New issue
Advanced search Search tips
Starred by 1 user
Status: Fixed
Closed: Dec 2016
EstimatedDays: ----
NextAction: ----
OS: All
Pri: 1
Type: Feature

issue 563816

Sign in to add a comment
OffscreenCanvas commit() must propagate the origin-clean flag to the placeholder canvas
Project Member Reported by, Dec 12 2016 Back to list
The commit() method's implementation fails to propagate the tainting of the offscreen canvas, which makes it possible to leak cross-origin data by doing a readback on the placeholder canvas.  OffscreenCanvas may not ship without fixing this.
Comment 1 by, Dec 12 2016
Labels: -Type-Bug Type-Feature
Comment 2 by, Dec 12 2016
Status: Started
Project Member Comment 3 by, Dec 13 2016
The following revision refers to this bug:

commit 0eea57f836fb2551563e1f18d5e91215bf0f5150
Author: junov <>
Date: Tue Dec 13 15:25:45 2016

Make OffscreenCanvas commit() propagate the origin-clean flag.

This change block user code from accessing cross-origin image data
from a placeholder canvas. The placeholder code was modified to
use StaticBitmapImage instead of Image to gain access to the
originClean() method without downcasting.

BUG= 673348 

Cr-Commit-Position: refs/heads/master@{#438172}


Comment 4 by, Dec 13 2016
Status: Fixed
Sign in to add a comment