| Index: third_party/WebKit/Source/modules/webgl/WebGLRenderingContextBase.cpp
|
| diff --git a/third_party/WebKit/Source/modules/webgl/WebGLRenderingContextBase.cpp b/third_party/WebKit/Source/modules/webgl/WebGLRenderingContextBase.cpp
|
| index 60957a197799bcf24886ad87c304cef6a9bc4276..9d8d36f27317c9b98e4e0c498318c5eda3caa4f4 100644
|
| --- a/third_party/WebKit/Source/modules/webgl/WebGLRenderingContextBase.cpp
|
| +++ b/third_party/WebKit/Source/modules/webgl/WebGLRenderingContextBase.cpp
|
| @@ -4848,6 +4848,7 @@ void WebGLRenderingContextBase::texImage2D(GLenum target,
|
| }
|
|
|
| void WebGLRenderingContextBase::TexImageHelperHTMLImageElement(
|
| + SecurityOrigin* security_origin,
|
| TexImageFunctionID function_id,
|
| GLenum target,
|
| GLint level,
|
| @@ -4865,7 +4866,9 @@ void WebGLRenderingContextBase::TexImageHelperHTMLImageElement(
|
| const char* func_name = GetTexImageFunctionName(function_id);
|
| if (isContextLost())
|
| return;
|
| - if (!ValidateHTMLImageElement(func_name, image, exception_state))
|
| +
|
| + if (!ValidateHTMLImageElement(security_origin, func_name, image,
|
| + exception_state))
|
| return;
|
| if (!ValidateTexImageBinding(func_name, function_id, target))
|
| return;
|
| @@ -4898,14 +4901,16 @@ void WebGLRenderingContextBase::TexImageHelperHTMLImageElement(
|
| unpack_image_height);
|
| }
|
|
|
| -void WebGLRenderingContextBase::texImage2D(GLenum target,
|
| +void WebGLRenderingContextBase::texImage2D(ExecutionContext* execution_context,
|
| + GLenum target,
|
| GLint level,
|
| GLint internalformat,
|
| GLenum format,
|
| GLenum type,
|
| HTMLImageElement* image,
|
| ExceptionState& exception_state) {
|
| - TexImageHelperHTMLImageElement(kTexImage2D, target, level, internalformat,
|
| + TexImageHelperHTMLImageElement(execution_context->GetSecurityOrigin(),
|
| + kTexImage2D, target, level, internalformat,
|
| format, type, 0, 0, 0, image,
|
| SentinelEmptyRect(), 1, 0, exception_state);
|
| }
|
| @@ -5062,6 +5067,7 @@ void WebGLRenderingContextBase::TexImageByGPU(
|
| }
|
|
|
| void WebGLRenderingContextBase::TexImageHelperHTMLCanvasElement(
|
| + SecurityOrigin* security_origin,
|
| TexImageFunctionID function_id,
|
| GLenum target,
|
| GLint level,
|
| @@ -5079,7 +5085,9 @@ void WebGLRenderingContextBase::TexImageHelperHTMLCanvasElement(
|
| const char* func_name = GetTexImageFunctionName(function_id);
|
| if (isContextLost())
|
| return;
|
| - if (!ValidateHTMLCanvasElement(func_name, canvas, exception_state))
|
| +
|
| + if (!ValidateHTMLCanvasElement(security_origin, func_name, canvas,
|
| + exception_state))
|
| return;
|
| WebGLTexture* texture =
|
| ValidateTexImageBinding(func_name, function_id, target);
|
| @@ -5159,7 +5167,8 @@ void WebGLRenderingContextBase::TexImageHelperHTMLCanvasElement(
|
| }
|
| }
|
|
|
| -void WebGLRenderingContextBase::texImage2D(GLenum target,
|
| +void WebGLRenderingContextBase::texImage2D(ExecutionContext* execution_context,
|
| + GLenum target,
|
| GLint level,
|
| GLint internalformat,
|
| GLenum format,
|
| @@ -5167,7 +5176,8 @@ void WebGLRenderingContextBase::texImage2D(GLenum target,
|
| HTMLCanvasElement* canvas,
|
| ExceptionState& exception_state) {
|
| TexImageHelperHTMLCanvasElement(
|
