Update of toDataURL() security requirements.

git-svn-id: http://svn.whatwg.org/webapps@4 340c8d12-0b0e-0410-8428-c7bf67bfef74
whatwg · Mar 3, 2006 · 1031712 · 1031712
1 parent 5788576
commit 1031712
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 7 deletions.
diff --git a/index b/index
@@ -14481,8 +14481,9 @@ http://lxr.mozilla.org/mozilla/source/dom/public/idl/html/nsIDOMNSHTMLTextAreaEl
   <p><strong>Security:</strong> To prevent <em>information leakage</em>, the
    <code><a href="#todataurl">toDataURL()</a></code> methods should raise a
    <span>security exception</span> if the canvas ever had images painted on
-   it that originate from a domain other than the <span><a
-   href="#domain0">script's domain</a></span>.
+   it that originate from a domain other than the <span title="script's
+   domain"><a href="#domain0">domain of the script</a></span> that painted
+   the images onto the canvas.
 
   <h4 id="the-2d"><span class="secno">6.1.1. </span>The 2D context</h4>
 

diff --git a/source b/source
@@ -12538,18 +12538,20 @@ http://lxr.mozilla.org/mozilla/source/dom/public/idl/html/nsIDOMNSHTMLTextAreaEl
   not. If it does, the image is PNG, and thus the requested type was
   not supported.</p>
 
-  <p>Arguments other than the <var title="">type</var> must be ignored, and
-  must not cause the user agent to raise an exception (as would
-  normally occur if a method was called with the wrong number of
+  <p>Arguments other than the <var title="">type</var> must be
+  ignored, and must not cause the user agent to raise an exception (as
+  would normally occur if a method was called with the wrong number of
   arguments). A future version of this specification will probably
   allow extra parameters to be passed to <code>toDataURL()</code> to
   allow authors to more carefully control compression settings, image
   metadata, etc.</p>
 
   <p><strong>Security:</strong> To prevent <em>information
   leakage</em>, the <code>toDataURL()</code> methods should raise a
-  <span>security exception</span> if the canvas ever had images painted on it that
-  originate from a domain other than the <span>script's domain</span>.</p>
+  <span>security exception</span> if the canvas ever had images
+  painted on it that originate from a domain other than the <span
+  title="script's domain">domain of the script</span> that painted the
+  images onto the canvas.</p>
 
   <h4>The 2D context</h4>