Short URL: http://html5.org/r/6879
Index: source
===================================================================
--- source (revision 6878)
+++ source (revision 6879)
@@ -40052,6 +40052,12 @@
<ol>
+<!--ADD-TOPIC:Security-->
+ <li><p>If the <code>canvas</code> element's <i>origin-clean</i>
+ flag is set to false, throw a <code>SecurityError</code> exception
+ and abort these steps.</p>
+<!--REMOVE-TOPIC:Security-->
+
<li><p>If the canvas has no pixels (i.e. either its horizontal
dimension or its vertical dimension is zero) then return the string
"<code title="">data:,</code>" and abort these steps. (This is the
@@ -40079,6 +40085,12 @@
<ol>
+<!--ADD-TOPIC:Security-->
+ <li><p>If the <code>canvas</code> element's <i>origin-clean</i>
+ flag is set to false, throw a <code>SecurityError</code> exception
+ and abort these steps.</p>
+<!--REMOVE-TOPIC:Security-->
+
<li><p>Let <var title="">callback</var> be the first
argument.</p></li>
@@ -42989,10 +43001,20 @@
of the inline element set to 'pre' and the 'font' property of the
inline element set to the current font of the context as given by
the <code title="dom-context-2d-font">font</code> attribute, and
- must then return a new <code>TextMetrics</code> object with its
+ must then create a new <code>TextMetrics</code> object with its
<code title="dom-textmetrics-width">width</code> attribute set to
- the width of that inline box, in CSS pixels. <a
- href="#refsCSS">[CSS]</a></p>
+ the width of that inline box, in CSS pixels.
+<!--ADD-TOPIC:Security-->
+ If doing these measurements requires using a font that has an
+ <span>origin</span> that is not the <span title="same
+ origin">same</span> as that of the <code>Document</code> object that
+ owns the <code>canvas</code> element (even if "using a font" means
+ just checking if that font has a particular glyph in it before
+ falling back to another font), then the method must throw a
+ <code>SecurityError</code> exception.
+<!--REMOVE-TOPIC:Security-->
+ Otherwise, it must return the new <code>TextMetrics</code> object.
+ <a href="#refsCSS">[CSS]</a></p>
<p>The <code>TextMetrics</code> interface is used for the objects
returned from <code
@@ -43304,18 +43326,22 @@
<p>The <dfn
title="dom-context-2d-getImageData"><code>getImageData(<var
title="">sx</var>, <var title="">sy</var>, <var title="">sw</var>,
- <var title="">sh</var>)</code></dfn> method must return an
- <code>ImageData</code> object representing the underlying pixel data
- for the area of the canvas denoted by the rectangle whose corners are
- the four points (<var title="">sx</var>, <var title="">sy</var>),
- (<span title=""><var title="">sx</var>+<var title="">sw</var></span>, <var
- title="">sy</var>), (<span title=""><var title="">sx</var>+<var
- title="">sw</var></span>, <span title=""><var title="">sy</var>+<var
- title="">sh</var></span>), (<var title="">sx</var>, <span title=""><var
- title="">sy</var>+<var title="">sh</var></span>), in canvas
- coordinate space units. Pixels outside the canvas must be returned
- as transparent black. Pixels must be returned as non-premultiplied
- alpha values.</p>
+ <var title="">sh</var>)</code></dfn> method must,
+<!--ADD-TOPIC:Security-->
+ if the <code>canvas</code> element's <i>origin-clean</i> flag is set
+ to false, throw a <code>SecurityError</code> exception; otherwise, it
+<!--REMOVE-TOPIC:Security-->
+ must return an <code>ImageData</code> object representing the
+ underlying pixel data for the area of the canvas denoted by the
+ rectangle whose corners are the four points (<var title="">sx</var>,
+ <var title="">sy</var>), (<span title=""><var title="">sx</var>+<var
+ title="">sw</var></span>, <var title="">sy</var>), (<span
+ title=""><var title="">sx</var>+<var title="">sw</var></span>, <span
+ title=""><var title="">sy</var>+<var title="">sh</var></span>),
+ (<var title="">sx</var>, <span title=""><var title="">sy</var>+<var
+ title="">sh</var></span>), in canvas coordinate space units. Pixels
+ outside the canvas must be returned as transparent black. Pixels
+ must be returned as non-premultiplied alpha values.</p>
<p>If any of the arguments to <code
title="dom-context-2d-createImageData">createImageData()</code> or
@@ -43903,27 +43929,12 @@
</ul>
- <p>Whenever the <code
- title="dom-canvas-toDataURL">toDataURL()</code> method of a
- <code>canvas</code> element whose <i>origin-clean</i> flag is set to
- false is called, the method must throw a <code>SecurityError</code>
- exception.</p>
+ <p>The <code title="dom-canvas-toDataURL">toDataURL()</code>, <code
+ title="dom-canvas-toBlob">toBlob()</code>, and <code
+ title="dom-context-2d-getImageData">getImageData()</code> methods
+ check the flag and will throw a <code>SecurityError</code> exception
+ rather than leak cross-origin data.</p>
- <p>Whenever the <code
- title="dom-context-2d-getImageData">getImageData()</code> method of
- the 2D context of a <code>canvas</code> element whose
- <i>origin-clean</i> flag is set to false is called with otherwise
- correct arguments, the method must throw a <code>SecurityError</code>
- exception.</p>
-
- <p>Whenever the <code
- title="dom-context-2d-measureText">measureText()</code> method of
- the 2D context of a <code>canvas</code> element ends up using a font
- that has an <span>origin</span> that is not the <span title="same
- origin">same</span> as that of the <code>Document</code> object that
- owns the <code>canvas</code> element, the method must throw a
- <code>SecurityError</code> exception.</p>
-
<p class="note">Even resetting the canvas state by changing its
<code title="attr-canvas-width">width</code> or <code
title="attr-canvas-height">height</code> attributes doesn't reset
@@ -115015,6 +115026,7 @@
Nicolas Gallagher,
Noah Mendelsohn,
Noah Slater,
+ Noel Gordon,
NoozNooz42,
Ojan Vafai,
Olaf Hoffmann,