| - kTexImage2D, target, level, internalformat, format, type, 0, 0, 0, canvas,
|
| + execution_context->GetSecurityOrigin(), kTexImage2D, target, level,
|
| + internalformat, format, type, 0, 0, 0, canvas,
|
| GetTextureSourceSize(canvas), 1, 0, exception_state);
|
| }
|
|
|
| @@ -5185,6 +5195,7 @@ PassRefPtr<Image> WebGLRenderingContextBase::VideoFrameToImage(
|
| }
|
|
|
| void WebGLRenderingContextBase::TexImageHelperHTMLVideoElement(
|
| + SecurityOrigin* security_origin,
|
| TexImageFunctionID function_id,
|
| GLenum target,
|
| GLint level,
|
| @@ -5202,7 +5213,9 @@ void WebGLRenderingContextBase::TexImageHelperHTMLVideoElement(
|
| const char* func_name = GetTexImageFunctionName(function_id);
|
| if (isContextLost())
|
| return;
|
| - if (!ValidateHTMLVideoElement(func_name, video, exception_state))
|
| +
|
| + if (!ValidateHTMLVideoElement(security_origin, func_name, video,
|
| + exception_state))
|
| return;
|
| WebGLTexture* texture =
|
| ValidateTexImageBinding(func_name, function_id, target);
|
| @@ -5328,14 +5341,16 @@ void WebGLRenderingContextBase::TexImageBitmapByGPU(
|
| IntPoint(xoffset, yoffset), source_sub_rect);
|
| }
|
|
|
| -void WebGLRenderingContextBase::texImage2D(GLenum target,
|
| +void WebGLRenderingContextBase::texImage2D(ExecutionContext* execution_context,
|
| + GLenum target,
|
| GLint level,
|
| GLint internalformat,
|
| GLenum format,
|
| GLenum type,
|
| HTMLVideoElement* video,
|
| ExceptionState& exception_state) {
|
| - TexImageHelperHTMLVideoElement(kTexImage2D, target, level, internalformat,
|
| + TexImageHelperHTMLVideoElement(execution_context->GetSecurityOrigin(),
|
| + kTexImage2D, target, level, internalformat,
|
| format, type, 0, 0, 0, video,
|
| SentinelEmptyRect(), 1, 0, exception_state);
|
| }
|
| @@ -5580,41 +5595,50 @@ void WebGLRenderingContextBase::texSubImage2D(GLenum target,
|
| 0);
|
| }
|
|
|
| -void WebGLRenderingContextBase::texSubImage2D(GLenum target,
|
| - GLint level,
|
| - GLint xoffset,
|
| - GLint yoffset,
|
| - GLenum format,
|
| - GLenum type,
|
| - HTMLImageElement* image,
|
| - ExceptionState& exception_state) {
|
| - TexImageHelperHTMLImageElement(kTexSubImage2D, target, level, 0, format, type,
|
| +void WebGLRenderingContextBase::texSubImage2D(
|
| + ExecutionContext* execution_context,
|
| + GLenum target,
|
| + GLint level,
|
| + GLint xoffset,
|
| + GLint yoffset,
|
| + GLenum format,
|
| + GLenum type,
|
| + HTMLImageElement* image,
|
| + ExceptionState& exception_state) {
|
| + TexImageHelperHTMLImageElement(execution_context->GetSecurityOrigin(),
|
| + kTexSubImage2D, target, level, 0, format, type,
|
| xoffset, yoffset, 0, image,
|
| SentinelEmptyRect(), 1, 0, exception_state);
|
| }
|
|
|
| -void WebGLRenderingContextBase::texSubImage2D(GLenum target,
|
| - GLint level,
|
| - GLint xoffset,
|
| - GLint yoffset,
|
| - GLenum format,
|
| - GLenum type,
|
| - HTMLCanvasElement* canvas,
|
| - ExceptionState& exception_state) {
|
| +void WebGLRenderingContextBase::texSubImage2D(
|
| + ExecutionContext* execution_context,
|
| + GLenum target,
|
| + GLint level,
|
| + GLint xoffset,
|
| + GLint yoffset,
|
| + GLenum format,
|
| + GLenum type,
|
| + HTMLCanvasElement* canvas,
|
| + ExceptionState& exception_state) {
|
| TexImageHelperHTMLCanvasElement(
