for the <var title="true">block key ID</var> in any session so continue.</p></div>
</dl>
- <div class="note"><div class="note-title" aria-level="3" role="heading" id="h_note_42"><span>Note</span></div><p class="">Not all decryption problems (i.e. using the wrong key) will result in a decryption failure. In such cases, no error is fired here but one may be fired during decode.</p></div>
</li>
</ol>
- </dd>
- <dt>If any of the <var title="true">available keys</var> corresponds to the <var title="">block key ID</var> and is unusable</dt>
- <dd>
- <div class="issue"><div class="issue-title" aria-level="3" role="heading" id="h_issue_3"><span>Issue 3</span></div><p class=""><a href="https://www.w3.org/Bugs/Public/show_bug.cgi?id=26372">Bug 26372</a> - It is TBD whether anything should happen in this case.</p></div>
- </dd>
- <div class="note"><div class="note-title" aria-level="3" role="heading" id="h_note_43"><span>Note</span></div><p class="">Otherwise, there is no key for the <var title="true">block key ID</var> in any session so continue.</p></div>
- </dl>
- </li>
- </ol>
+ </li>
+ </ol>
+ </li>
+ </ol>
+ </li>
+ <li>
+ <p>Run the following steps:</p>
+ <div class="note"><div class="note-title" aria-level="3" role="heading" id="h_note_44"><span>Note</span></div><p class="">These steps are reached when there is no usable key for the block.</p></div>
+ <ol>
+ <li><p>Run the <a href="#algorithms-queue-waiting">queue a "waiting" event algorithm</a> on the media element.</p></li>
+ <li><p>Wait for a signal to resume playback.</p></li>
+ </ol>
+ </li>
+ </ol>
+
+ <div class="note"><div class="note-title" aria-level="3" role="heading" id="h_note_45"><span>Note</span></div><div class="">
+ <p>For frame-based encryption, this may be implemented as follows when the media element attempts to decode a frame as part of the <a href="http://www.w3.org/TR/html5/embedded-content-0.html#concept-media-load-resource">resource fetch algorithm</a>:</p>
+ <ol>
+ <li><p>Let <var title="">encrypted</var> be false.</p></li>
+ <li><p>Detect whether the frame is encrypted.</p>
+ <dl class="switch">
+ <dt>If the frame is encrypted</dt>
+ <dd>Run the steps above.</dd>
+ <dt>Otherwise</dt>
+ <dd>Continue.</dd>
+ </dl>
</li>
+ <li><p>Decode the frame.</p></li>
+ <li><p>Provide the frame for rendering.</p></li>
</ol>
- </li>
- </ol>
- </li>
- <li>
- <p>Run the following steps:</p>
- <div class="note"><div class="note-title" aria-level="3" role="heading" id="h_note_44"><span>Note</span></div><p class="">These steps are reached when there is no usable key for the block.</p></div>
- <ol>
- <li><p>Run the <a href="#algorithms-queue-waiting">queue a "waiting" event algorithm</a> on the media element.</p></li>
- <li><p>Wait for a signal to resume playback.</p></li>
- </ol>
- </li>
- </ol>
-
- <div class="note"><div class="note-title" aria-level="3" role="heading" id="h_note_45"><span>Note</span></div><div class="">
- <p>For frame-based encryption, this may be implemented as follows when the media element attempts to decode a frame as part of the <a href="http://www.w3.org/TR/html5/embedded-content-0.html#concept-media-load-resource">resource fetch algorithm</a>:</p>
- <ol>
- <li><p>Let <var title="">encrypted</var> be false.</p></li>
- <li><p>Detect whether the frame is encrypted.</p>
- <dl class="switch">
- <dt>If the frame is encrypted</dt>
- <dd>Run the steps above.</dd>
- <dt>Otherwise</dt>
- <dd>Continue.</dd>
- </dl>
- </li>
- <li><p>Decode the frame.</p></li>
- <li><p>Provide the frame for rendering.</p></li>
- </ol>
- </div></div>
- </section>
+ </div></div>
+ </section>
+
+ <section id="algorithms-queue-waiting" typeof="bibo:Chapter" resource="#algorithms-queue-waiting" rel="bibo:Chapter">
+ <h4 role="heading" id="h4_algorithms-queue-waiting"><span class="secno">4.5.3 </span>Queue a "waiting" Event</h4>
+ <p>The Queue a "waiting" Event algorithm is run when the CDM needs to queue a waiting event to a <code><a href="http://www.w3.org/TR/html5/embedded-content-0.html#htmlmediaelement">HTMLMediaElement</a></code> object.
+ Requests to run this algorithm include a target <code><a href="http://www.w3.org/TR/html5/embedded-content-0.html#htmlmediaelement">HTMLMediaElement</a></code> object.
+ </p>
+ <p>The following steps are run:</p>
+ <ol>
+ <li><p>Let the <var title="true">media element</var> be the specified <code><a href="http://www.w3.org/TR/html5/embedded-content-0.html#htmlmediaelement">HTMLMediaElement</a></code> object.</p></li>
+ <li><p>If the <code><a href="#widl-HTMLMediaElement-waitingFor">waitingFor</a></code> attribute on the <var title="true">media element</var> is not <code><a href="#idl-def-MediaWaitingFor.key">"key"</a></code>, run the following steps:</p>
+ <ol>
+ <li><p>Set the <code><a href="#widl-HTMLMediaElement-waitingFor">waitingFor</a></code> attribute on the <var title="true">media element</var> to <code><a href="#idl-def-MediaWaitingFor.key">"key"</a></code>.</p></li>
+ <li><p><a href="http://www.w3.org/TR/html5/webappapis.html#queue-a-task">Queue a task</a> to <a href="http://www.w3.org/TR/html5/webappapis.html#fire-a-simple-event">fire a simple event</a> named <code><a href="http://www.w3.org/TR/html5/embedded-content-0.html#event-media-waiting">waiting</a></code> at the <var title="true">media element</var>.</p></li>
+ </ol>
+ </li>
+ <li><p>Suspend playback.</p></li>
+ </ol>
+ </section>
+
+ <section id="algorithms-resume-playback" typeof="bibo:Chapter" resource="#algorithms-resume-playback" rel="bibo:Chapter">
+ <h4 role="heading" id="h4_algorithms-resume-playback"><span class="secno">4.5.4 </span>Attempt to Resume Playback If Necessary</h4>
+ <p>The Attempt to Resume Playback If Necessary algorithm is run when one or more keys becomes available.
+ If playback is blocked waiting for a key, it resumes playback if a necessary key has been provided.
+ Requests to run this algorithm include a target <code><a href="http://www.w3.org/TR/html5/embedded-content-0.html#htmlmediaelement">HTMLMediaElement</a></code> object.
+ </p>
+
+ <p>The following steps are run:</p>
+ <ol>
+ <li><p>Let the <var title="true">media element</var> be the specified <code><a href="http://www.w3.org/TR/html5/embedded-content-0.html#htmlmediaelement">HTMLMediaElement</a></code> object.</p></li>
+ <li><p>If the <code><a href="#widl-HTMLMediaElement-waitingFor">waitingFor</a></code> attribute on the <var title="true">media element</var> is not <code><a href="#idl-def-MediaWaitingFor.key">"key"</a></code>, abort these steps.</p></li>
+ <li><p>Attempt to resume the <a href="http://www.w3.org/TR/html5/embedded-content-0.html#concept-media-load-resource">resource fetch algorithm</a> by running the <a href="#algorithms-encrypted-block">encrypted block encountered algorithm</a>.</p></li>
+ <li><p>If the user agent can advance the <a href="http://www.w3.org/TR/html5/embedded-content-0.html#current-playback-position">current playback position</a> in the <a href="http://www.w3.org/TR/html5/embedded-content-0.html#direction-of-playback">direction of playback</a>, run the following steps:</p>
+ <ol>
+ <li><p><a href="http://www.w3.org/TR/html5/webappapis.html#queue-a-task">Queue a task</a> to <a href="http://www.w3.org/TR/html5/webappapis.html#fire-a-simple-event">fire a simple event</a> named <code><a href="http://www.w3.org/TR/html5/embedded-content-0.html#event-media-canplay">canplay</a></code> at the <var title="true">media element</var>.</p></li>
+ <li><p>If the <code><a href="http://www.w3.org/TR/html5/embedded-content-0.html#dom-media-paused">paused</a></code> attribute on the <var title="true">media element</var> is false, <a href="http://www.w3.org/TR/html5/webappapis.html#queue-a-task">queue a task</a> to <a href="http://www.w3.org/TR/html5/webappapis.html#fire-a-simple-event">fire a simple event</a> named <code><a href="http://www.w3.org/TR/html5/embedded-content-0.html#dom-media-playing">playing</a></code> at the <var title="true">media element</var>.</p></li>
+ </ol>
+ <p>Otherwise, the <code><a href="#widl-HTMLMediaElement-waitingFor">waitingFor</a></code> attribute on the <var title="true">media element</var> <em class="rfc2119" title="MUST NOT">MUST NOT</em> be <code><a href="#idl-def-MediaWaitingFor.none">"none"</a></code>.</p>
+ </li>
+ </ol>
+ </section>
+
+ <section id="htmlmediaelement-playing-the-media-resource" typeof="bibo:Chapter" resource="#htmlmediaelement-playing-the-media-resource" rel="bibo:Chapter">
+ <h4 role="heading" id="h4_htmlmediaelement-playing-the-media-resource"><span class="secno">4.5.5 </span>Playing the Media Resource Algorithm Modifications</h4>
+ <p>The following steps are added to <code><a href="http://www.w3.org/TR/html5/embedded-content-0.html#dom-media-readystate">readyState</a></code> change algorithms in <a href="http://www.w3.org/TR/html5/embedded-content-0.html#playing-the-media-resource">Playing the media resource</a>:</p>
+ <ul>
+ <li>If a <code><a href="http://www.w3.org/TR/html5/embedded-content-0.html#dom-media-readystate">readyState</a></code> change queues a task to fire a <code><a href="http://www.w3.org/TR/html5/embedded-content-0.html#event-media-waiting">waiting</a></code> event, the user agent <em class="rfc2119" title="MUST">MUST</em> also set the <code><a href="#widl-HTMLMediaElement-waitingFor">waitingFor</a></code> attribute on the Media Element to <code><a href="#idl-def-MediaWaitingFor.data">"data"</a></code>.</li>
+ <li>If a <code><a href="http://www.w3.org/TR/html5/embedded-content-0.html#dom-media-readystate">readyState</a></code> change queues a task to fire a <code><a href="http://www.w3.org/TR/html5/embedded-content-0.html#event-media-canplay">canplay</a></code> event, the user agent <em class="rfc2119" title="MUST">MUST</em> also set the <code><a href="#widl-HTMLMediaElement-waitingFor">waitingFor</a></code> attribute on the Media Element to <code><a href="#idl-def-MediaWaitingFor.none">"none"</a></code>.</li>
+ </ul>
+ </section>
+ </section>
- <section id="algorithms-queue-waiting" typeof="bibo:Chapter" resource="#algorithms-queue-waiting" rel="bibo:Chapter">
- <h4 role="heading" id="h4_algorithms-queue-waiting"><span class="secno">4.5.3 </span>Queue a "waiting" Event</h4>
- <p>The Queue a "waiting" Event algorithm is run when the CDM needs to queue a waiting event to a <code><a href="http://www.w3.org/TR/html5/embedded-content-0.html#htmlmediaelement">HTMLMediaElement</a></code> object.
- Requests to run this algorithm include a target <code><a href="http://www.w3.org/TR/html5/embedded-content-0.html#htmlmediaelement">HTMLMediaElement</a></code> object.
