[Webkit-unassigned] [Bug 69044] Canvas drawElement() security issues
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Fri Oct 7 13:54:02 PDT 2011
https://bugs.webkit.org/show_bug.cgi?id=69044
--- Comment #26 from Ian 'Hixie' Hickson <ian at hixie.ch> 2011-10-07 13:54:02 PST ---
(In reply to comment #24)
> One compelling use case I've heard for this feature is the "eye dropper" tool
Browsers could just add eye dropper functionality to <input type=color>.
> ...highly polished magazine... ...turning a page...
Can we fix that by providing sufficient primitives to allow the page to define what the rendering should be without the page actually executing the rendering itself? Some advanced version of CSS transitions?
(In reply to comment #25)
> Other use cases:
> * thumbnails of slides ... even when ... removed from the DOM
removed from the DOM and gone entirely, or removed from the DOM but kept alive? i.e. is it caching the picture because it's the only memory of the slide that it'll have, or...? That is, why is "removed from the DOM" a requirement?
> * a graphics editor that wants to show snapshots for the states in an undo stack
A vector graphics editor using SVG for local rendering, I assume. For this case, maybe we can have some mechanism for rendering a snapshot in a sandbox that has no network (at all), no history, no plugins, no user profile (so no customised spelling corrections), a globally-defined default "locale", etc. Dunno how you'd handle Web fonts or embedded bitmaps. Maybe pass in some blobs to define a minimal set of resources that can be accessed?
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list