Skip to content
Permalink
Browse files

[giow] (3) Make sure cross-origin fonts can't leak data via <canvas>.

Fixing http://www.w3.org/Bugs/Public/show_bug.cgi?id=11955

git-svn-id: http://svn.whatwg.org/webapps@5873 340c8d12-0b0e-0410-8428-c7bf67bfef74
  • Loading branch information...
Hixie committed Feb 11, 2011
1 parent f33c988 commit b5ed7357b328e280dbda73b3315bc18c8719226a
Showing with 88 additions and 0 deletions.
  1. +28 −0 complete.html
  2. +28 −0 index
  3. +32 −0 source
<code><a href=#htmlcanvaselement>HTMLCanvasElement</a></code> whose <i>origin-clean</i> flag was
false when the pattern was created.</li>

<li><p>The element's 2D context's <code title=dom-context-2d-fillText><a href=#dom-context-2d-filltext>fillText()</a></code> or <code title=dom-context-2d-fillText><a href=#dom-context-2d-filltext>strokeText()</a></code> methods are
invoked and end up using a font that has an <a href=#origin>origin</a>
that is not the <a href=#same-origin title="same origin">same</a> as that of
the <code><a href=#document>Document</a></code> object that owns the <code><a href=#the-canvas-element>canvas</a></code>
element.</li>

</ul><p>Whenever the <code title=dom-canvas-toDataURL><a href=#dom-canvas-todataurl>toDataURL()</a></code> method of a
<code><a href=#the-canvas-element>canvas</a></code> element whose <i>origin-clean</i> flag is set to
false is called, the method must raise a <code><a href=#security_err>SECURITY_ERR</a></code>
correct arguments, the method must raise a <code><a href=#security_err>SECURITY_ERR</a></code>
exception.</p>

<p>Whenever the <code title=dom-context-2d-measureText><a href=#dom-context-2d-measuretext>measureText()</a></code> method of
the 2D context of a <code><a href=#the-canvas-element>canvas</a></code> element ends up using a font
that has an <a href=#origin>origin</a> that is not the <a href=#same-origin title="same
origin">same</a> as that of the <code><a href=#document>Document</a></code> object that
owns the <code><a href=#the-canvas-element>canvas</a></code> element, the method must raise a
<code><a href=#security_err>SECURITY_ERR</a></code> exception.</p>

<p class=note>Even resetting the canvas state by changing its
<code title=attr-canvas-width><a href=#attr-canvas-width>width</a></code> or <code title=attr-canvas-height><a href=#attr-canvas-height>height</a></code> attributes doesn't reset
the <i>origin-clean</i> flag.</p>

</dd>


<dt>For fonts</dt>

<dd>

<p>The <a href=#origin>origin</a> of a downloadable Web font is equal to
the <a href=#origin>origin</a> of the <a href=#absolute-url>absolute URL</a> used to
obtain the font (after any redirects). <a href=#refsCSSFONTS>[CSSFONTS]</a></p>

<p>The <a href=#origin>origin</a> of a locally installed system font is
equal to the <a href=#origin>origin</a> of the <code><a href=#document>Document</a></code> in
which that font is being used.</p>

</dd>

</dl><p>Other specifications can override the above definitions by
themselves specifying the origin of a particular URL, script,
<code><a href=#document>Document</a></code>, or image.</p>
28 index
<code><a href=#htmlcanvaselement>HTMLCanvasElement</a></code> whose <i>origin-clean</i> flag was
false when the pattern was created.</li>

<li><p>The element's 2D context's <code title=dom-context-2d-fillText><a href=#dom-context-2d-filltext>fillText()</a></code> or <code title=dom-context-2d-fillText><a href=#dom-context-2d-filltext>strokeText()</a></code> methods are
invoked and end up using a font that has an <a href=#origin>origin</a>
that is not the <a href=#same-origin title="same origin">same</a> as that of
the <code><a href=#document>Document</a></code> object that owns the <code><a href=#the-canvas-element>canvas</a></code>
element.</li>

