[Webkit-unassigned] [Bug 17150] safe <img src=data:...> should not mark <canvas> unsafe

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Tue Jul 1 10:12:12 PDT 2008


------- Comment #7 from collinj at webkit.org  2008-07-01 10:12 PDT -------
(In reply to comment #6)
> I was only referring to the data: url case.  In general, I believe we need to
> base our tainting policy on the resolved URL.

For data: URLs, since the resolved URL has ambiguous taint, would it be
possible to use the second-to-last URL in the redirect chain? (the one that
provided a redirect to the ambiguous data: URL) Are there any cases where the
second-to-last URL would also be ambiguous?

Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

More information about the webkit-unassigned mailing list