- </p>
- <p>The following steps are run:</p>
- <ol>
- <li><p>Let the <var title="true">media element</var> be the specified <code><a href="http://www.w3.org/TR/html5/embedded-content-0.html#htmlmediaelement">HTMLMediaElement</a></code> object.</p></li>
- <li><p>If the <code><a href="#widl-HTMLMediaElement-waitingFor">waitingFor</a></code> attribute on the <var title="true">media element</var> is not <code><a href="#idl-def-MediaWaitingFor.key">"key"</a></code>, run the following steps:</p>
- <ol>
- <li><p>Set the <code><a href="#widl-HTMLMediaElement-waitingFor">waitingFor</a></code> attribute on the <var title="true">media element</var> to <code><a href="#idl-def-MediaWaitingFor.key">"key"</a></code>.</p></li>
- <li><p><a href="http://www.w3.org/TR/html5/webappapis.html#queue-a-task">Queue a task</a> to <a href="http://www.w3.org/TR/html5/webappapis.html#fire-a-simple-event">fire a simple event</a> named <code><a href="http://www.w3.org/TR/html5/embedded-content-0.html#event-media-waiting">waiting</a></code> at the <var title="true">media element</var>.</p></li>
- </ol>
- </li>
- <li><p>Suspend playback.</p></li>
- </ol>
- </section>
-
- <section id="algorithms-resume-playback" typeof="bibo:Chapter" resource="#algorithms-resume-playback" rel="bibo:Chapter">
- <h4 role="heading" id="h4_algorithms-resume-playback"><span class="secno">4.5.4 </span>Attempt to Resume Playback If Necessary</h4>
- <p>The Attempt to Resume Playback If Necessary algorithm is run when one or more keys becomes available.
- If playback is blocked waiting for a key, it resumes playback if a necessary key has been provided.
- Requests to run this algorithm include a target <code><a href="http://www.w3.org/TR/html5/embedded-content-0.html#htmlmediaelement">HTMLMediaElement</a></code> object.
- </p>
-
- <p>The following steps are run:</p>
- <ol>
- <li><p>Let the <var title="true">media element</var> be the specified <code><a href="http://www.w3.org/TR/html5/embedded-content-0.html#htmlmediaelement">HTMLMediaElement</a></code> object.</p></li>
- <li><p>If the <code><a href="#widl-HTMLMediaElement-waitingFor">waitingFor</a></code> attribute on the <var title="true">media element</var> is not <code><a href="#idl-def-MediaWaitingFor.key">"key"</a></code>, abort these steps.</p></li>
- <li><p>Attempt to resume the <a href="http://www.w3.org/TR/html5/embedded-content-0.html#concept-media-load-resource">resource fetch algorithm</a> by running the <a href="#algorithms-encrypted-block">encrypted block encountered algorithm</a>.</p></li>
- <li><p>If the user agent can advance the <a href="http://www.w3.org/TR/html5/embedded-content-0.html#current-playback-position">current playback position</a> in the <a href="http://www.w3.org/TR/html5/embedded-content-0.html#direction-of-playback">direction of playback</a>, run the following steps:</p>
- <ol>
- <li><p><a href="http://www.w3.org/TR/html5/webappapis.html#queue-a-task">Queue a task</a> to <a href="http://www.w3.org/TR/html5/webappapis.html#fire-a-simple-event">fire a simple event</a> named <code><a href="http://www.w3.org/TR/html5/embedded-content-0.html#event-media-canplay">canplay</a></code> at the <var title="true">media element</var>.</p></li>
- <li><p>If the <code><a href="http://www.w3.org/TR/html5/embedded-content-0.html#dom-media-paused">paused</a></code> attribute on the <var title="true">media element</var> is false, <a href="http://www.w3.org/TR/html5/webappapis.html#queue-a-task">queue a task</a> to <a href="http://www.w3.org/TR/html5/webappapis.html#fire-a-simple-event">fire a simple event</a> named <code><a href="http://www.w3.org/TR/html5/embedded-content-0.html#dom-media-playing">playing</a></code> at the <var title="true">media element</var>.</p></li>
- </ol>
- <p>Otherwise, the <code><a href="#widl-HTMLMediaElement-waitingFor">waitingFor</a></code> attribute on the <var title="true">media element</var> <em class="rfc2119" title="MUST NOT">MUST NOT</em> be <code><a href="#idl-def-MediaWaitingFor.none">"none"</a></code>.</p>
- </li>
- </ol>
- </section>
-
- <section id="htmlmediaelement-playing-the-media-resource" typeof="bibo:Chapter" resource="#htmlmediaelement-playing-the-media-resource" rel="bibo:Chapter">
- <h4 role="heading" id="h4_htmlmediaelement-playing-the-media-resource"><span class="secno">4.5.5 </span>Playing the Media Resource Algorithm Modifications</h4>
- <p>The following steps are added to <code><a href="http://www.w3.org/TR/html5/embedded-content-0.html#dom-media-readystate">readyState</a></code> change algorithms in <a href="http://www.w3.org/TR/html5/embedded-content-0.html#playing-the-media-resource">Playing the media resource</a>:</p>
- <ul>
- <li>If a <code><a href="http://www.w3.org/TR/html5/embedded-content-0.html#dom-media-readystate">readyState</a></code> change queues a task to fire a <code><a href="http://www.w3.org/TR/html5/embedded-content-0.html#event-media-waiting">waiting</a></code> event, the user agent <em class="rfc2119" title="MUST">MUST</em> also set the <code><a href="#widl-HTMLMediaElement-waitingFor">waitingFor</a></code> attribute on the Media Element to <code><a href="#idl-def-MediaWaitingFor.data">"data"</a></code>.</li>
- <li>If a <code><a href="http://www.w3.org/TR/html5/embedded-content-0.html#dom-media-readystate">readyState</a></code> change queues a task to fire a <code><a href="http://www.w3.org/TR/html5/embedded-content-0.html#event-media-canplay">canplay</a></code> event, the user agent <em class="rfc2119" title="MUST">MUST</em> also set the <code><a href="#widl-HTMLMediaElement-waitingFor">waitingFor</a></code> attribute on the Media Element to <code><a href="#idl-def-MediaWaitingFor.none">"none"</a></code>.</li>
- </ul>
- </section>
- </section>
-
- <section id="media-element-restictions" class="informative" typeof="bibo:Chapter" resource="#media-element-restictions" rel="bibo:Chapter">
- <h3 role="heading" id="h3_media-element-restictions"><span class="secno">4.6 </span>Media Element Restrictions</h3><p><em>This section is non-normative.</em></p>
- <p>Media data processed by a CDM <em class="rfc2119" title="MAY">MAY</em> be unavailable through Javascript APIs in the usual way (for example using the CanvasRenderingContext2D drawImage() method and the AudioContext MediaElementAudioSourceNode).
- This specification does not define conditions for such non-availability of media data, however, if media data is not available to Javascript APIs then these APIs <em class="rfc2119" title="MAY">MAY</em> behave as if no media data was present at all.</p>
- <p>Where media rendering is not performed by the UA, for example in the case of a hardware protected media pipeline, then the full set of HTML rendering capabilities, for example CSS Transforms, <em class="rfc2119" title="MAY">MAY</em> be unavailable. One likely restriction is that
- video media <em class="rfc2119" title="MAY">MAY</em> be constrained to appear only in rectangular regions with sides parallel to the edges of the window and with normal orientation.</p>
- </section>
+ <section id="media-element-restictions" class="informative" typeof="bibo:Chapter" resource="#media-element-restictions" rel="bibo:Chapter">
+ <h3 role="heading" id="h3_media-element-restictions"><span class="secno">4.6 </span>Media Element Restrictions</h3><p><em>This section is non-normative.</em></p>
+ <p>Media data processed by a CDM <em class="rfc2119" title="MAY">MAY</em> be unavailable through Javascript APIs in the usual way (for example using the CanvasRenderingContext2D drawImage() method and the AudioContext MediaElementAudioSourceNode).
+ This specification does not define conditions for such non-availability of media data, however, if media data is not available to Javascript APIs then these APIs <em class="rfc2119" title="MAY">MAY</em> behave as if no media data was present at all.</p>
+ <p>Where media rendering is not performed by the UA, for example in the case of a hardware protected media pipeline, then the full set of HTML rendering capabilities, for example CSS Transforms, <em class="rfc2119" title="MAY">MAY</em> be unavailable. One likely restriction is that
+ video media <em class="rfc2119" title="MAY">MAY</em> be constrained to appear only in rectangular regions with sides parallel to the edges of the window and with normal orientation.</p>
+ </section>
</section>
<section id="common-key-systems" typeof="bibo:Chapter" resource="#common-key-systems" rel="bibo:Chapter">
- <!--OddPage--><h2 role="heading" id="h2_common-key-systems"><span class="secno">5. </span>Common Key Systems</h2>
- <p>All user agents <em class="rfc2119" title="MUST">MUST</em> support the common key systems described in this section.</p><p>
- </p><div class="note"><div class="note-title" aria-level="1" role="heading" id="h_note_46"><span>Note</span></div><p class="">This ensures that there is a common baseline level of protection that is guaranteed to be supported in all user agents, including those that are entirely open source.
- Thus, content providers that need only basic protection can build simple applications that will work on all platforms without needing to work with any content protection providers.
- </p></div>
-
- <span id="simple-decryption-clear-key"></span> <!-- Legacy anchor name. -->
- <section id="clear-key" typeof="bibo:Chapter" resource="#clear-key" rel="bibo:Chapter">
- <h3 role="heading" id="h3_clear-key"><span class="secno">5.1 </span>Clear Key</h3>
- <p>The <code>"org.w3.clearkey"</code> <a href="#key-system">Key System</a> uses plain-text clear (unencrypted) key(s) to decrypt the source.
- No additional client-side content protection is required.
- This Key System is described below.
- </p>
+ <!--OddPage--><h2 role="heading" id="h2_common-key-systems"><span class="secno">5. </span>Common Key Systems</h2>
+ <p>All user agents <em class="rfc2119" title="MUST">MUST</em> support the common key systems described in this section.</p><p>
+ </p><div class="note"><div class="note-title" aria-level="1" role="heading" id="h_note_46"><span>Note</span></div><p class="">This ensures that there is a common baseline level of protection that is guaranteed to be supported in all user agents, including those that are entirely open source.
+ Thus, content providers that need only basic protection can build simple applications that will work on all platforms without needing to work with any content protection providers.
+ </p></div>
+
+ <span id="simple-decryption-clear-key"></span> <!-- Legacy anchor name. -->
+ <section id="clear-key" typeof="bibo:Chapter" resource="#clear-key" rel="bibo:Chapter">
+ <h3 role="heading" id="h3_clear-key"><span class="secno">5.1 </span>Clear Key</h3>
+ <p>The <code>"org.w3.clearkey"</code> <a href="#key-system">Key System</a> uses plain-text clear (unencrypted) key(s) to decrypt the source.
+ No additional client-side content protection is required.
+ This Key System is described below.
