[Webkit-unassigned] [Bug 29305] Canvas drawn with data URL image raises SECURITY_ERR when toDataUrl() called.
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Sep 16 21:35:26 PDT 2009
https://bugs.webkit.org/show_bug.cgi?id=29305
--- Comment #3 from Oliver Hunt <oliver at apple.com> 2009-09-16 21:35:26 PDT ---
(In reply to comment #2)
> (In reply to comment #1)
> > We should make sure to test svg data urls to make sure they don't get through.
>
> You mean something like data:text/svg,<svg>...
> ?
>
> Why shouldn't that get through?
The specific issue i think is that you can do
data:application/xml+svg,<svg><image src="evil.com"/></svg>
or whatever. However i *think* we would catch that as being a multi-origin
source. I think Sam's point was that we need to have a test that ensures the
correct restrictions are in place.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list