</ul><p>Whenever the <code title=dom-canvas-toDataURL><a href=#dom-canvas-todataurl>toDataURL()</a></code> method of a
<code><a href=#the-canvas-element>canvas</a></code> element whose <i>origin-clean</i> flag is set to
false is called, the method must raise a <code><a href=#security_err>SECURITY_ERR</a></code>
correct arguments, the method must raise a <code><a href=#security_err>SECURITY_ERR</a></code>
exception.</p>

<p>Whenever the <code title=dom-context-2d-measureText><a href=#dom-context-2d-measuretext>measureText()</a></code> method of
the 2D context of a <code><a href=#the-canvas-element>canvas</a></code> element ends up using a font
that has an <a href=#origin>origin</a> that is not the <a href=#same-origin title="same
origin">same</a> as that of the <code><a href=#document>Document</a></code> object that
owns the <code><a href=#the-canvas-element>canvas</a></code> element, the method must raise a
<code><a href=#security_err>SECURITY_ERR</a></code> exception.</p>

<p class=note>Even resetting the canvas state by changing its
<code title=attr-canvas-width><a href=#attr-canvas-width>width</a></code> or <code title=attr-canvas-height><a href=#attr-canvas-height>height</a></code> attributes doesn't reset
the <i>origin-clean</i> flag.</p>

</dd>


<dt>For fonts</dt>

<dd>

<p>The <a href=#origin>origin</a> of a downloadable Web font is equal to
the <a href=#origin>origin</a> of the <a href=#absolute-url>absolute URL</a> used to
obtain the font (after any redirects). <a href=#refsCSSFONTS>[CSSFONTS]</a></p>

<p>The <a href=#origin>origin</a> of a locally installed system font is
equal to the <a href=#origin>origin</a> of the <code><a href=#document>Document</a></code> in
which that font is being used.</p>

</dd>

</dl><p>Other specifications can override the above definitions by
themselves specifying the origin of a particular URL, script,
<code><a href=#document>Document</a></code>, or image.</p>
32 source
<code>HTMLCanvasElement</code> whose <i>origin-clean</i> flag was
false when the pattern was created.</p></li>

<li><p>The element's 2D context's <code
title="dom-context-2d-fillText">fillText()</code> or <code
title="dom-context-2d-fillText">strokeText()</code> methods are
invoked and end up using a font that has an <span>origin</span>
that is not the <span title="same origin">same</span> as that of
the <code>Document</code> object that owns the <code>canvas</code>
element.</p></li>

</ul>

<p>Whenever the <code
correct arguments, the method must raise a <code>SECURITY_ERR</code>
exception.</p>

<p>Whenever the <code
title="dom-context-2d-measureText">measureText()</code> method of
the 2D context of a <code>canvas</code> element ends up using a font
that has an <span>origin</span> that is not the <span title="same
origin">same</span> as that of the <code>Document</code> object that
owns the <code>canvas</code> element, the method must raise a
<code>SECURITY_ERR</code> exception.</p>

<p class="note">Even resetting the canvas state by changing its
<code title="attr-canvas-width">width</code> or <code
title="attr-canvas-height">height</code> attributes doesn't reset

</dd>


<dt>For fonts</dt>

<dd>

<p>The <span>origin</span> of a downloadable Web font is equal to
the <span>origin</span> of the <span>absolute URL</span> used to
obtain the font (after any redirects). <a
href="#refsCSSFONTS">[CSSFONTS]</p>

<p>The <span>origin</span> of a locally installed system font is
equal to the <span>origin</span> of the <code>Document</code> in
which that font is being used.</p>

</dd>

</dl>

<p>Other specifications can override the above definitions by

0 comments on commit b5ed735

Please sign in to comment.
You can’t perform that action at this time.