[Webkit-unassigned] [Bug 17150] New: safe <img src=data:...> should not mark <canvas> unsafe
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Sat Feb 2 02:27:21 PST 2008
http://bugs.webkit.org/show_bug.cgi?id=17150
Summary: safe <img src=data:...> should not mark <canvas> unsafe
Product: WebKit
Version: 525+ (Nightly build)
Platform: PC
OS/Version: Mac OS X 10.5
Status: UNCONFIRMED
Severity: Normal
Priority: P2
Component: Layout and Rendering
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: annevankesteren+webkit at gmail.com
There are two types of <img> elements that represent a data: URI. Those that
are safe, and those that are unsafe. Safe <img> elements loading a data: URI
are all images represented by a data: URI that did not have their redirection
chain go cross-site first.
The HTML5 origin policy is currently unclear on this matter as it does not
distinguish these image types.
This bug is important to fix as it will allow sites to export the <canvas>
using toDataURL(), safe it somewhere, and then later import it again, and
export it, et cetera (round tripping).
--
Configure bugmail: http://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the webkit-unassigned
mailing list