RESOLVED FIXED 146561
REGRESSION (r139294): Images loaded via -webkit-mask-image now undergo same-origin checks 
https://bugs.webkit.org/show_bug.cgi?id=146561
Summary REGRESSION (r139294): Images loaded via -webkit-mask-image now undergo same-o...
Simon Fraser (smfr)
Reported 2015-07-02 15:44:08 PDT
After r139294, we're applying the same-origin policy to images loaded in -webkit-masks. Since this doesn't happen for CSS images or <img>, I don't think this is a progression.
Attachments
Add attachment proposed patch, testcase, etc.
Alexey Proskuryakov
Comment 1 2015-07-03 01:58:19 PDT
> After r139294 I think that you meant bug 139294. It's not obvious to me whether this is right or wrong. Does -webkit-mask ever affect content that would cause tainting if loaded cross-origin?
Dirk Schulze
Comment 2 2015-07-06 22:46:31 PDT
(In reply to comment #1) > > After r139294 > > I think that you meant bug 139294. > > It's not obvious to me whether this is right or wrong. Does -webkit-mask > ever affect content that would cause tainting if loaded cross-origin? If webkit-mask does not load an image but references a mask element, we need a cross-origin check. However, at the time we had checked if the normal image loading works properly. If even images are cross-origin checked, then this might be a regression introduced at a later point.
Simon Fraser (smfr)
Comment 3 2015-10-13 20:49:15 PDT
No longer an issue since the code was rolled out.
Note You need to log in before you can comment on or make changes to this bug.