[whatwg] Canvas 2D Context Proposal: resetOriginClean
chuck at jumis.com
Tue Apr 20 04:18:32 PDT 2010
There does not seem to be a standard method of requesting elevated
where local file access or cross-domain file access is required.
Currently, one must create a duplicate origin-clean Canvas element
to copy image data from a dirty element after privilege escalation.
throws SECURITY_ERR exception
When resetOriginClean is executed, an implementation shall request elevated
privileges, and if granted, set the origin-clean flag of the canvas
element to true.
Section 22.214.171.124 Security with canvas elements
Information leakage can occur if scripts from one origin can access
information (e.g. read pixels) from images from another origin (one that
isn't the same).
To mitigate this, canvas elements are defined to have a flag indicating
whether they are origin-clean. All canvas elements must start with their
origin-clean set to true.
More information about the whatwg