|
| - kTexSubImage2D, target, level, 0, format, type, xoffset, yoffset, 0,
|
| - canvas, GetTextureSourceSize(canvas), 1, 0, exception_state);
|
| + execution_context->GetSecurityOrigin(), kTexSubImage2D, target, level, 0,
|
| + format, type, xoffset, yoffset, 0, canvas, GetTextureSourceSize(canvas),
|
| + 1, 0, exception_state);
|
| }
|
|
|
| -void WebGLRenderingContextBase::texSubImage2D(GLenum target,
|
| - GLint level,
|
| - GLint xoffset,
|
| - GLint yoffset,
|
| - GLenum format,
|
| - GLenum type,
|
| - HTMLVideoElement* video,
|
| - ExceptionState& exception_state) {
|
| - TexImageHelperHTMLVideoElement(kTexSubImage2D, target, level, 0, format, type,
|
| +void WebGLRenderingContextBase::texSubImage2D(
|
| + ExecutionContext* execution_context,
|
| + GLenum target,
|
| + GLint level,
|
| + GLint xoffset,
|
| + GLint yoffset,
|
| + GLenum format,
|
| + GLenum type,
|
| + HTMLVideoElement* video,
|
| + ExceptionState& exception_state) {
|
| + TexImageHelperHTMLVideoElement(execution_context->GetSecurityOrigin(),
|
| + kTexSubImage2D, target, level, 0, format, type,
|
| xoffset, yoffset, 0, video,
|
| SentinelEmptyRect(), 1, 0, exception_state);
|
| }
|
| @@ -7287,6 +7311,7 @@ void WebGLRenderingContextBase::RemoveBoundBuffer(WebGLBuffer* buffer) {
|
| }
|
|
|
| bool WebGLRenderingContextBase::ValidateHTMLImageElement(
|
| + SecurityOrigin* security_origin,
|
| const char* function_name,
|
| HTMLImageElement* image,
|
| ExceptionState& exception_state) {
|
| @@ -7300,7 +7325,7 @@ bool WebGLRenderingContextBase::ValidateHTMLImageElement(
|
| return false;
|
| }
|
|
|
| - if (WouldTaintOrigin(image)) {
|
| + if (WouldTaintOrigin(image, security_origin)) {
|
| exception_state.ThrowSecurityError("The cross-origin image at " +
|
| url.ElidedString() +
|
| " may not be loaded.");
|
| @@ -7310,6 +7335,7 @@ bool WebGLRenderingContextBase::ValidateHTMLImageElement(
|
| }
|
|
|
| bool WebGLRenderingContextBase::ValidateHTMLCanvasElement(
|
| + SecurityOrigin* security_origin,
|
| const char* function_name,
|
| HTMLCanvasElement* canvas,
|
| ExceptionState& exception_state) {
|
| @@ -7317,7 +7343,8 @@ bool WebGLRenderingContextBase::ValidateHTMLCanvasElement(
|
| SynthesizeGLError(GL_INVALID_VALUE, function_name, "no canvas");
|
| return false;
|
| }
|
| - if (WouldTaintOrigin(canvas)) {
|
| +
|
| + if (WouldTaintOrigin(canvas, security_origin)) {
|
| exception_state.ThrowSecurityError("Tainted canvases may not be loaded.");
|
| return false;
|
| }
|
| @@ -7325,6 +7352,7 @@ bool WebGLRenderingContextBase::ValidateHTMLCanvasElement(
|
| }
|
|
|
| bool WebGLRenderingContextBase::ValidateHTMLVideoElement(
|
| + SecurityOrigin* security_origin,
|
| const char* function_name,
|
| HTMLVideoElement* video,
|
| ExceptionState& exception_state) {
|
| @@ -7333,7 +7361,7 @@ bool WebGLRenderingContextBase::ValidateHTMLVideoElement(
|
| return false;
|
| }
|
|
|
| - if (WouldTaintOrigin(video)) {
|
| + if (WouldTaintOrigin(video, security_origin)) {
|
| exception_state.ThrowSecurityError(
|
| "The video element contains cross-origin data, and may not be loaded.");
|
| return false;
|
|
|
Chromium Code Reviews
Issue 2806803003:
Make OffscreenCanvas WebGL(2) context consider taintedness of image source (Closed)
