security of drawimagedata

git-svn-id: http://svn.whatwg.org/webapps@56 340c8d12-0b0e-0410-8428-c7bf67bfef74
whatwg · May 19, 2006 · 12fd26e · 12fd26e
1 parent 56fec83
commit 12fd26e
Show file tree

Hide file tree

Showing 2 changed files with 11 additions and 8 deletions.
diff --git a/index b/index
@@ -15501,7 +15501,8 @@ http://lxr.mozilla.org/mozilla/source/dom/public/idl/html/nsIDOMNSHTMLTextAreaEl
    etc.
 
   <p><strong>Security:</strong> To prevent <em>information leakage</em>, the
-   <code><a href="#todataurl">toDataURL()</a></code> methods should raise a
+   <code><a href="#todataurl">toDataURL()</a></code> and <code><a
+   href="#getimagedatasx">getImageData()</a></code> methods should raise a
    <span>security exception</span> if the canvas ever had images painted on
    it that originate from a domain other than the <span title="script's
    domain"><a href="#domain0">domain of the script</a></span> that painted
@@ -16298,7 +16299,7 @@ interface <dfn id="imagedata">ImageData</dfn> {
    with the top left corner at (0,0) and the width and height of the
    coordinate space.
 
-  <p>The <dfn id="ispointinpath"
+  <p class="proposal">The <dfn id="ispointinpath"
    title="isPointInPath"><code>isPointInPath(<var>x</var>,
    <var>y</var>)</code></dfn> method must return true if the point given by
    the <var>x</var> and <var>y</var> coordinates passed to the method, when

diff --git a/source b/source
@@ -13577,11 +13577,12 @@ http://lxr.mozilla.org/mozilla/source/dom/public/idl/html/nsIDOMNSHTMLTextAreaEl
   metadata, etc.</p>
 
   <p><strong>Security:</strong> To prevent <em>information
-  leakage</em>, the <code>toDataURL()</code> methods should raise a
-  <span>security exception</span> if the canvas ever had images
-  painted on it that originate from a domain other than the <span
-  title="script's domain">domain of the script</span> that painted the
-  images onto the canvas.</p>
+  leakage</em>, the <code>toDataURL()</code> and
+  <code>getImageData()</code> methods should raise a <span>security
+  exception</span> if the canvas ever had images painted on it that
+  originate from a domain other than the <span title="script's
+  domain">domain of the script</span> that painted the images onto the
+  canvas.</p>
 
   <h4>The 2D context</h4>
 
@@ -14354,7 +14355,8 @@ interface <dfn>ImageData</dfn> {
   rectangle with the top left corner at (0,0) and the width and height
   of the coordinate space.</p>
 
-  <p>The <dfn title="isPointInPath"><code>isPointInPath(<var>x</var>,
+  <p class="proposal">The <dfn
+  title="isPointInPath"><code>isPointInPath(<var>x</var>,
   <var>y</var>)</code></dfn> method must return true if the point
   given by the <var>x</var> and <var>y</var> coordinates passed to the
   method, when treated as coordinates in the canvas' coordinate space