+ </p>
+
+ <section id="clear-key-capabilities" typeof="bibo:Chapter" resource="#clear-key-capabilities" rel="bibo:Chapter">
+ <h4 role="heading" id="h4_clear-key-capabilities"><span class="secno">5.1.1 </span>Capabilities</h4>
+ <p>The following describe how Clear Key supports key system-specific capabilities:</p>
+ <ul>
+ <li><p>The <code><a href="#widl-HTMLMediaElement-setMediaKeys-Promise-void--MediaKeys-mediaKeys">setMediaKeys()</a></code> method: Implementations <em class="rfc2119" title="MAY">MAY</em> support associating the <code><a href="#idl-def-MediaKeys">MediaKeys</a></code> object with more than one <code><a href="http://www.w3.org/TR/html5/embedded-content-0.html#htmlmediaelement">HTMLMediaElement</a></code>.</p></li>
+ <li><p>The <code><a href="#widl-MediaKeys-setServerCertificate-Promise-void--ArrayBuffer-ArrayBufferView-serverCertificate">setServerCertificate()</a></code> method: Not supported.</p></li>
+ <li><p>The <code><a href="#widl-MediaKeys-isTypeSupported-IsTypeSupportedResult-DOMstring-keySystem-DOMString-initDataType-DOMString-contentType-DOMString-capability">isTypeSupported()</a></code> method: There are no supported <var title="true">capability</var> values.</p></li>
+ <li><p>The <code><a href="#idl-def-SessionType.persistent">"persistent"</a></code> <code><a href="#idl-def-SessionType">SessionType</a></code>: Implementations <em class="rfc2119" title="MAY">MAY</em> support this type.</p></li>
+ </ul>
+ </section>
- <section id="clear-key-capabilities" typeof="bibo:Chapter" resource="#clear-key-capabilities" rel="bibo:Chapter">
- <h4 role="heading" id="h4_clear-key-capabilities"><span class="secno">5.1.1 </span>Capabilities</h4>
- <p>The following describe how Clear Key supports key system-specific capabilities:</p>
- <ul>
- <li><p>The <code><a href="#widl-HTMLMediaElement-setMediaKeys-Promise-void--MediaKeys-mediaKeys">setMediaKeys()</a></code> method: Implementations <em class="rfc2119" title="MAY">MAY</em> support associating the <code><a href="#idl-def-MediaKeys">MediaKeys</a></code> object with more than one <code><a href="http://www.w3.org/TR/html5/embedded-content-0.html#htmlmediaelement">HTMLMediaElement</a></code>.</p></li>
- <li><p>The <code><a href="#widl-MediaKeys-setServerCertificate-Promise-void--ArrayBuffer-ArrayBufferView-serverCertificate">setServerCertificate()</a></code> method: Not supported.</p></li>
- <li><p>The <code><a href="#widl-MediaKeys-isTypeSupported-IsTypeSupportedResult-DOMstring-keySystem-DOMString-initDataType-DOMString-contentType-DOMString-capability">isTypeSupported()</a></code> method: There are no supported <var title="true">capability</var> values.</p></li>
- <li><p>The <code><a href="#idl-def-SessionType.persistent">"persistent"</a></code> <code><a href="#idl-def-SessionType">SessionType</a></code>: Implementations <em class="rfc2119" title="MAY">MAY</em> support this type.</p></li>
- </ul>
- </section>
-
- <section id="clear-key-behavior" typeof="bibo:Chapter" resource="#clear-key-behavior" rel="bibo:Chapter">
- <h4 role="heading" id="h4_clear-key-behavior"><span class="secno">5.1.2 </span>Behavior</h4>
- <p>The following describe how Clear Key implements key system-specific behaviors:</p>
- <ul>
- <li><p>In the <code><a href="#widl-MediaKeySession-generateRequest-Promise-void--DOMString-initDataType-ArrayBuffer-ArrayBufferView-initData">generateRequest()</a></code> algorithm:</p>
- <ul>
- <li><p>The generated <var title="true">message</var> is a JSON object encoded in UTF-8 as described in <a href="#clear-key-request-format">License Request Format</a>.</p></li>
- <li><p>The request is generated by extracting the key IDs from the <var>init data</var>.</p></li>
- <li><p>The "type" member value is the value of the <var title="true">sessionType</var> parameter.</p></li>
- </ul>
- </li>
- <li><p>The <code><a href="#widl-MediaKeySession-sessionId">sessionId</a></code> attribute is a numerical value representable by a 32-bit integer.</p></li>
- <li><p>The <code><a href="#widl-MediaKeySession-expiration">expiration</a></code> attribute is always <code>NaN</code>.</p></li>
- <li><p>In the <code><a href="#widl-MediaKeySession-update-Promise-void--ArrayBuffer-ArrayBufferView-response">update()</a></code> algorithm:</p>
- <ul>
- <li><p>The <var title="true">response</var> parameter is a JWK Set as described in <a href="#clear-key-license-format">License Format</a>.</p></li>
- <li><p><var>sanitized response</var> is considered invalid if it is not a valid JWK Set with at least one valid JWK key of a valid length for the media type.</p></li>
- </ul>
- </li>
- <li><p>The <code><a href="#widl-MediaKeySession-getUsableKeyIds-Promise-sequence-ArrayBuffer">getUsableKeyIds()</a></code> method always returns all key IDs that have been provided via <code><a href="#widl-MediaKeySession-update-Promise-void--ArrayBuffer-ArrayBufferView-response">update()</a></code>.</p></li>
- <li><p><a href="#initialization-data">Initialization Data</a>: Implementations <em class="rfc2119" title="MAY">MAY</em> support any combination of registered Initialization Data types [<cite><a class="bibref" href="#bib-EME-REGISTRY">EME-REGISTRY</a></cite>].
- Implementations <em class="rfc2119" title="SHOULD">SHOULD</em> support the <code><a href="keyids-format.html">"keyids"</a></code> type and other types appropriate for content types supported by the user agent.
- </p></li>
- </ul>
- </section>
-
- <section id="clear-key-request-format" typeof="bibo:Chapter" resource="#clear-key-request-format" rel="bibo:Chapter">
- <h4 role="heading" id="h4_clear-key-request-format"><span class="secno">5.1.3 </span>License Request Format</h4>
- <p>This section describes the format of the license request provided to the application via the <code><a href="#widl-MediaKeyMessageEvent-message">message</a></code> attribute of the <code><a href="#dom-evt-message">message</a></code> event.</p>
+ <section id="clear-key-behavior" typeof="bibo:Chapter" resource="#clear-key-behavior" rel="bibo:Chapter">
+ <h4 role="heading" id="h4_clear-key-behavior"><span class="secno">5.1.2 </span>Behavior</h4>
+ <p>The following describe how Clear Key implements key system-specific behaviors:</p>
+ <ul>
+ <li><p>In the <code><a href="#widl-MediaKeySession-generateRequest-Promise-void--DOMString-initDataType-ArrayBuffer-ArrayBufferView-initData">generateRequest()</a></code> algorithm:</p>
+ <ul>
+ <li><p>The generated <var title="true">message</var> is a JSON object encoded in UTF-8 as described in <a href="#clear-key-request-format">License Request Format</a>.</p></li>
+ <li><p>The request is generated by extracting the key IDs from the <var>init data</var>.</p></li>
+ <li><p>The "type" member value is the value of the <var title="true">sessionType</var> parameter.</p></li>
+ </ul>
+ </li>
+ <li><p>The <code><a href="#widl-MediaKeySession-sessionId">sessionId</a></code> attribute is a numerical value representable by a 32-bit integer.</p></li>
+ <li><p>The <code><a href="#widl-MediaKeySession-expiration">expiration</a></code> attribute is always <code>NaN</code>.</p></li>
+ <li><p>In the <code><a href="#widl-MediaKeySession-update-Promise-void--ArrayBuffer-ArrayBufferView-response">update()</a></code> algorithm:</p>
+ <ul>
+ <li><p>The <var title="true">response</var> parameter is a JWK Set as described in <a href="#clear-key-license-format">License Format</a>.</p></li>
+ <li><p><var>sanitized response</var> is considered invalid if it is not a valid JWK Set with at least one valid JWK key of a valid length for the media type.</p></li>
+ </ul>
+ </li>
+ <li><p>The <code><a href="#widl-MediaKeySession-getUsableKeyIds-Promise-sequence-ArrayBuffer">getUsableKeyIds()</a></code> method always returns all key IDs that have been provided via <code><a href="#widl-MediaKeySession-update-Promise-void--ArrayBuffer-ArrayBufferView-response">update()</a></code>.</p></li>
+ <li><p><a href="#initialization-data">Initialization Data</a>: Implementations <em class="rfc2119" title="MAY">MAY</em> support any combination of registered Initialization Data types [<cite><a class="bibref" href="#bib-EME-REGISTRY">EME-REGISTRY</a></cite>].
+ Implementations <em class="rfc2119" title="SHOULD">SHOULD</em> support the <code><a href="keyids-format.html">"keyids"</a></code> type and other types appropriate for content types supported by the user agent.
+ </p></li>
+ </ul>
+ </section>
- <p>The format is a JSON object containing the following members:</p>
- <dl>
- <dt>"kids"</dt>
- <dd>An array of <a href="#decryption-key-id">key IDs</a>. Each element of the array is the base64url encoding of the octet sequence containing the key ID value.</dd>
- <dt>"type"</dt>
- <dd>The requested <code><a href="#idl-def-SessionType">SessionType</a></code></dd>
- </dl>
-
- <p>When contained in the ArrayBuffer <code><a href="#widl-MediaKeyMessageEvent-message">message</a></code> attribute of a <code><a href="#idl-def-MediaKeyMessageEvent">MediaKeyMessageEvent</a></code> object, the JSON string is encoded in UTF-8 as specified in the Encoding specification [<cite><a class="bibref" href="#bib-ENCODING">ENCODING</a></cite>].
- Applications <em class="rfc2119" title="MAY">MAY</em> decode the contents of the ArrayBuffer to a JSON string using the <a href="http://www.w3.org/TR/encoding/#interface-textdecoder">TextDecoder interface</a> [<cite><a class="bibref" href="#bib-ENCODING">ENCODING</a></cite>].
- </p>
-
- <section id="clear-key-request-format-example" class="informative" typeof="bibo:Chapter" resource="#clear-key-request-format-example" rel="bibo:Chapter">
- <h5 role="heading" id="h5_clear-key-request-format-example"><span class="secno">5.1.3.1 </span>Example</h5><p><em>This section is non-normative.</em></p>
- <p>The following example is a license request for a temporary license for two key IDs. (Line breaks are for readability only.)</p>
- <div class="example"><div class="example-title"><span>Example 1</span></div><pre class="example highlight prettyprint prettyprinted"><span class="pun">{</span><span class="pln">
+ <section id="clear-key-request-format" typeof="bibo:Chapter" resource="#clear-key-request-format" rel="bibo:Chapter">
+ <h4 role="heading" id="h4_clear-key-request-format"><span class="secno">5.1.3 </span>License Request Format</h4>
+ <p>This section describes the format of the license request provided to the application via the <code><a href="#widl-MediaKeyMessageEvent-message">message</a></code> attribute of the <code><a href="#dom-evt-message">message</a></code> event.</p>
+
+ <p>The format is a JSON object containing the following members:</p>
+ <dl>
+ <dt>"kids"</dt>
+ <dd>An array of <a href="#decryption-key-id">key IDs</a>. Each element of the array is the base64url encoding of the octet sequence containing the key ID value.</dd>
+ <dt>"type"</dt>
+ <dd>The requested <code><a href="#idl-def-SessionType">SessionType</a></code></dd>
+ </dl>
+
+ <p>When contained in the ArrayBuffer <code><a href="#widl-MediaKeyMessageEvent-message">message</a></code> attribute of a <code><a href="#idl-def-MediaKeyMessageEvent">MediaKeyMessageEvent</a></code> object, the JSON string is encoded in UTF-8 as specified in the Encoding specification [<cite><a class="bibref" href="#bib-ENCODING">ENCODING</a></cite>].
+ Applications <em class="rfc2119" title="MAY">MAY</em> decode the contents of the ArrayBuffer to a JSON string using the <a href="http://www.w3.org/TR/encoding/#interface-textdecoder">TextDecoder interface</a> [<cite><a class="bibref" href="#bib-ENCODING">ENCODING</a></cite>].
