After r139294, we're applying the same-origin policy to images loaded in -webkit-masks. Since this doesn't happen for CSS images or <img>, I don't think this is a progression.
> After r139294 I think that you meant bug 139294. It's not obvious to me whether this is right or wrong. Does -webkit-mask ever affect content that would cause tainting if loaded cross-origin?
(In reply to comment #1) > > After r139294 > > I think that you meant bug 139294. > > It's not obvious to me whether this is right or wrong. Does -webkit-mask > ever affect content that would cause tainting if loaded cross-origin? If webkit-mask does not load an image but references a mask element, we need a cross-origin check. However, at the time we had checked if the normal image loading works properly. If even images are cross-origin checked, then this might be a regression introduced at a later point.
No longer an issue since the code was rolled out.