[Webkit-unassigned] [Bug 131033] Security Policy error when using SVG image + foreign object as a WebGL texture

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Tue Apr 1 07:01:38 PDT 2014


--- Comment #2 from Frédéric Wang <fred.wang at free.fr>  2014-04-01 07:01:56 PST ---
Created an attachment (id=228283)
 --> (https://bugs.webkit.org/attachment.cgi?id=228283&action=review)

So I just read the code and the problem is that SVGImage::hasSingleSecurityOrigin() returns false whenever the SVG image contains a foreign object:

// Don't allow foreignObject elements since they can leak information with arbitrary HTML (like spellcheck or control theme).
if (descendantsOfType<SVGForeignObjectElement>(*rootElement).first())
  return false;

If I remove these lines, the following example renders correctly (modulo bug 126516... on which I'm working on in bug 119038):

What about relaxing the condition and allowing foreignObject with MathML content?

Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the webkit-unassigned mailing list