[Webkit-unassigned] [Bug 17150] safe <img src=data:...> should not mark <canvas> unsafe
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Jul 1 10:12:12 PDT 2008
https://bugs.webkit.org/show_bug.cgi?id=17150
------- Comment #7 from collinj at webkit.org 2008-07-01 10:12 PDT -------
(In reply to comment #6)
> I was only referring to the data: url case. In general, I believe we need to
> base our tainting policy on the resolved URL.
For data: URLs, since the resolved URL has ambiguous taint, would it be
possible to use the second-to-last URL in the redirect chain? (the one that
provided a redirect to the ambiguous data: URL) Are there any cases where the
second-to-last URL would also be ambiguous?
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the webkit-unassigned
mailing list