[Webkit-unassigned] [Bug 237818] New: Canvas export fails due to security reasons because of CanvasPattern

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Sun Mar 13 04:21:03 PDT 2022


https://bugs.webkit.org/show_bug.cgi?id=237818

            Bug ID: 237818
           Summary: Canvas export fails due to security reasons because of
                    CanvasPattern
           Product: WebKit
           Version: Safari 15
          Hardware: Unspecified
                OS: macOS 12
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: Canvas
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: thanwords24 at gmail.com
                CC: dino at apple.com

Export fails with error: 'Operation is insecure' when canvas is being filled with pattern, which was created using an image from the same origin. Chrome does not have this issue.

Steps to Reproduce:
- Get an image from the same origin (header 'Access-Control-Allow-Origin: *' must not be present)
- Wait for its load
- Create CanvasPattern using the image
- Fill the canvas with created pattern
- Try to use canvas.toBlob() and it'll fail with 'operation is insecure'

Example: https://jsfiddle.net/morethanwords/4u0L5gdn/54/

Temporary solution: draw the image to additional canvas and create the pattern using the canvas, instead of image.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20220313/a3cfe1f4/attachment-0001.htm>


More information about the webkit-unassigned mailing list