+ </p>
+
+ <section id="clear-key-request-format-example" class="informative" typeof="bibo:Chapter" resource="#clear-key-request-format-example" rel="bibo:Chapter">
+ <h5 role="heading" id="h5_clear-key-request-format-example"><span class="secno">5.1.3.1 </span>Example</h5><p><em>This section is non-normative.</em></p>
+ <p>The following example is a license request for a temporary license for two key IDs. (Line breaks are for readability only.)</p>
+ <div class="example"><div class="example-title"><span>Example 1</span></div><pre class="example highlight prettyprint prettyprinted"><span class="pun">{</span><span class="pln">
</span><span class="str">"kids"</span><span class="pun">:</span><span class="pln">
</span><span class="pun">[</span><span class="pln">
</span><span class="str">"67ef0gd8pvfd0"</span><span class="pun">,</span><span class="pln">
@@ -1836,40 +1837,40 @@
</span><span class="pun">],</span><span class="pln">
</span><span class="str">"type"</span><span class="pun">:</span><code><a href="#idl-def-SessionType.temporary">"temporary"</a></code><span class="pln">
</span><span class="pun">}</span></pre></div>
- </section>
- </section>
-
- <section id="clear-key-license-format" typeof="bibo:Chapter" resource="#clear-key-license-format" rel="bibo:Chapter">
- <h4 role="heading" id="h4_clear-key-license-format"><span class="secno">5.1.4 </span>License Format</h4>
- <p>This section describes the format of the license to be provided via the <var title="true">response</var> parameter of the <code><a href="#widl-MediaKeySession-update-Promise-void--ArrayBuffer-ArrayBufferView-response">update()</a></code> method.</p>
-
- <p>The format is a JSON Web Key (JWK) Set containing representation of the symmetric key to be used for decryption, as defined in the JSON Web Key (JWK) specification [<cite><a class="bibref" href="#bib-JWK">JWK</a></cite>].</p>
-
- <p>For each JWK in the set, the parameter values are as follows:</p>
- <dl>
- <dt>"kty" (key type)</dt>
- <dd>"oct" (octet sequence)</dd>
- <dt>"alg" (algorithm)</dt>
- <dd>"A128KW" (AES key wrap using a 128-bit key)</dd>
- <dt>"k" (key value)</dt>
- <dd>The base64url encoding of the octet sequence containing the symmetric <a href="#decryption-key">key</a> value</dd>
- <dt>"kid" (key ID)</dt>
- <dd>The base64url encoding of the octet sequence containing the <a href="#decryption-key-id">key ID</a> value</dd>
- </dl>
-
- <p>The JSON object <em class="rfc2119" title="MAY">MAY</em> have an optional "type" member value, which <em class="rfc2119" title="MUST">MUST</em> be one of the <code><a href="#idl-def-SessionType">SessionType</a></code> values.
- If not specified, the default value of <code><a href="#idl-def-SessionType.temporary">"temporary"</a></code> is used.
- The <code><a href="#widl-MediaKeySession-update-Promise-void--ArrayBuffer-ArrayBufferView-response">update()</a></code> algorithm compares this value to the <var title="true">sessionType</var>.
- </p>
-
- <p>When passed to the <code><a href="#widl-MediaKeySession-update-Promise-void--ArrayBuffer-ArrayBufferView-response">update()</a></code> method as the ArrayBuffer <var title="true">response</var> parameter, the JSON string <em class="rfc2119" title="MUST">MUST</em> be encoded in UTF-8 as specified in the Encoding specification [<cite><a class="bibref" href="#bib-ENCODING">ENCODING</a></cite>].
- Applications <em class="rfc2119" title="MAY">MAY</em> encode the JSON string using the <a href="http://www.w3.org/TR/encoding/#interface-textencoder">TextEncoder interface</a> [<cite><a class="bibref" href="#bib-ENCODING">ENCODING</a></cite>].
- </p>
-
- <section id="clear-key-license-format-example" class="informative" typeof="bibo:Chapter" resource="#clear-key-license-format-example" rel="bibo:Chapter">
- <h5 role="heading" id="h5_clear-key-license-format-example"><span class="secno">5.1.4.1 </span>Example</h5><p><em>This section is non-normative.</em></p>
- <p>The following example is a JWK Set containing a single symmetric key. (Line breaks are for readability only.)</p>
- <div class="example"><div class="example-title"><span>Example 2</span></div><pre class="example highlight prettyprint prettyprinted"><span class="pun">{</span><span class="pln">
+ </section>
+ </section>
+
+ <section id="clear-key-license-format" typeof="bibo:Chapter" resource="#clear-key-license-format" rel="bibo:Chapter">
+ <h4 role="heading" id="h4_clear-key-license-format"><span class="secno">5.1.4 </span>License Format</h4>
+ <p>This section describes the format of the license to be provided via the <var title="true">response</var> parameter of the <code><a href="#widl-MediaKeySession-update-Promise-void--ArrayBuffer-ArrayBufferView-response">update()</a></code> method.</p>
+
+ <p>The format is a JSON Web Key (JWK) Set containing representation of the symmetric key to be used for decryption, as defined in the JSON Web Key (JWK) specification [<cite><a class="bibref" href="#bib-JWK">JWK</a></cite>].</p>
+
+ <p>For each JWK in the set, the parameter values are as follows:</p>
+ <dl>
+ <dt>"kty" (key type)</dt>
+ <dd>"oct" (octet sequence)</dd>
+ <dt>"alg" (algorithm)</dt>
+ <dd>"A128KW" (AES key wrap using a 128-bit key)</dd>
+ <dt>"k" (key value)</dt>
+ <dd>The base64url encoding of the octet sequence containing the symmetric <a href="#decryption-key">key</a> value</dd>
+ <dt>"kid" (key ID)</dt>
+ <dd>The base64url encoding of the octet sequence containing the <a href="#decryption-key-id">key ID</a> value</dd>
+ </dl>
+
+ <p>The JSON object <em class="rfc2119" title="MAY">MAY</em> have an optional "type" member value, which <em class="rfc2119" title="MUST">MUST</em> be one of the <code><a href="#idl-def-SessionType">SessionType</a></code> values.
+ If not specified, the default value of <code><a href="#idl-def-SessionType.temporary">"temporary"</a></code> is used.
+ The <code><a href="#widl-MediaKeySession-update-Promise-void--ArrayBuffer-ArrayBufferView-response">update()</a></code> algorithm compares this value to the <var title="true">sessionType</var>.
+ </p>
+
+ <p>When passed to the <code><a href="#widl-MediaKeySession-update-Promise-void--ArrayBuffer-ArrayBufferView-response">update()</a></code> method as the ArrayBuffer <var title="true">response</var> parameter, the JSON string <em class="rfc2119" title="MUST">MUST</em> be encoded in UTF-8 as specified in the Encoding specification [<cite><a class="bibref" href="#bib-ENCODING">ENCODING</a></cite>].
+ Applications <em class="rfc2119" title="MAY">MAY</em> encode the JSON string using the <a href="http://www.w3.org/TR/encoding/#interface-textencoder">TextEncoder interface</a> [<cite><a class="bibref" href="#bib-ENCODING">ENCODING</a></cite>].
+ </p>
+
+ <section id="clear-key-license-format-example" class="informative" typeof="bibo:Chapter" resource="#clear-key-license-format-example" rel="bibo:Chapter">
+ <h5 role="heading" id="h5_clear-key-license-format-example"><span class="secno">5.1.4.1 </span>Example</h5><p><em>This section is non-normative.</em></p>
+ <p>The following example is a JWK Set containing a single symmetric key. (Line breaks are for readability only.)</p>
+ <div class="example"><div class="example-title"><span>Example 2</span></div><pre class="example highlight prettyprint prettyprinted"><span class="pun">{</span><span class="pln">
</span><span class="str">"keys"</span><span class="pun">:</span><span class="pln">
</span><span class="pun">[{</span><span class="pln">
</span><span class="str">"kty"</span><span class="pun">:</span><span class="str">"oct"</span><span class="pun">,</span><span class="pln">
@@ -1879,190 +1880,187 @@
</span><span class="pun">}],</span><span class="pln">
</span><span class="str">"type"</span><span class="pun">:</span><code><a href="#idl-def-SessionType.temporary">"temporary"</a></code><span class="pln">
</span><span class="pun">}</span></pre></div>
- </section>
- </section>
-
- <section id="using-base64url" class="informative" typeof="bibo:Chapter" resource="#using-base64url" rel="bibo:Chapter">
- <h4 role="heading" id="h4_using-base64url"><span class="secno">5.1.5 </span>Using base64url</h4><p><em>This section is non-normative.</em></p>
- <p>For more information on base64url and working with it, see the "Base64url Encoding" terminology definition and "Notes on implementing base64url encoding without padding" in [<cite><a class="bibref" href="#bib-JWS">JWS</a></cite>].
- Specifically, there is no '=' padding, and the characters '-' and '_' <em class="rfc2119" title="MUST">MUST</em> be used instead of '+' and '/', respectively.
- </p>
- </section>
- </section>
+ </section>
+ </section>
+
+ <section id="using-base64url" class="informative" typeof="bibo:Chapter" resource="#using-base64url" rel="bibo:Chapter">
+ <h4 role="heading" id="h4_using-base64url"><span class="secno">5.1.5 </span>Using base64url</h4><p><em>This section is non-normative.</em></p>
+ <p>For more information on base64url and working with it, see the "Base64url Encoding" terminology definition and "Notes on implementing base64url encoding without padding" in [<cite><a class="bibref" href="#bib-JWS">JWS</a></cite>].
+ Specifically, there is no '=' padding, and the characters '-' and '_' <em class="rfc2119" title="MUST">MUST</em> be used instead of '+' and '/', respectively.
+ </p>
+ </section>
+ </section>
</section>
<section id="security" class="informative" typeof="bibo:Chapter" resource="#security" rel="bibo:Chapter">
- <!--OddPage--><h2 role="heading" id="h2_security"><span class="secno">6. </span>Security Considerations</h2><p><em>This section is non-normative.</em></p>
-
- <p>User Agent and Key System implementations must consider <a href="http://www.w3.org/TR/html5/embedded-content-0.html#media-data">media data</a>, <a href="#initialization-data">Initialization Data</a>, responses (i.e. data passed to <code><a href="#widl-MediaKeySession-update-Promise-void--ArrayBuffer-ArrayBufferView-response">update()</a></code>), licenses, key data, and all other data provided by the application as untrusted content and potential attack vectors.
- They must use appropriate safeguards to mitigate any associated threats and take care to safely parse, decrypt, etc. such data.
- User Agents may want to validate data before passing it to the CDM, especially if the CDM does not run in the same (sandboxed) context as the DOM (i.e. rendering).
- </p>
- <p>Implementations should not return active content or passive content that affects program control flow to the application.
- For example, it is not safe to expose URLs or other information that may have come from media data, such as is the case for the Initialization Data passed to <code><a href="#widl-MediaKeySession-generateRequest-Promise-void--DOMString-initDataType-ArrayBuffer-ArrayBufferView-initData">generateRequest()</a></code>.
- Applications should determine the URLs to use. The <code><a href="#widl-MediaKeyMessageEvent-type">type</a></code> attribute of the <code><a href="#dom-evt-message">message</a></code> event can be used by the application to select among a set of URLs if applicable.
- </p>
- <p>User Agents are responsible for providing users with a secure way to browse the web. Since User Agents may integrate with third party CDM implementations, CDM implementers must provide sufficient information and controls to user agent implementers to enable them to properly asses the security implications of integrating with the Key System.</p>
- <p>Unsandboxed CDMs (or CDMs that use platform features) and UAs that use them must be especially careful in all areas of security, including parsing of key and media data, etc. due to the potential for compromises to provide access to OS/platform features, interact with or run as root, access drivers, kernel, firmware, hardware, etc., all of which may not be written to be robust against hostile software or web-based attacks. Additionally, CDMs may not be updated with security fixes as frequently, especially when part of the OS, platform or hardware.</p>
-
- <p>User agents may choose to only support the EME APIs and/or specific Key Systems (i.e. based on privacy and security risks) on secure origins.
- This is especially important if a user agent chooses to support a Key System implementation that cannot be sufficiently sandboxed or otherwise secured.
