Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(968)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: third_party/WebKit/LayoutTests/http/tests/security/offscreencanvas-read-blocked-no-crossorigin.html

Issue 2570613002: Add OffscreenCanvas to ImageBitmapSource union typedef (Closed)
Patch Set: build fix Created 4 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « third_party/WebKit/LayoutTests/fast/canvas/canvas-createImageBitmap-invalid-args-in-workers-expected.txt ('k') | third_party/WebKit/Source/bindings/core/v8/BUILD.gn » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: third_party/WebKit/LayoutTests/http/tests/security/offscreencanvas-read-blocked-no-crossorigin.html
diff --git a/third_party/WebKit/LayoutTests/http/tests/security/offscreencanvas-read-blocked-no-crossorigin.html b/third_party/WebKit/LayoutTests/http/tests/security/offscreencanvas-read-blocked-no-crossorigin.html
new file mode 100644
index 0000000000000000000000000000000000000000..e88521b186b800a307dec0338319fd9146e56e8b
--- /dev/null
+++ b/third_party/WebKit/LayoutTests/http/tests/security/offscreencanvas-read-blocked-no-crossorigin.html
@@ -0,0 +1,59 @@
+<!DOCTYPE html>
+<script src="../../resources/testharness.js"></script>
+<script src="../../resources/testharnessreport.js"></script>
+<script>
+
+function verifyOffscreenCanvasTaintedThenDone(offscreen, t) {
+ assert_throws("SecurityError", function() {
+ offscreen.getContext("2d").getImageData(0, 0, 1, 1);
+ }, "Check getImageData blocked.");
+ offscreen.convertToBlob().then(
+ function() {
+ assert_unreached("Promise returned by convertToBlob was resolved.");
+ t.done();
+ },
+ rejectionValue => {
+ assert_equals(rejectionValue.name, "SecurityError");
+ t.done();
+ }
+ );
+}
+
+async_test(t => {
+ var image = new Image();
+ // Notice that we don't set the image.crossOrigin property.
+ image.src = "http://localhost:8000/security/resources/abe-allow-star.php";
+ image.onload = function() {
+ var offscreen = new OffscreenCanvas(10, 10);
+ var ctx = offscreen.getContext('2d');
+ ctx.drawImage(image, 0, 0);
+ t.step(function() {
+ verifyOffscreenCanvasTaintedThenDone(offscreen, t);
+ });
+ }
+}, "Verify that an OffscreenCanvas tainted with cross-origin content cannot be read.");
+
+async_test(t => {
+ var image = new Image();
+ // Notice that we don't set the image.crossOrigin property.
+ image.src = "http://localhost:8000/security/resources/abe-allow-star.php";
+ image.onload = function() {
+ var offscreen = new OffscreenCanvas(10, 10);
+ var ctx = offscreen.getContext('2d');
+ ctx.drawImage(image, 0, 0);
+ createImageBitmap(offscreen).then(imageBitmap => {
+ var offscreen2 = new OffscreenCanvas(10, 10);
+ var ctx2 = offscreen2.getContext('2d');
+ ctx2.drawImage(imageBitmap, 0, 0);
+ t.step(function() {
+ verifyOffscreenCanvasTaintedThenDone(offscreen, t);
+ });
+ })
+ }
+}, "Verify that createImageBitmap(OffscreenCanvas) propagates the origin-clean flag.");
+
+
+
+
+
+</script>
« no previous file with comments | « third_party/WebKit/LayoutTests/fast/canvas/canvas-createImageBitmap-invalid-args-in-workers-expected.txt ('k') | third_party/WebKit/Source/bindings/core/v8/BUILD.gn » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698