[html5] r1210 - /

whatwg at whatwg.org whatwg at whatwg.org
Sun Feb 10 14:21:53 PST 2008 

Author: ianh
Date: 2008-02-10 14:21:51 -0800 (Sun, 10 Feb 2008)
New Revision: 1210

Modified:
   index
   source
Log:
[gow] (2) Make sure to also mention strokeStyle as a cross-domain attack vector.

Modified: index
===================================================================
--- index	2008-02-10 09:13:58 UTC (rev 1209)
+++ index	2008-02-10 22:21:51 UTC (rev 1210)
@@ -17952,6 +17952,24 @@
      href="#canvaspattern0">CanvasPattern</a></code> object that was created
      from an <code><a href="#htmlcanvaselement">HTMLCanvasElement</a></code>
      whose <i>origin-clean</i> flag is false.
+
+   <li>
+    <p>The element's 2D context's <code title=dom-context-2d-strokeStyle><a
+     href="#strokestyle">strokeStyle</a></code> attribute is set to a
+     <code><a href="#canvaspattern0">CanvasPattern</a></code> object that was
+     created from an <code><a
+     href="#htmlimageelement">HTMLImageElement</a></code> whose <a
+     href="#origin0">origin</a> differs from that of the
+     <code>Document</code> object that owns the <code><a
+     href="#canvas">canvas</a></code> element.
+
+   <li>
+    <p>The element's 2D context's <code title=dom-context-2d-strokeStyle><a
+     href="#strokestyle">strokeStyle</a></code> attribute is set to a
+     <code><a href="#canvaspattern0">CanvasPattern</a></code> object that was
+     created from an <code><a
+     href="#htmlcanvaselement">HTMLCanvasElement</a></code> whose
+     <i>origin-clean</i> flag is false.
   </ul>
 
   <p>Whenever the <code title=dom-canvas-toDataURL><a

Modified: source
===================================================================
--- source	2008-02-10 09:13:58 UTC (rev 1209)
+++ source	2008-02-10 22:21:51 UTC (rev 1210)
@@ -15573,6 +15573,19 @@
    <code>HTMLCanvasElement</code> whose <i>origin-clean</i> flag is
    false.</p></li>
 
+   <li><p>The element's 2D context's <code
+   title="dom-context-2d-strokeStyle">strokeStyle</code> attribute is
+   set to a <code>CanvasPattern</code> object that was created from an
+   <code>HTMLImageElement</code> whose <span>origin</span> differs
+   from that of the <code>Document</code> object that owns the
+   <code>canvas</code> element.</p></li>
+
+   <li><p>The element's 2D context's <code
+   title="dom-context-2d-strokeStyle">strokeStyle</code> attribute is
+   set to a <code>CanvasPattern</code> object that was created from an
+   <code>HTMLCanvasElement</code> whose <i>origin-clean</i> flag is
+   false.</p></li>
+
   </ul>
 
   <p>Whenever the <code

More information about the Commit-Watchers mailing list