[whatwg] Minor addition/rewording for canvas section
Mathieu HENRI
p01 at opera.com
Fri Jan 18 02:55:16 PST 2008
Anne van Kesteren wrote:
> On Sun, 13 Jan 2008 14:13:52 +0100, Oliver Hunt <oliver at apple.com> wrote:
>> I did wonder about why other origins could read anything myself, so
>> you're not alone -- it just seemed especially odd to allow images to
>> be written safely but not ImageData.
>
> ImageData is always safe as you create it yourself.
To clarify this very point:
An ImageData is always safe because:
* getImageData(...) must throw a Security Violation exception when called on a
tainted Canvas.
* it is created manually, and other same origin policies prevent information
leak in to it.
--
Mathieu 'p01' HENRI
JavaScript developer, Opera Software ASA
More information about the whatwg
mailing list