[whatwg] Canvas 2D Context Proposal: resetOriginClean

Ian Hickson ian at hixie.ch
Thu Jul 29 15:37:12 PDT 2010


On Tue, 20 Apr 2010, Charles Pritchard wrote:
>
> There does not seem to be a standard method of requesting elevated 
> permissions where local file access or cross-domain file access is 
> required.

Requesting permissions from whom? The user is not in any place to make 
educated decisions about such things, the user agent can't know what's 
secure ahead of time, and the author can't be trusted. That doesn't leave 
many people. :-)


> Currently, one must create a duplicate origin-clean Canvas element to 
> copy image data from a dirty element after privilege escalation.

What is "privilege escalation"?


> Proposed method:
> CanvasRenderingContext2D
>    resetOriginClean
> throws SECURITY_ERR  exception
> 
> When resetOriginClean is executed, an implementation shall request 
> elevated privileges, and if granted, set the origin-clean flag of the 
> canvas element to true.

What's the use case?


On Fri, 23 Apr 2010, Charles Pritchard wrote:
> 
> Has there been progress on enabling Canvas origin-clean with 
> Cross-Origin Resource Sharing?

The plan is to start using CORS once it's well-established in XHR2.

-- 
Ian Hickson               U+1047E                )\._.,--....,'``.    fL
http://ln.hixie.ch/       U+263A                /,   _.. \   _\  ;`._ ,.
Things that are impossible just take longer.   `._.-(,_..'--(,_..'`-.;.'


More information about the whatwg mailing list