New issue
Advanced search Search tips
Starred by 3 users

Issue metadata

Status: Fixed
Owner:
Closed: Jul 2016
Cc:
Components:
EstimatedDays: ----
NextAction: ----
OS: All
Pri: 2
Type: Feature

Blocked on:
issue 563826
issue 563868
issue 607575

Blocking:
issue 563816
issue 606925



Sign in to add a comment

Implement content security in OffscreenCanvas

Project Member Reported by junov@chromium.org, Dec 1 2015 Back to list

Issue description

OffscreenCanvas should have an origin-claen flag.
It should be tainted based on the same rules as <canvas>.
transferToImageBitmap() propagates the tainting.

 

Comment 1 by junov@chromium.org, Dec 1 2015

Blocking: chromium:563816

Comment 2 by xlai@chromium.org, Apr 26 2016

Labels: -OffscreenCanvas OffScreenCanvas
Status: Started (was: Assigned)

Comment 3 by xlai@chromium.org, Apr 26 2016

Blocking: 606925

Comment 4 by xlai@chromium.org, Apr 26 2016

junov@: Do we want to re-use the disableReadingFromCanvas flag in OffscreenCanvas as well? Or create a new flag?

Comment 5 by junov@chromium.org, Apr 27 2016

As discussed, same flag sgtm.
Project Member

Comment 6 by bugdroid1@chromium.org, May 2 2016

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/23378f8baae5d52320bb4652984b3f045f0bd95e

commit 23378f8baae5d52320bb4652984b3f045f0bd95e
Author: xlai <xlai@chromium.org>
Date: Mon May 02 18:33:02 2016

Add drawImage() originClean() getSecurityOrigin() to OffscreenCanvas

This patch adds m_originClean flag to OffscreenCanvas and
 ensures that OCRC2D also use the value of this flag instead
of keeping its own redundant copy. It propagates the value of
 originClean in transferToImageBitmap().

This patch also expose drawImage() API functions in ORCRC2D in workers.

BUG= 563870 ,  563856 

Review-Url: https://codereview.chromium.org/1928043002
Cr-Commit-Position: refs/heads/master@{#391002}

[modify] https://crrev.com/23378f8baae5d52320bb4652984b3f045f0bd95e/third_party/WebKit/LayoutTests/TestExpectations
[add] https://crrev.com/23378f8baae5d52320bb4652984b3f045f0bd95e/third_party/WebKit/LayoutTests/fast/canvas/OffscreenCanvas-2d-drawImage-in-worker-expected.html
[add] https://crrev.com/23378f8baae5d52320bb4652984b3f045f0bd95e/third_party/WebKit/LayoutTests/fast/canvas/OffscreenCanvas-2d-drawImage-in-worker.html
[add] https://crrev.com/23378f8baae5d52320bb4652984b3f045f0bd95e/third_party/WebKit/LayoutTests/http/tests/security/cross-origin-OffscreenCanvas2D-transferToImageBitmap-expected.txt
[add] https://crrev.com/23378f8baae5d52320bb4652984b3f045f0bd95e/third_party/WebKit/LayoutTests/http/tests/security/cross-origin-OffscreenCanvas2D-transferToImageBitmap.html
[modify] https://crrev.com/23378f8baae5d52320bb4652984b3f045f0bd95e/third_party/WebKit/LayoutTests/http/tests/serviceworker/webexposed/global-interface-listing-service-worker-expected.txt
[modify] https://crrev.com/23378f8baae5d52320bb4652984b3f045f0bd95e/third_party/WebKit/LayoutTests/webexposed/global-interface-listing-dedicated-worker-expected.txt
[modify] https://crrev.com/23378f8baae5d52320bb4652984b3f045f0bd95e/third_party/WebKit/LayoutTests/webexposed/global-interface-listing-shared-worker-expected.txt
[modify] https://crrev.com/23378f8baae5d52320bb4652984b3f045f0bd95e/third_party/WebKit/Source/core/offscreencanvas/OffscreenCanvas.cpp
[modify] https://crrev.com/23378f8baae5d52320bb4652984b3f045f0bd95e/third_party/WebKit/Source/core/offscreencanvas/OffscreenCanvas.h
[modify] https://crrev.com/23378f8baae5d52320bb4652984b3f045f0bd95e/third_party/WebKit/Source/modules/canvas2d/BaseRenderingContext2D.cpp
[modify] https://crrev.com/23378f8baae5d52320bb4652984b3f045f0bd95e/third_party/WebKit/Source/modules/canvas2d/BaseRenderingContext2D.h
[modify] https://crrev.com/23378f8baae5d52320bb4652984b3f045f0bd95e/third_party/WebKit/Source/modules/canvas2d/CanvasRenderingContext2D.h
[modify] https://crrev.com/23378f8baae5d52320bb4652984b3f045f0bd95e/third_party/WebKit/Source/modules/canvas2d/CanvasRenderingContext2D.idl
[modify] https://crrev.com/23378f8baae5d52320bb4652984b3f045f0bd95e/third_party/WebKit/Source/modules/canvas2d/CanvasRenderingContext2DTest.cpp
[modify] https://crrev.com/23378f8baae5d52320bb4652984b3f045f0bd95e/third_party/WebKit/Source/modules/csspaint/PaintRenderingContext2D.h
[modify] https://crrev.com/23378f8baae5d52320bb4652984b3f045f0bd95e/third_party/WebKit/Source/modules/csspaint/PaintRenderingContext2D.idl
[modify] https://crrev.com/23378f8baae5d52320bb4652984b3f045f0bd95e/third_party/WebKit/Source/modules/offscreencanvas2d/OffscreenCanvasRenderingContext2D.cpp
[modify] https://crrev.com/23378f8baae5d52320bb4652984b3f045f0bd95e/third_party/WebKit/Source/modules/offscreencanvas2d/OffscreenCanvasRenderingContext2D.h
[modify] https://crrev.com/23378f8baae5d52320bb4652984b3f045f0bd95e/third_party/WebKit/Source/modules/offscreencanvas2d/OffscreenCanvasRenderingContext2D.idl

Comment 7 by xlai@chromium.org, May 10 2016

Blockedon: 607575
To add the flag, need to make flags usable on worker thread.

Comment 8 by xlai@chromium.org, Jul 21 2016

Components: Blink>SecurityFeature
Labels: -OffScreenCanvas OffscreenCanvas

Comment 9 by xlai@chromium.org, Jul 27 2016

Status: Fixed (was: Started)
OffscreenCanvas::originClean() now has the same implementation as HTMLCanvasElement::originClean(). Both its 2d context and webgl context can look up this function when needed.

Sign in to add a comment