[Webkit-unassigned] [Bug 156176] Investigate letting foreignObject not taint the canvas when drawing svg into canvas.
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Apr 5 11:02:22 PDT 2016
https://bugs.webkit.org/show_bug.cgi?id=156176
--- Comment #2 from Philip Rogers <pdr at google.com> ---
@Frederic, on the webkit-dev thread you asked "Maybe it would be worth checking with them what was their rationale to remove that restriction and if it's worth following the same approach for Blink/WebKit...". I think we could remove this restriction today, but I do not trust our implementation of foreignObject to not leak data. This problem is specific to our implementation.
I think a path forward will be to have someone look very closely at <foreignObject> and the data it can leak, and then just flip the switch if it is safe (remove SVGImage::hasSingleSecurityOrigin). For WebKit, I would recommend asking someone on Apple's security team to sign off on this too. I support doing this, but it's risky; I haven't done it myself because there hasn't been enough user interest to justify it.
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.webkit.org/pipermail/webkit-unassigned/attachments/20160405/613ec188/attachment.html>
More information about the webkit-unassigned
mailing list