[Webkit-unassigned] [Bug 131033] Security Policy error when using SVG image + foreign object as a WebGL texture
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Apr 1 07:01:38 PDT 2014
https://bugs.webkit.org/show_bug.cgi?id=131033
--- Comment #2 from Frédéric Wang <fred.wang at free.fr> 2014-04-01 07:01:56 PST ---
Created an attachment (id=228283)
--> (https://bugs.webkit.org/attachment.cgi?id=228283&action=review)
Patch
So I just read the code and the problem is that SVGImage::hasSingleSecurityOrigin() returns false whenever the SVG image contains a foreign object:
// Don't allow foreignObject elements since they can leak information with arbitrary HTML (like spellcheck or control theme).
if (descendantsOfType<SVGForeignObjectElement>(*rootElement).first())
return false;
If I remove these lines, the following example renders correctly (modulo bug 126516... on which I'm working on in bug 119038):
http://www.maths-informatique-jeux.com/international/mathml-in-webgl/
What about relaxing the condition and allowing foreignObject with MathML content?
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list