- Such user agents should also properly handle Mixed Content [<cite><a class="bibref" href="#bib-MIXED-CONTENT">MIXED-CONTENT</a></cite>] to avoid potential exposure to insecure content.
- See also <a href="#privacy-secureorigin">Use Secure Origin and Transport</a>.
- </p>
-
- <p>If a user agent chooses to support a Key System implementation that cannot be sufficiently sandboxed or otherwise secured, the user agent should ensure that users are fully informed and/or give explicit consent before loading or invoking it.
- See also <a href="#privacy-prompts">User Alerts / Prompts</a>.
- </p>
-
-
+ <!--OddPage--><h2 role="heading" id="h2_security"><span class="secno">6. </span>Security Considerations</h2><p><em>This section is non-normative.</em></p>
+
+ <p>User Agent and Key System implementations must consider <a href="http://www.w3.org/TR/html5/embedded-content-0.html#media-data">media data</a>, <a href="#initialization-data">Initialization Data</a>, responses (i.e. data passed to <code><a href="#widl-MediaKeySession-update-Promise-void--ArrayBuffer-ArrayBufferView-response">update()</a></code>), licenses, key data, and all other data provided by the application as untrusted content and potential attack vectors.
+ They must use appropriate safeguards to mitigate any associated threats and take care to safely parse, decrypt, etc. such data.
+ User Agents may want to validate data before passing it to the CDM, especially if the CDM does not run in the same (sandboxed) context as the DOM (i.e. rendering).
+ </p>
+ <p>Implementations should not return active content or passive content that affects program control flow to the application.
+ For example, it is not safe to expose URLs or other information that may have come from media data, such as is the case for the Initialization Data passed to <code><a href="#widl-MediaKeySession-generateRequest-Promise-void--DOMString-initDataType-ArrayBuffer-ArrayBufferView-initData">generateRequest()</a></code>.
+ Applications should determine the URLs to use. The <code><a href="#widl-MediaKeyMessageEvent-type">type</a></code> attribute of the <code><a href="#dom-evt-message">message</a></code> event can be used by the application to select among a set of URLs if applicable.
+ </p>
+ <p>User Agents are responsible for providing users with a secure way to browse the web. Since User Agents may integrate with third party CDM implementations, CDM implementers must provide sufficient information and controls to user agent implementers to enable them to properly asses the security implications of integrating with the Key System.</p>
+ <p>Unsandboxed CDMs (or CDMs that use platform features) and UAs that use them must be especially careful in all areas of security, including parsing of key and media data, etc. due to the potential for compromises to provide access to OS/platform features, interact with or run as root, access drivers, kernel, firmware, hardware, etc., all of which may not be written to be robust against hostile software or web-based attacks. Additionally, CDMs may not be updated with security fixes as frequently, especially when part of the OS, platform or hardware.</p>
+
+ <p>User agents may choose to only support the EME APIs and/or specific Key Systems (i.e. based on privacy and security risks) on secure origins.
+ This is especially important if a user agent chooses to support a Key System implementation that cannot be sufficiently sandboxed or otherwise secured.
+ Such user agents should also properly handle Mixed Content [<cite><a class="bibref" href="#bib-MIXED-CONTENT">MIXED-CONTENT</a></cite>] to avoid potential exposure to insecure content.
+ See also <a href="#privacy-secureorigin">Use Secure Origin and Transport</a>.
+ </p>
+
+ <p>If a user agent chooses to support a Key System implementation that cannot be sufficiently sandboxed or otherwise secured, the user agent should ensure that users are fully informed and/or give explicit consent before loading or invoking it.
+ See also <a href="#privacy-prompts">User Alerts / Prompts</a>.
+ </p>
</section>
<section id="privacy" class="informative" typeof="bibo:Chapter" resource="#privacy" rel="bibo:Chapter">
- <!--OddPage--><h2 role="heading" id="h2_privacy"><span class="secno">7. </span>Privacy Considerations</h2><p><em>This section is non-normative.</em></p>
-
- <p>The presence or use of Key Systems on a user's device raises a number of privacy issues, falling into two categories: (a) user-specific information that may be disclosed by the EME interface itself, or within messages from Key Systems and (b) user-specific information that may be persistently stored on the users device.</p>
- <p>User Agents should take responsibility for providing users with adequate control over their own privacy. Since User Agents may integrate with third party CDM implementations, CDM implementers must provide sufficient information and controls to user agent implementers to enable them to implement appropriate techniques to ensure users have control over their privacy, including but not limited to the techniques described below.</p>
-
- <section id="privacy-disclosure" typeof="bibo:Chapter" resource="#privacy-disclosure" rel="bibo:Chapter">
- <h3 role="heading" id="h3_privacy-disclosure"><span class="secno">7.1 </span>Information Disclosed by EME and Key Systems</h3>
- <p>Concerns regarding information disclosed by EME and Key Systems fall into two categories, concerns about non-specific information that may nevertheless contribute to the possibility of fingerprinting a user agent or device and user-specific information that may be used directly for user tracking.</p>
- </section>
-
- <section id="privacy-fingerprinting" typeof="bibo:Chapter" resource="#privacy-fingerprinting" rel="bibo:Chapter">
- <h3 role="heading" id="h3_privacy-fingerprinting"><span class="secno">7.2 </span>Fingerprinting</h3>
- <p>Malicious applications may be able to fingerprint users or user agents by detecting or enumerating the list of Key Systems that are supported and related information. If proper origin protections are not provided this could include detection of sites that have been visited and information stored for those sites. In particular, Key Systems should not share key or other data between origins.</p>
- </section>
-
- <section id="privacy-leakage" typeof="bibo:Chapter" resource="#privacy-leakage" rel="bibo:Chapter">
- <h3 role="heading" id="h3_privacy-leakage"><span class="secno">7.3 </span>Information Leakage</h3>
- <p>CDMs, especially those implemented outside the user agent, may not have the same fundamental isolations as the web platform.
- It is important that steps be taken to avoid information leakage, especially across origins.
- This includes both in-memory and stored data.
- Failure to do so could lead to information leakage to/from Incognito/Private Browsing sessions, across profiles, and even across different browsers, applications, and operating system user accounts.
- </p>
+ <!--OddPage--><h2 role="heading" id="h2_privacy"><span class="secno">7. </span>Privacy Considerations</h2><p><em>This section is non-normative.</em></p>
+
+ <p>The presence or use of Key Systems on a user's device raises a number of privacy issues, falling into two categories: (a) user-specific information that may be disclosed by the EME interface itself, or within messages from Key Systems and (b) user-specific information that may be persistently stored on the users device.</p>
+ <p>User Agents should take responsibility for providing users with adequate control over their own privacy. Since User Agents may integrate with third party CDM implementations, CDM implementers must provide sufficient information and controls to user agent implementers to enable them to implement appropriate techniques to ensure users have control over their privacy, including but not limited to the techniques described below.</p>
+
+ <section id="privacy-disclosure" typeof="bibo:Chapter" resource="#privacy-disclosure" rel="bibo:Chapter">
+ <h3 role="heading" id="h3_privacy-disclosure"><span class="secno">7.1 </span>Information Disclosed by EME and Key Systems</h3>
+ <p>Concerns regarding information disclosed by EME and Key Systems fall into two categories, concerns about non-specific information that may nevertheless contribute to the possibility of fingerprinting a user agent or device and user-specific information that may be used directly for user tracking.</p>
+ </section>
+
+ <section id="privacy-fingerprinting" typeof="bibo:Chapter" resource="#privacy-fingerprinting" rel="bibo:Chapter">
+ <h3 role="heading" id="h3_privacy-fingerprinting"><span class="secno">7.2 </span>Fingerprinting</h3>
+ <p>Malicious applications may be able to fingerprint users or user agents by detecting or enumerating the list of Key Systems that are supported and related information. If proper origin protections are not provided this could include detection of sites that have been visited and information stored for those sites. In particular, Key Systems should not share key or other data between origins.</p>
+ </section>
+
+ <section id="privacy-leakage" typeof="bibo:Chapter" resource="#privacy-leakage" rel="bibo:Chapter">
+ <h3 role="heading" id="h3_privacy-leakage"><span class="secno">7.3 </span>Information Leakage</h3>
+ <p>CDMs, especially those implemented outside the user agent, may not have the same fundamental isolations as the web platform.
+ It is important that steps be taken to avoid information leakage, especially across origins.
+ This includes both in-memory and stored data.
+ Failure to do so could lead to information leakage to/from Incognito/Private Browsing sessions, across profiles, and even across different browsers, applications, and operating system user accounts.
+ </p>
+
+ <p>To avoid such issues, user agent and CDM implementations should ensure that:</p>
+ <ul>
+ <li>CDMs have a concept of a CDM instance that is associated 1:1 with a MediaKeys object.</li>
+ <li>Keys, licenses, other session data, and the presence of sessions are restricted to the CDM instance associated with the MediaKeys object that created the session.</li>
+ <li>Session data is not shared between MediaKeys objects or CDM instances.</li>
+ <li>Session data is not shared with media elements not associated with the MediaKeys object that created the session. Among other things, this means a session's keys may not be used to decrypt content loaded by a media element whose <code><a href="#widl-HTMLMediaElement-mediaKeys">mediaKeys</a></code> attribute is not the MediaKeys object.</li>
+ <li>MediaKeys objects and the underlying implementation do not expose information outside the origin.</li>
+ <li>Persisted session data, if applicable, is stored on a per-origin basis.</li>
+ <li>Only data stored by the requesting origin may be loaded.</li>
+ </ul>
+ </section>
+
+ <section id="privacy-tracking" typeof="bibo:Chapter" resource="#privacy-tracking" rel="bibo:Chapter">
+ <h3 role="heading" id="h3_privacy-tracking"><span class="secno">7.4 </span>Tracking</h3>
+ <p>User-specific information may be obtained over the EME API in two ways: through detection of stored keys and through Key System messages.</p>
- <p>To avoid such issues, user agent and CDM implementations should ensure that:</p>
- <ul>
- <li>CDMs have a concept of a CDM instance that is associated 1:1 with a MediaKeys object.</li>
- <li>Keys, licenses, other session data, and the presence of sessions are restricted to the CDM instance associated with the MediaKeys object that created the session.</li>
- <li>Session data is not shared between MediaKeys objects or CDM instances.</li>
- <li>Session data is not shared with media elements not associated with the MediaKeys object that created the session. Among other things, this means a session's keys may not be used to decrypt content loaded by a media element whose <code><a href="#widl-HTMLMediaElement-mediaKeys">mediaKeys</a></code> attribute is not the MediaKeys object.</li>
- <li>MediaKeys objects and the underlying implementation do not expose information outside the origin.</li>
- <li>Persisted session data, if applicable, is stored on a per-origin basis.</li>
- <li>Only data stored by the requesting origin may be loaded.</li>
- </ul>
- </section>
-
- <section id="privacy-tracking" typeof="bibo:Chapter" resource="#privacy-tracking" rel="bibo:Chapter">
- <h3 role="heading" id="h3_privacy-tracking"><span class="secno">7.4 </span>Tracking</h3>
- <p>User-specific information may be obtained over the EME API in two ways: through detection of stored keys and through Key System messages.</p>
-
- <p>Key Systems may access or create persistent or semi-persistent identifiers for a device or user of a device. In some cases these identifiers may be bound to a specific device in a secure manner. If these identifiers are present in Key System messages, then devices and/or users may be tracked. If the mitigations below are not applied this could include both tracking of users / devices over time and associating multiple users of a given device. If not mitigated, such tracking may take three forms depending on the design of the Key System:</p>
- <ul>
- <li>In all cases, such identifiers are expected to be available to sites and/or servers that fully support the Key System (and thus can interpret Key System messages) enabling tracking by such sites.</li>
- <li>If identifiers exposed by Key Systems are not origin-specific, then two sites and/or servers that fully support the Key System may collude to track the user</li>
- <li>If a Key System messages contains information derived from a user identifier in a consistent manner, for example such that a portion of the initial Key System message for a specific content item does not change over time and is dependent on the user identifier, then this information could be used by any application to track the device or user over time.</li>
- </ul>
-
- <p>If a Key System permits keys to be stored and to be re-used between origins, then it may be possible for two origins to collude and track a unique user by recording their ability to access a common key.</p>
- <p>Finally, if any user interface for user control of Key Systems presents data separately from data in HTTP session cookies or persistent storage, then users are likely to modify site authorization or delete data in one and not the others. This would allow sites to use the various features as redundant backup for each other, defeating a user's attempts to protect his privacy.</p>
- <p>There are a number of techniques that can be used to mitigate these risks of tracking without user consent:</p>
-
- <dl>
- <dt>User deletion of persistent identifiers</dt>
- <dd>User agents could provide users with the ability to clear any persistent identifiers maintained by Key Systems.</dd>
-
- <dt>Use of (non-reversible) per-origin identifiers</dt>
- <dd>The user / device identifier exposed by a Key System may be different for each origin, either by allocation of different identifiers for different origins or by use of a non-reversible origin-specific mapping from an origin-independent identifier.</dd>
-
- <dt id="identifier-encryption">Encryption of user identifiers</dt>
- <dd>User identifiers in Key System messages could be encrypted, together with a timestamp or nonce, such that the Key System messages are always different. This would prevent the use of Key System messages for tracking except by applications fully supporting the Key System.
