DescriptionMerge 88489 - 2011-06-09 Kenneth Russell <kbr@google.com>
Reviewed by Adam Barth.
Disallow use of cross-domain media (images, video) in WebGL
https://bugs.webkit.org/show_bug.cgi?id=62257
Updated WebGL implementation to track recent spec updates in this area.
Tests: http/tests/security/webgl-remote-read-remote-image-allowed-with-credentials.html
http/tests/security/webgl-remote-read-remote-image-allowed.html
http/tests/security/webgl-remote-read-remote-image-blocked-no-crossorigin.html
* html/canvas/CanvasRenderingContext.cpp:
(WebCore::CanvasRenderingContext::wouldTaintOrigin):
(WebCore::CanvasRenderingContext::checkOrigin):
* html/canvas/CanvasRenderingContext.h:
(WebCore::CanvasRenderingContext::checkOrigin):
* html/canvas/WebGLRenderingContext.cpp:
(WebCore::WebGLRenderingContext::readPixels):
(WebCore::WebGLRenderingContext::texImage2D):
(WebCore::WebGLRenderingContext::videoFrameToImage):
(WebCore::WebGLRenderingContext::texSubImage2D):
* html/canvas/WebGLRenderingContext.h:
2011-06-09 Kenneth Russell <kbr@google.com>
Reviewed by Adam Barth.
Disallow use of cross-domain media (images, video) in WebGL
https://bugs.webkit.org/show_bug.cgi?id=62257
Updated origin-clean-conformance.html to track upstream version in
Khronos repository. Added new layout tests mirroring those added
in bug 61015 which verify that new CORS support for images is
working in the context of WebGL.
Verified new tests in WebKit and Chromium. Skipped tests on
platforms where WebGL is disabled.
* http/tests/canvas/webgl/origin-clean-conformance-expected.txt:
* http/tests/canvas/webgl/origin-clean-conformance.html:
* http/tests/security/webgl-remote-read-remote-image-allowed-expected.txt: Added.
* http/tests/security/webgl-remote-read-remote-image-allowed-with-credentials-expected.txt: Added.
* http/tests/security/webgl-remote-read-remote-image-allowed-with-credentials.html: Added.
* http/tests/security/webgl-remote-read-remote-image-allowed.html: Added.
* http/tests/security/webgl-remote-read-remote-image-blocked-no-crossorigin-expected.txt: Added.
* http/tests/security/webgl-remote-read-remote-image-blocked-no-crossorigin.html: Added.
* platform/gtk/Skipped:
* platform/mac-leopard/Skipped:
* platform/mac-wk2/Skipped:
* platform/qt/Skipped:
TBR=kbr@google.com
Committed: http://src.chromium.org/viewvc/chrome?view=rev&revision=88898
Patch Set 1 #Messages
Total messages: 1 (0 generated)
|