Expand on captureStream() for CORS-cross-origin media data

[foolip]

The description of captureStream() talks about "The contents of the track might become inaccessible to the current origin due to cross-origin protections." AFAICT it says nothing normative, and what is said is not specific enough to write cross-browser tests for.

The HTML spec doesn't have any per-track notion of cross-origin, it's the entire media element that's either CORS-same-origin or not. If a per-track notion is required by this spec, we need to talk about how to expose that on the AudioTrack and VideoTrack objects.

[alvestrand]

I would think that any track sourced from a HTMLMediaElement would have the same origin as the origin seen by the HTMMediaElement.
Reviewing the docs, I don't see an explicit statement about the origin of a MediaStreamTrack being observable or not (or indeed of whether it's possible to produce a MediaStreamTrack with a different origin). This may be an issue.

[a2sheppy]

I've put a note on the docs page for this on MDN that says that there's a possibility of an exception being thrown in the future although that doesn't currently happen etc: https://developer.mozilla.org/en-US/docs/Web/API/CanvasCaptureMediaStreamTrack/requestFrame#Usage_notes