- This may be implemented using a <a href="#server-certificate">server certificate</a>.
- </dd>
+ <p>Key Systems may access or create persistent or semi-persistent identifiers for a device or user of a device. In some cases these identifiers may be bound to a specific device in a secure manner. If these identifiers are present in Key System messages, then devices and/or users may be tracked. If the mitigations below are not applied this could include both tracking of users / devices over time and associating multiple users of a given device. If not mitigated, such tracking may take three forms depending on the design of the Key System:</p>
+ <ul>
+ <li>In all cases, such identifiers are expected to be available to sites and/or servers that fully support the Key System (and thus can interpret Key System messages) enabling tracking by such sites.</li>
+ <li>If identifiers exposed by Key Systems are not origin-specific, then two sites and/or servers that fully support the Key System may collude to track the user</li>
+ <li>If a Key System messages contains information derived from a user identifier in a consistent manner, for example such that a portion of the initial Key System message for a specific content item does not change over time and is dependent on the user identifier, then this information could be used by any application to track the device or user over time.</li>
+ </ul>
+
+ <p>If a Key System permits keys to be stored and to be re-used between origins, then it may be possible for two origins to collude and track a unique user by recording their ability to access a common key.</p>
+ <p>Finally, if any user interface for user control of Key Systems presents data separately from data in HTTP session cookies or persistent storage, then users are likely to modify site authorization or delete data in one and not the others. This would allow sites to use the various features as redundant backup for each other, defeating a user's attempts to protect his privacy.</p>
+ <p>There are a number of techniques that can be used to mitigate these risks of tracking without user consent:</p>
+
+ <dl>
+ <dt>User deletion of persistent identifiers</dt>
+ <dd>User agents could provide users with the ability to clear any persistent identifiers maintained by Key Systems.</dd>
+
+ <dt>Use of (non-reversible) per-origin identifiers</dt>
+ <dd>The user / device identifier exposed by a Key System may be different for each origin, either by allocation of different identifiers for different origins or by use of a non-reversible origin-specific mapping from an origin-independent identifier.</dd>
+
+ <dt id="identifier-encryption">Encryption of user identifiers</dt>
+ <dd>User identifiers in Key System messages could be encrypted, together with a timestamp or nonce, such that the Key System messages are always different. This would prevent the use of Key System messages for tracking except by applications fully supporting the Key System.
+ This may be implemented using a <a href="#server-certificate">server certificate</a>.
+ </dd>
+
+ <dt>Site-specific white-listing of access to each Key System</dt>
+ <dd>User agents could require the user to explicitly authorize access by each site to each Key System. User agents should enable users to revoke this authorization either temporarily or permanently.</dd>
+
+ <dt>Treating Key System persistent identifiers as cookies</dt>
+ <dd>User agents should present the presence of persistent identifiers stored by Key Systems to the user in a way that associates them strongly with HTTP session cookies. This might encourage users to view such identifiers with healthy suspicion.</dd>
+
+ <dt>Shared blacklists</dt>
+ <dd>User agents may allow users to share their Key System domain blacklists. This would allow communities to act together to protect their privacy.</dd>
+
+ <dt id="privacy-prompts">User Alerts / Prompts</dt>
+ <dd>User Agents should ensure that users are fully informed and/or give explicit consent before identifiers are exposed in messages from Key Systems.
+ Such alerts and consent should be per origin to avoid valid uses enabling subsequent malicious access.
+ User agents that consider such alerts or consent appropriate should only support such Key Systems on secure origins (see <a href="#privacy-secureorigin">Use Secure Origin and Transport</a>), especially if they allow such consent to be persisted.
+ (Granting permissions to unauthenticated origins is equivalent to granting the permissions to any origin in the presence of a network attacker.)
+ </dd>
+
+ <dt>User controls to disable Key Systems or Key System use of identifiers</dt>
+ <dd>User Agents could provide users with a global control of whether a Key System is enabled / disabled and/or whether Key System use of user / device identifiers is enabled or disabled (if supported by the Key System).</dd>
+ </dl>
+
+ <p>While these suggestions prevent trivial use of this feature for user tracking, they do not block it altogether. Within a single domain, a site can continue to track the user during a session, and can then pass all this information to a third party along with any identifying information (names, credit card numbers, addresses) obtained by the site. If a third party cooperates with multiple sites to obtain such information, and if identifiers are not per-origin, then a profile can still be created.</p>
+ <p>It is important to note that identifiers that are non-clearable, non-origin-specific or hardware-bound exceed the tracking impact of existing techniques such as cookies or session identifiers embedded in URLs.</p>
+ <p>Thus, in addition to the various mitigations described above, if a browser supports a mode of operation intended to preserve user anonymity, then User Agent implementers should carefully consider whether access to Key Systems should be disabled in this mode.</p>
+ </section>
+
+ <section id="privacy-storedinfo" typeof="bibo:Chapter" resource="#privacy-storedinfo" rel="bibo:Chapter">
+ <h3 role="heading" id="h3_privacy-storedinfo"><span class="secno">7.5 </span>Information Stored on User Devices</h3>
+ <p>Key Systems may store information on a user's device, or user agents may store information on behalf of Key Systems. Potentially, this could reveal information about a user to another user of the same device, including potentially the origins that have used a particular Key System (i.e. sites visited) or even the content that has been decrypted using a Key System.</p>
+ <p>If information stored by one origin affects the operation of the Key System for another origin, then potentially the sites visited or content viewed by a user on one site may be revealed to another, potentially malicious, site.</p>
+ <p>There are a number of techniques that can be used to mitigate these privacy risk to users:</p>
+
+ <dl>
+ <dt>Origin-specific Key System storage</dt>
+ <dd>User agents may require that some or all of the Key System's persistently stored data is stored in an origin-specific way. Session data, licenses, and keys that are persistently stored should be stored per-origin.</dd>
+
+ <dt>User deletion of Key System storage</dt>
+ <dd>User agents may present the user with a way to delete Key System storage for a specific origin or all origins.</dd>
+
+ <dt>Treating Key System stored data like cookies / Web Storage</dt>
+ <dd>User agents should present the presence of persistent data stored by Key Systems to the user in a way that associates it strongly with HTTP session cookies and/or Web Storage. This might encourage users to view such data with healthy suspicion.</dd>
+
+ <dt>Encryption or obfuscation of Key System stored data</dt>
+ <dd>User agents should treat data stored by Key Systems as potentially sensitive; it is quite possible for user privacy to be compromised by the release of this information. To this end, user agents should ensure that such data is securely stored and when deleting data, it is promptly deleted from the underlying storage.</dd>
+ </dl>
+
+ <p>User agent and CDM implementations that allow the CDM to persist data should:</p>
+ <ul>
+ <li>Ensure it is restricted to the origin for which it was created.</li>
+ <li>Ensure it is restricted to the current profile and does not leak to or from Incognito/Private Browsing sessions.</li>
+ <li>Allow the user to clear it, preferably by origin.</li>
+ <li>Treat it like other site data, including presenting it along with cookies, including it in "remove all data", and presenting it in the same UI locations.</li>
+ </ul>
+ </section>
+
+ <section id="privacy-secureorigin" typeof="bibo:Chapter" resource="#privacy-secureorigin" rel="bibo:Chapter">
+ <h3 role="heading" id="h3_privacy-secureorigin"><span class="secno">7.6 </span>Use Secure Origin and Transport</h3>
+ <p>In order to protect identifiers and other information discussed in previous sections, user agents may choose to only support the EME APIs and/or specific Key Systems (i.e. based on privacy and security risks) on secure origins.
+ This is especially important if a user agent chooses to support a Key System implementation that exposes identifiers or other such information without effectively anonymizing it in transit (i.e. without <a href="#identifier-encryption">encrypting identifiers</a>).
+ </p>
+ <p>Regardless of user agent limitations, applications should use secure transport (e.g. HTTPS) for all traffic containing messages from the CDM (i.e. all data passed from <code><a href="#dom-evt-message">message</a></code> events and to <code><a href="#widl-MediaKeySession-update-Promise-void--ArrayBuffer-ArrayBufferView-response">update()</a></code>).</p>
+ <p>All user agents should properly handle Mixed Content [<cite><a class="bibref" href="#bib-MIXED-CONTENT">MIXED-CONTENT</a></cite>] to avoid exposure to insecure content or transport when the user agent or application wish to enforce secure origin and transport.</p>
+ </section>
- <dt>Site-specific white-listing of access to each Key System</dt>
- <dd>User agents could require the user to explicitly authorize access by each site to each Key System. User agents should enable users to revoke this authorization either temporarily or permanently.</dd>
-
- <dt>Treating Key System persistent identifiers as cookies</dt>
- <dd>User agents should present the presence of persistent identifiers stored by Key Systems to the user in a way that associates them strongly with HTTP session cookies. This might encourage users to view such identifiers with healthy suspicion.</dd>
-
- <dt>Shared blacklists</dt>
- <dd>User agents may allow users to share their Key System domain blacklists. This would allow communities to act together to protect their privacy.</dd>
-
- <dt id="privacy-prompts">User Alerts / Prompts</dt>
- <dd>User Agents should ensure that users are fully informed and/or give explicit consent before identifiers are exposed in messages from Key Systems.
- Such alerts and consent should be per origin to avoid valid uses enabling subsequent malicious access.
- User agents that consider such alerts or consent appropriate should only support such Key Systems on secure origins (see <a href="#privacy-secureorigin">Use Secure Origin and Transport</a>), especially if they allow such consent to be persisted.
- (Granting permissions to unauthenticated origins is equivalent to granting the permissions to any origin in the presence of a network attacker.)
