[webkit-dev] SVG images with foreignObject inside canvas
fred.wang at free.fr
Fri Apr 1 05:43:36 PDT 2016
After bug 119492, SVG images are allowed inside canvas without tainting
as long as they do not contain foreignObject. Two months ago, changeset
195614 landed to make this a bit more secure and the following FIXME
comment was added to SVGImage.cpp:
// FIXME: Once foreignObject elements within SVG images are updated to
not leak cross-origin data
// (e.g., visited links, spellcheck) we can remove the
SVGForeignObjectElement check here and
// research if we can remove the Image::hasSingleSecurityOrigin
Does anyone know if there is any plan / bug report for this?
The FIXME comment misses a bug number, I can not find any bug entry on
Bugzilla (only the related bug 91523 and bug 131033) and I don't have
access to bug 119492...
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 819 bytes
Desc: OpenPGP digital signature
More information about the webkit-dev