Bug 250540

Summary:	Rename Image::hasSingleSecurityOrigin to Image::wouldTaintOrigin
Product:	WebKit	Reporter:	Matt Woodrow <mattwoodrow>
Component:	Images	Assignee:	Matt Woodrow <mattwoodrow>
Status:	RESOLVED FIXED
Severity:	Normal	CC:	sabouhallawa, webkit-bug-importer
Priority:	P2	Keywords:	InRadar
Version:	WebKit Nightly Build
Hardware:	Unspecified
OS:	Unspecified

Matt Woodrow

Reported 2023-01-12 20:18:17 PST

The only interesting implementation of this (SVGImage) is not related to multiple origins (or CORS at all), but instead to SVG foreign object possibly tainting the <canvas> in a different way (by drawing visited colours, spellcheck etc).

Attachments
Add attachment proposed patch, testcase, etc.

Matt Woodrow

Comment 1 2023-01-12 20:18:35 PST

<rdar://102738351>

Matt Woodrow

Comment 2 2023-01-12 20:24:06 PST

Pull request: https://github.com/WebKit/WebKit/pull/8602

EWS

Comment 3 2023-01-16 17:27:05 PST

Committed 258969@main (5cfdacb9f77c): <https://commits.webkit.org/258969@main> Reviewed commits have been landed. Closing PR #8602 and removing active labels.

Note You need to log in before you can comment on or make changes to this bug.