Calling getImageData() on the canvas's context.If the foreign content comes from an image obtained from either as HTMLCanvasElement or ImageBitMap, and the image source doesn't meet the same origin rules, attempts to read the canvas's contents are blocked.Ĭalling any of the following on a tainted canvas will result in an error: If the source of the foreign content is an HTML or SVG element, attempting to retrieve the contents of the canvas isn't allowed. A tainted canvas is one which is no longer considered secure, and any attempts to retrieve image data back from the canvas will cause an exception to be thrown.
Allowing cross-origin use of images and canvasīecause the pixels in a canvas's bitmap can come from a variety of sources, including images or videos retrieved from other hosts, it's inevitable that security problems may arise.Īs soon as you draw into a canvas any data that was loaded from another origin without CORS approval, the canvas becomes tainted.HTML table advanced features and accessibility.From object to iframe - other embedding technologies.Assessment: Structuring a page of content.
0 kommentar(er)
