[Webkit-unassigned] [Bug 129172] New: Data URLs in UTF8-format "taint" canvas as cross-origin
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Fri Feb 21 14:53:57 PST 2014
https://bugs.webkit.org/show_bug.cgi?id=129172
Summary: Data URLs in UTF8-format "taint" canvas as
cross-origin
Product: WebKit
Version: 528+ (Nightly build)
Platform: Unspecified
OS/Version: Unspecified
Status: NEW
Severity: Normal
Priority: P2
Component: Canvas
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: boydb at midnightdesign.ws
Created an attachment (id=224914)
--> (https://bugs.webkit.org/attachment.cgi?id=224914&action=review)
Test case for bug
Related to Bug 108755 (https://bugs.webkit.org/show_bug.cgi?id=108755) that case seems to have resolved the issue for Data URLs that use base64-encoding, however when using a Data URL in utf8-encoding with SVG data, the same "SecurityError: DOM Exception 18: An attempt was made to break through the security policy of the user agent." is thrown.
To reproduce:
1. Open the attached test case.
OR
1. Generate an SVG image.
2. Add "data:image/svg+xml;utf8," as a prefix to turn it into a Data URL and set is as the "src" of an image
3. Paint that image onto a Canvas and try to call toDataURL() on it.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list