OLD | NEW |
| (Empty) |
1 <html> | |
2 <head> | |
3 <script> | |
4 if (window.testRunner) | |
5 testRunner.dumpAsText(); | |
6 | |
7 function log(msg) | |
8 { | |
9 document.getElementById('console').appendChild(document.createTextNode(msg +
"\n")); | |
10 } | |
11 | |
12 function draw() | |
13 { | |
14 var canvas = document.getElementById("canvas"); | |
15 var ctx = canvas.getContext("2d"); | |
16 ctx.drawImage(document.getElementById("img"), 0, 0); | |
17 | |
18 try { | |
19 var data = ctx.getImageData(20, 20, 290, 75); | |
20 log("FAIL: getImageData succeeded. Canvas not tainted."); | |
21 } catch (e) { | |
22 log("PASS: getImageData failed. Canvas tainted."); | |
23 } | |
24 } | |
25 </script> | |
26 </head> | |
27 <body> | |
28 <p>This tests that drawing a remote SVG image onto a canvas from a data URL | |
29 taints the canvas</p> | |
30 <pre id="console"></pre> | |
31 <canvas id="canvas" width="330" height="115"></canvas> | |
32 <img id="img" onload="draw()" src='data:image/svg+xml, | |
33 <svg xmlns="http://www.w3.org/2000/svg" | |
34 xmlns:xlink="http://www.w3.org/1999/xlink" | |
35 width="100" height="100"> | |
36 <image xlink:href="http://localhost:8000/security/resources/abe.png" | |
37 width="100" height="100"/> | |
38 </svg>'> | |
39 </body> | |
40 </html> | |
OLD | NEW |