- </dd>
-
- <dt>User controls to disable Key Systems or Key System use of identifiers</dt>
- <dd>User Agents could provide users with a global control of whether a Key System is enabled / disabled and/or whether Key System use of user / device identifiers is enabled or disabled (if supported by the Key System).</dd>
- </dl>
-
- <p>While these suggestions prevent trivial use of this feature for user tracking, they do not block it altogether. Within a single domain, a site can continue to track the user during a session, and can then pass all this information to a third party along with any identifying information (names, credit card numbers, addresses) obtained by the site. If a third party cooperates with multiple sites to obtain such information, and if identifiers are not per-origin, then a profile can still be created.</p>
- <p>It is important to note that identifiers that are non-clearable, non-origin-specific or hardware-bound exceed the tracking impact of existing techniques such as cookies or session identifiers embedded in URLs.</p>
- <p>Thus, in addition to the various mitigations described above, if a browser supports a mode of operation intended to preserve user anonymity, then User Agent implementers should carefully consider whether access to Key Systems should be disabled in this mode.</p>
- </section>
-
- <section id="privacy-storedinfo" typeof="bibo:Chapter" resource="#privacy-storedinfo" rel="bibo:Chapter">
- <h3 role="heading" id="h3_privacy-storedinfo"><span class="secno">7.5 </span>Information Stored on User Devices</h3>
- <p>Key Systems may store information on a user's device, or user agents may store information on behalf of Key Systems. Potentially, this could reveal information about a user to another user of the same device, including potentially the origins that have used a particular Key System (i.e. sites visited) or even the content that has been decrypted using a Key System.</p>
- <p>If information stored by one origin affects the operation of the Key System for another origin, then potentially the sites visited or content viewed by a user on one site may be revealed to another, potentially malicious, site.</p>
- <p>There are a number of techniques that can be used to mitigate these privacy risk to users:</p>
-
- <dl>
- <dt>Origin-specific Key System storage</dt>
- <dd>User agents may require that some or all of the Key System's persistently stored data is stored in an origin-specific way. Session data, licenses, and keys that are persistently stored should be stored per-origin.</dd>
-
- <dt>User deletion of Key System storage</dt>
- <dd>User agents may present the user with a way to delete Key System storage for a specific origin or all origins.</dd>
-
- <dt>Treating Key System stored data like cookies / Web Storage</dt>
- <dd>User agents should present the presence of persistent data stored by Key Systems to the user in a way that associates it strongly with HTTP session cookies and/or Web Storage. This might encourage users to view such data with healthy suspicion.</dd>
-
- <dt>Encryption or obfuscation of Key System stored data</dt>
- <dd>User agents should treat data stored by Key Systems as potentially sensitive; it is quite possible for user privacy to be compromised by the release of this information. To this end, user agents should ensure that such data is securely stored and when deleting data, it is promptly deleted from the underlying storage.</dd>
- </dl>
-
- <p>User agent and CDM implementations that allow the CDM to persist data should:</p>
- <ul>
- <li>Ensure it is restricted to the origin for which it was created.</li>
- <li>Ensure it is restricted to the current profile and does not leak to or from Incognito/Private Browsing sessions.</li>
- <li>Allow the user to clear it, preferably by origin.</li>
- <li>Treat it like other site data, including presenting it along with cookies, including it in "remove all data", and presenting it in the same UI locations.</li>
- </ul>
- </section>
-
- <section id="privacy-secureorigin" typeof="bibo:Chapter" resource="#privacy-secureorigin" rel="bibo:Chapter">
- <h3 role="heading" id="h3_privacy-secureorigin"><span class="secno">7.6 </span>Use Secure Origin and Transport</h3>
- <p>In order to protect identifiers and other information discussed in previous sections, user agents may choose to only support the EME APIs and/or specific Key Systems (i.e. based on privacy and security risks) on secure origins.
- This is especially important if a user agent chooses to support a Key System implementation that exposes identifiers or other such information without effectively anonymizing it in transit (i.e. without <a href="#identifier-encryption">encrypting identifiers</a>).
- </p>
- <p>Regardless of user agent limitations, applications should use secure transport (e.g. HTTPS) for all traffic containing messages from the CDM (i.e. all data passed from <code><a href="#dom-evt-message">message</a></code> events and to <code><a href="#widl-MediaKeySession-update-Promise-void--ArrayBuffer-ArrayBufferView-response">update()</a></code>).</p>
- <p>All user agents should properly handle Mixed Content [<cite><a class="bibref" href="#bib-MIXED-CONTENT">MIXED-CONTENT</a></cite>] to avoid exposure to insecure content or transport when the user agent or application wish to enforce secure origin and transport.</p>
- </section>
-
-
</section>
<section id="examples" class="informative" typeof="bibo:Chapter" resource="#examples" rel="bibo:Chapter">
- <!--OddPage--><h2 role="heading" id="h2_examples"><span class="secno">8. </span>Examples</h2><p><em>This section is non-normative.</em></p>
- <p>This section contains example solutions for various use cases using the proposed extensions.
- These are not the only solutions to these use cases.
- Video elements are used in the examples, but the same would apply to all media elements.
- In some cases, such as using synchronous XHR, the examples are simplified to keep the focus on the extensions.
- </p>
-
- <section id="example-source-and-key-known" typeof="bibo:Chapter" resource="#example-source-and-key-known" rel="bibo:Chapter">
- <h3 role="heading" id="h3_example-source-and-key-known"><span class="secno">8.1 </span>Source and Key Known at Page Load (Clear Key)</h3>
- <p class="exampledescription">In this simple example, the source file and <a href="#clear-key">clear-text license</a> are hard-coded in the page.
- Only one session will ever be created.</p>
-
- <div class="example"><div class="example-title"><span>Example 3</span></div><pre class="example highlight prettyprint prettyprinted"><span class="tag"><script></span><span class="pln">
+ <!--OddPage--><h2 role="heading" id="h2_examples"><span class="secno">8. </span>Examples</h2><p><em>This section is non-normative.</em></p>
+ <p>This section contains example solutions for various use cases using the proposed extensions.
+ These are not the only solutions to these use cases.
+ Video elements are used in the examples, but the same would apply to all media elements.
+ In some cases, such as using synchronous XHR, the examples are simplified to keep the focus on the extensions.
+ </p>
+
+ <section id="example-source-and-key-known" typeof="bibo:Chapter" resource="#example-source-and-key-known" rel="bibo:Chapter">
+ <h3 role="heading" id="h3_example-source-and-key-known"><span class="secno">8.1 </span>Source and Key Known at Page Load (Clear Key)</h3>
+ <p class="exampledescription">In this simple example, the source file and <a href="#clear-key">clear-text license</a> are hard-coded in the page.
+ Only one session will ever be created.</p>
+
+ <div class="example"><div class="example-title"><span>Example 3</span></div><pre class="example highlight prettyprint prettyprinted"><span class="tag"><script></span><span class="pln">
</span><span class="kwd">function</span><span class="pln"> load</span><span class="pun">()</span><span class="pln"> </span><span class="pun">{</span><span class="pln">
</span><span class="kwd">var</span><span class="pln"> video </span><span class="pun">=</span><span class="pln"> document</span><span class="pun">.</span><span class="pln">getElementById</span><span class="pun">(</span><span class="str">"video"</span><span class="pun">);</span><span class="pln">
@@ -2104,16 +2102,16 @@
</span><span class="tag"><body</span><span class="pln"> </span><span class="atn">onload</span><span class="pun">=</span><span class="atv">"</span><span class="pln">load</span><span class="pun">()</span><span class="atv">"</span><span class="tag">></span><span class="pln">
</span><span class="tag"><video</span><span class="pln"> </span><span class="atn">src</span><span class="pun">=</span><span class="atv">"foo.webm"</span><span class="pln"> </span><span class="atn">autoplay</span><span class="pln"> </span><span class="atn">id</span><span class="pun">=</span><span class="atv">"video"</span><span class="tag">></video></span><span class="pln">
</span><span class="tag"></body></span></pre></div>
- </section>
-
- <section id="example-selecting-key-system" typeof="bibo:Chapter" resource="#example-selecting-key-system" rel="bibo:Chapter">
- <h3 role="heading" id="h3_example-selecting-key-system"><span class="secno">8.2 </span>Selecting a Supported Key System and Using Initialization Data from the <code><a href="#dom-evt-encrypted">encrypted</a></code> Event</h3>
- <p class="exampledescription">This example selects a supported <a href="#key-system">Key System</a> using the <code><a href="#widl-MediaKeys-isTypeSupported-IsTypeSupportedResult-DOMstring-keySystem-DOMString-initDataType-DOMString-contentType-DOMString-capability">isTypeSupported()</a></code> method then uses
- the <a href="#initialization-data">Initialization Data</a> from the <a href="http://www.w3.org/TR/html5/embedded-content-0.html#media-data">media data</a> to generate the license request and send it to the appropriate license server.
- One of the supported key systems uses a serverCertificate, which is provided proactively.
- </p>
-
- <div class="example"><div class="example-title"><span>Example 4</span></div><pre class="example highlight prettyprint prettyprinted"><span class="tag"><script></span><span class="pln">
+ </section>
+
+ <section id="example-selecting-key-system" typeof="bibo:Chapter" resource="#example-selecting-key-system" rel="bibo:Chapter">
+ <h3 role="heading" id="h3_example-selecting-key-system"><span class="secno">8.2 </span>Selecting a Supported Key System and Using Initialization Data from the <code><a href="#dom-evt-encrypted">encrypted</a></code> Event</h3>
+ <p class="exampledescription">This example selects a supported <a href="#key-system">Key System</a> using the <code><a href="#widl-MediaKeys-isTypeSupported-IsTypeSupportedResult-DOMstring-keySystem-DOMString-initDataType-DOMString-contentType-DOMString-capability">isTypeSupported()</a></code> method then uses
+ the <a href="#initialization-data">Initialization Data</a> from the <a href="http://www.w3.org/TR/html5/embedded-content-0.html#media-data">media data</a> to generate the license request and send it to the appropriate license server.
+ One of the supported key systems uses a serverCertificate, which is provided proactively.
+ </p>
+
+ <div class="example"><div class="example-title"><span>Example 4</span></div><pre class="example highlight prettyprint prettyprinted"><span class="tag"><script></span><span class="pln">
</span><span class="kwd">var</span><span class="pln"> keySystem</span><span class="pun">;</span><span class="pln">
</span><span class="kwd">var</span><span class="pln"> licenseUrl</span><span class="pun">;</span><span class="pln">
</span><span class="kwd">var</span><span class="pln"> serverCertificate</span><span class="pun">;</span><span class="pln">
@@ -2194,16 +2192,16 @@
</span><span class="tag"></script></span><span class="pln">
</span><span class="tag"><video</span><span class="pln"> </span><span class="atn">src</span><span class="pun">=</span><span class="atv">"foo.webm"</span><span class="pln"> </span><span class="atn">autoplay</span><span class="pln"> </span><code><a href="#widl-HTMLMediaElement-onencrypted">onencrypted</a></code><span class="pun">=</span><span class="atv">"handleInitData(event)"</span><span class="tag">></video></span></pre></div>
- </section>
-
- <section id="example-mediakeys-before-source" typeof="bibo:Chapter" resource="#example-mediakeys-before-source" rel="bibo:Chapter">
- <h3 role="heading" id="h3_example-mediakeys-before-source"><span class="secno">8.3 </span>Create MediaKeys Before Loading Media</h3>
- <p class="exampledescription">Initialization is much simpler if encrypted events do not need to be handled during MediaKeys initialization.
- This can be accomplished either by providing the <a href="#initialization-data">Initialization Data</a> in other ways or setting the source after the MediaKeys object has been created.
- This example does the latter.
- </p>
-
- <div class="example"><div class="example-title"><span>Example 5</span></div><pre class="example highlight prettyprint prettyprinted"><span class="tag"><script></span><span class="pln">
+ </section>
+
+ <section id="example-mediakeys-before-source" typeof="bibo:Chapter" resource="#example-mediakeys-before-source" rel="bibo:Chapter">
+ <h3 role="heading" id="h3_example-mediakeys-before-source"><span class="secno">8.3 </span>Create MediaKeys Before Loading Media</h3>
+ <p class="exampledescription">Initialization is much simpler if encrypted events do not need to be handled during MediaKeys initialization.
+ This can be accomplished either by providing the <a href="#initialization-data">Initialization Data</a> in other ways or setting the source after the MediaKeys object has been created.
+ This example does the latter.
