Downstream discussion here: http://code.google.com/p/chromium/issues/detail?id=107408 Maybe excluding data urls from m_cleanURLs is a reasonable workaround? I assume they can't cause cross-origin problems anyway.
Created attachment 120090 [details] Patch
Comment on attachment 120090 [details] Patch This looks fine to me. I can't see any way this could introduce a security hole given that SecurityOrigin::taintsCanvas() already has an early-out for data: URLs. r=me
Comment on attachment 120090 [details] Patch Clearing flags on attachment: 120090 Committed r103366: <http://trac.webkit.org/changeset/103366>
All reviewed patches have been landed. Closing bug.