Short URL: http://html5.org/r/4
| SVN | Bug | Comment | Time (UTC) |
|---|---|---|---|
| 4 | Update of toDataURL() security requirements. | 2006-03-03 16:56 |
Index: source =================================================================== --- source (revision 3) +++ source (revision 4) @@ -12538,9 +12538,9 @@ not. If it does, the image is PNG, and thus the requested type was not supported.</p> - <p>Arguments other than the <var title="">type</var> must be ignored, and - must not cause the user agent to raise an exception (as would - normally occur if a method was called with the wrong number of + <p>Arguments other than the <var title="">type</var> must be + ignored, and must not cause the user agent to raise an exception (as + would normally occur if a method was called with the wrong number of arguments). A future version of this specification will probably allow extra parameters to be passed to <code>toDataURL()</code> to allow authors to more carefully control compression settings, image @@ -12548,8 +12548,10 @@ <p><strong>Security:</strong> To prevent <em>information leakage</em>, the <code>toDataURL()</code> methods should raise a - <span>security exception</span> if the canvas ever had images painted on it that - originate from a domain other than the <span>script's domain</span>.</p> + <span>security exception</span> if the canvas ever had images + painted on it that originate from a domain other than the <span + title="script's domain">domain of the script</span> that painted the + images onto the canvas.</p> <h4>The 2D context</h4>