W3C home > Mailing lists > Public > public-html-bugzilla@w3.org > November 2010

[Bug 11203] Canvas security model does not allow for same-origin relaxation

From: <bugzilla@jessica.w3.org>
Date: Wed, 03 Nov 2010 02:24:22 +0000
To: public-html-bugzilla@w3.org
Message-Id: <E1PDT1S-0005mv-Eb@jessica.w3.org>
http://www.w3.org/Bugs/Public/show_bug.cgi?id=11203

--- Comment #4 from Boris Zbarsky <bzbarsky@mit.edu> 2010-11-03 02:24:22 UTC ---
It seems to me like CORS is the right way to go here, for what it's worth. 
Because at the end, the server serving up the images needs to be the entity
which controls whether their origin can be changed.... at which point using
CORS seems like a simpler solution.

-- 
Configure bugmail: http://www.w3.org/Bugs/Public/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.
Received on Wednesday, 3 November 2010 02:24:24 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Wednesday, 3 November 2010 02:24:24 GMT