Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(25)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: third_party/WebKit/LayoutTests/http/tests/security/canvas-remote-read-remote-svg-image.html

Issue 2723093004: Adds SVGImageElement as a CanvasImageSource (Closed)
Patch Set: Refactored Canvas code out Created 3 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « third_party/WebKit/LayoutTests/fast/canvas/canvas-drawImage-svg-expected.html ('k') | third_party/WebKit/Source/bindings/modules/v8/generated.gni » ('j') | third_party/WebKit/Source/core/html/canvas/CanvasHTMLSVGImage.h » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: third_party/WebKit/LayoutTests/http/tests/security/canvas-remote-read-remote-svg-image.html
diff --git a/third_party/WebKit/LayoutTests/http/tests/security/canvas-remote-read-remote-svg-image.html b/third_party/WebKit/LayoutTests/http/tests/security/canvas-remote-read-remote-svg-image.html
new file mode 100644
index 0000000000000000000000000000000000000000..5b01bb5d63ddf3036af1a7809e9b164eda86fa64
--- /dev/null
+++ b/third_party/WebKit/LayoutTests/http/tests/security/canvas-remote-read-remote-svg-image.html
@@ -0,0 +1,33 @@
+<!doctype html>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<body></body>
+<script>
+var stTest = async_test("Checks no cross-origin on tainted canvas due to SVG image");
+
+stTest.step(function() {
Justin Novosad 2017/03/06 21:37:32 The code below does not need to be inside a 'step'
fs 2017/03/06 22:46:15 I believe there's a positive side to using a step
fserb 2017/03/07 20:44:02 done.
+ var canvas = document.createElement("canvas");
+ canvas.width = canvas.height = 100;
+
+ var svg = document.createElementNS('http://www.w3.org/2000/svg','svg');
+ var image = document.createElementNS("http://www.w3.org/2000/svg", "image");
+ svg.appendChild(image);
+ image.setAttributeNS('http://www.w3.org/1999/xlink','href',
+ 'http://localhost:8000/security/resources/red200x100.png');
+
+ var ctx = canvas.getContext("2d");
+
+ image.addEventListener('load', stTest.step_func(function() {
fs 2017/03/06 22:46:15 Could use step_func_done (and remove the explicit
fserb 2017/03/07 20:44:02 done.
+ ctx.drawImage(image, 0, 0);
+
+ assert_throws("SecurityError", function() {
+ var c = ctx.getImageData(0, 0, 1, 1);
+ }, "We are trying cross-origin getImageData");
+ stTest.done();
+ }));
+
+ document.body.appendChild(canvas);
+ document.body.appendChild(svg);
+});
+
+</script>
« no previous file with comments | « third_party/WebKit/LayoutTests/fast/canvas/canvas-drawImage-svg-expected.html ('k') | third_party/WebKit/Source/bindings/modules/v8/generated.gni » ('j') | third_party/WebKit/Source/core/html/canvas/CanvasHTMLSVGImage.h » ('J')

Powered by Google App Engine
This is Rietveld 408576698