+ </p>
+
+ <div class="example"><div class="example-title"><span>Example 5</span></div><pre class="example highlight prettyprint prettyprinted"><span class="tag"><script></span><span class="pln">
</span><span class="kwd">var</span><span class="pln"> keySystem</span><span class="pun">;</span><span class="pln">
</span><span class="kwd">var</span><span class="pln"> licenseUrl</span><span class="pun">;</span><span class="pln">
</span><span class="kwd">var</span><span class="pln"> serverCertificate</span><span class="pun">;</span><span class="pln">
@@ -2234,14 +2232,14 @@
</span><span class="tag"></script></span><span class="pln">
</span><span class="tag"><video</span><span class="pln"> </span><span class="atn">id</span><span class="pun">=</span><span class="atv">"v"</span><span class="pln"> </span><span class="atn">autoplay</span><span class="pln"> </span><code><a href="#widl-HTMLMediaElement-onencrypted">onencrypted</a></code><span class="pun">=</span><span class="atv">"handleInitData(event)"</span><span class="tag">></video></span></pre></div>
- </section>
-
- <section id="example-using-all-events" typeof="bibo:Chapter" resource="#example-using-all-events" rel="bibo:Chapter">
- <h3 role="heading" id="h3_example-using-all-events"><span class="secno">8.4 </span>Using All Events</h3>
- <p class="exampledescription">This is a more complete example showing all events being used.</p>
- <p class="exampledescription">Note that <code>handleMessage()</code> could be called multiple times, including in response to the <code><a href="#widl-MediaKeySession-update-Promise-void--ArrayBuffer-ArrayBufferView-response">update()</a></code> call if multiple round trips are required and for any other reason the Key System might need to send a message.</p>
-
- <div class="example"><div class="example-title"><span>Example 6</span></div><pre class="example highlight prettyprint prettyprinted"><span class="tag"><script></span><span class="pln">
+ </section>
+
+ <section id="example-using-all-events" typeof="bibo:Chapter" resource="#example-using-all-events" rel="bibo:Chapter">
+ <h3 role="heading" id="h3_example-using-all-events"><span class="secno">8.4 </span>Using All Events</h3>
+ <p class="exampledescription">This is a more complete example showing all events being used.</p>
+ <p class="exampledescription">Note that <code>handleMessage()</code> could be called multiple times, including in response to the <code><a href="#widl-MediaKeySession-update-Promise-void--ArrayBuffer-ArrayBufferView-response">update()</a></code> call if multiple round trips are required and for any other reason the Key System might need to send a message.</p>
+
+ <div class="example"><div class="example-title"><span>Example 6</span></div><pre class="example highlight prettyprint prettyprinted"><span class="tag"><script></span><span class="pln">
</span><span class="kwd">var</span><span class="pln"> keySystem</span><span class="pun">;</span><span class="pln">
</span><span class="kwd">var</span><span class="pln"> licenseUrl</span><span class="pun">;</span><span class="pln">
</span><span class="kwd">var</span><span class="pln"> serverCertificate</span><span class="pun">;</span><span class="pln">
@@ -2324,13 +2322,13 @@
</span><span class="tag"></script></span><span class="pln">
</span><span class="tag"><video</span><span class="pln"> </span><span class="atn">id</span><span class="pun">=</span><span class="atv">"v"</span><span class="pln"> </span><span class="atn">autoplay</span><span class="pln"> </span><code><a href="#widl-HTMLMediaElement-onencrypted">onencrypted</a></code><span class="pun">=</span><span class="atv">"handleInitData(event)"</span><span class="tag">></video></span></pre></div>
- </section>
-
- <section id="example-stored-license" typeof="bibo:Chapter" resource="#example-stored-license" rel="bibo:Chapter">
- <h3 role="heading" id="h3_example-stored-license"><span class="secno">8.5 </span>Stored License</h3>
- <p class="exampledescription">This example requests a persistent license for future use and stores it. It also provides functions for later retrieving the license and for destroying it.</p>
-
- <div class="example"><div class="example-title"><span>Example 7</span></div><pre class="example highlight prettyprint prettyprinted"><span class="tag"><script></span><span class="pln">
+ </section>
+
+ <section id="example-stored-license" typeof="bibo:Chapter" resource="#example-stored-license" rel="bibo:Chapter">
+ <h3 role="heading" id="h3_example-stored-license"><span class="secno">8.5 </span>Stored License</h3>
+ <p class="exampledescription">This example requests a persistent license for future use and stores it. It also provides functions for later retrieving the license and for destroying it.</p>
+
+ <div class="example"><div class="example-title"><span>Example 7</span></div><pre class="example highlight prettyprint prettyprinted"><span class="tag"><script></span><span class="pln">
</span><span class="kwd">var</span><span class="pln"> keySystem</span><span class="pun">;</span><span class="pln">
</span><span class="kwd">var</span><span class="pln"> licenseUrl</span><span class="pun">;</span><span class="pln">
</span><span class="kwd">var</span><span class="pln"> serverCertificate</span><span class="pun">;</span><span class="pln">
@@ -2427,78 +2425,78 @@
</span><span class="tag"></script></span><span class="pln">
</span><span class="tag"><video</span><span class="pln"> </span><span class="atn">id</span><span class="pun">=</span><span class="atv">"v"</span><span class="pln"> </span><span class="atn">src</span><span class="pun">=</span><span class="atv">"foo.webm"</span><span class="pln"> </span><span class="atn">autoplay</span><span class="tag">></video></span></pre></div>
- </section>
+ </section>
</section>
<section id="revision-history" typeof="bibo:Chapter" resource="#revision-history" rel="bibo:Chapter">
- <!--OddPage--><h2 role="heading" id="h2_revision-history"><span class="secno">9. </span>Revision History</h2>
- <table class="old-table">
- <thead>
- <tr>
- <th>Version</th>
- <th>Comment</th>
- </tr>
- </thead>
- <tbody>
- <tr>
- <td>10 October 2014</td>
- <td>Converted to ReSpec.</td>
- </tr>
- <tr>
- <td><a href="http://dvcs.w3.org/hg/html-media/raw-file/a291ac57bad3/encrypted-media/encrypted-media.html">3 September 2014</a></td>
- <td>Reorganized by object.</td>
- </tr>
- <tr>
- <td><a href="http://dvcs.w3.org/hg/html-media/raw-file/3a5e8f5332a2/encrypted-media/encrypted-media.html">27 August 2014</a></td>
- <td>Moved license request generation and session loading to MediaKeySession.</td>
- </tr>
- <tr>
- <td><a href="http://dvcs.w3.org/hg/html-media/raw-file/9a94854a5999/encrypted-media/encrypted-media.html">18 August 2014</a></td>
- <td>Produced candidate WD.</td>
- </tr>
- <tr>
- <td><a href="https://dvcs.w3.org/hg/html-media/raw-file/9842af174b80/encrypted-media/encrypted-media.html">14 April 2014</a></td>
- <td>Use promises.</td>
- </tr>
- <tr>
- <td><a href="http://dvcs.w3.org/hg/html-media/raw-file/ef65c237d053/encrypted-media/encrypted-media.html">1 April 2014</a></td>
- <td>Moved Container Guidelines to the <a href="initdata-format-registry.html">Encrypted Media Extensions Stream Format and Initialization Data Format Registry</a>.</td>
- </tr>
- <tr>
- <td><a href="http://dvcs.w3.org/hg/html-media/raw-file/11245f9516cf/encrypted-media/encrypted-media.html">3 February 2014</a></td>
- <td>Produced candidate WD.</td>
- </tr>
- <tr>
- <td>17 September 2013</td>
- <td>Produced candidate WD.</td>
- </tr>
- <tr>
- <td>6 May 2013</td>
- <td>Produced updated candidate FPWD.</td>
- </tr>
- <tr>
- <td>14 January 2013</td>
- <td>Produced candidate FPWD.</td>
- </tr>
- <tr>
- <td>16 August 2012</td>
- <td>Converted to the object-oriented API.</td>
- </tr>
- <tr>
- <td><a href="http://dvcs.w3.org/hg/html-media/raw-file/eme-v0.1b/encrypted-media/encrypted-media.html">0.1b</a></td>
- <td>Last non-object-oriented revision.</td>
- </tr>
- <tr>
- <td><a href="http://dvcs.w3.org/hg/html-media/raw-file/eme-v0.1a/encrypted-media/encrypted-media.html">0.1a</a></td>
- <td>Corrects minor mistakes in 0.1.</td>
- </tr>
- <tr>
- <td><a href="http://dvcs.w3.org/hg/html-media/raw-file/eme-v0.1/encrypted-media/encrypted-media.html">0.1</a></td>
- <td>Initial Proposal</td>
- </tr>
- </tbody>
- </table>
+ <!--OddPage--><h2 role="heading" id="h2_revision-history"><span class="secno">9. </span>Revision History</h2>
+ <table class="old-table">
+ <thead>
+ <tr>
+ <th>Version</th>
+ <th>Comment</th>
+ </tr>
+ </thead>
+ <tbody>
+ <tr>
+ <td>10 October 2014</td>
+ <td>Converted to ReSpec.</td>
+ </tr>
+ <tr>
+ <td><a href="http://dvcs.w3.org/hg/html-media/raw-file/a291ac57bad3/encrypted-media/encrypted-media.html">3 September 2014</a></td>
+ <td>Reorganized by object.</td>
+ </tr>
+ <tr>
+ <td><a href="http://dvcs.w3.org/hg/html-media/raw-file/3a5e8f5332a2/encrypted-media/encrypted-media.html">27 August 2014</a></td>
+ <td>Moved license request generation and session loading to MediaKeySession.</td>
+ </tr>
+ <tr>
+ <td><a href="http://dvcs.w3.org/hg/html-media/raw-file/9a94854a5999/encrypted-media/encrypted-media.html">18 August 2014</a></td>
+ <td>Produced candidate WD.</td>
+ </tr>
+ <tr>
+ <td><a href="https://dvcs.w3.org/hg/html-media/raw-file/9842af174b80/encrypted-media/encrypted-media.html">14 April 2014</a></td>
+ <td>Use promises.</td>
+ </tr>
+ <tr>
+ <td><a href="http://dvcs.w3.org/hg/html-media/raw-file/ef65c237d053/encrypted-media/encrypted-media.html">1 April 2014</a></td>
+ <td>Moved Container Guidelines to the <a href="initdata-format-registry.html">Encrypted Media Extensions Stream Format and Initialization Data Format Registry</a>.</td>
+ </tr>
+ <tr>
+ <td><a href="http://dvcs.w3.org/hg/html-media/raw-file/11245f9516cf/encrypted-media/encrypted-media.html">3 February 2014</a></td>
+ <td>Produced candidate WD.</td>
+ </tr>
+ <tr>
+ <td>17 September 2013</td>
+ <td>Produced candidate WD.</td>
+ </tr>
+ <tr>
+ <td>6 May 2013</td>
+ <td>Produced updated candidate FPWD.</td>
+ </tr>
+ <tr>
+ <td>14 January 2013</td>
+ <td>Produced candidate FPWD.</td>
+ </tr>
+ <tr>
+ <td>16 August 2012</td>
+ <td>Converted to the object-oriented API.</td>
+ </tr>
+ <tr>
+ <td><a href="http://dvcs.w3.org/hg/html-media/raw-file/eme-v0.1b/encrypted-media/encrypted-media.html">0.1b</a></td>
+ <td>Last non-object-oriented revision.</td>
+ </tr>
+ <tr>
+ <td><a href="http://dvcs.w3.org/hg/html-media/raw-file/eme-v0.1a/encrypted-media/encrypted-media.html">0.1a</a></td>
+ <td>Corrects minor mistakes in 0.1.</td>
+ </tr>
+ <tr>
+ <td><a href="http://dvcs.w3.org/hg/html-media/raw-file/eme-v0.1/encrypted-media/encrypted-media.html">0.1</a></td>
+ <td>Initial Proposal</td>
+ </tr>
+ </tbody>
+ </table>
</section>