[Bug 12441] Can arg1 of drawImage be just Element? If so, it can capture some of rendered subtree elements. from bugzilla@jessica.w3.org on 2011-06-21 (public-html-bugzilla@w3.org from June 2011)

From: <bugzilla@jessica.w3.org>
Date: Tue, 21 Jun 2011 06:33:52 +0000
To: public-html-bugzilla@w3.org
Message-Id: <E1QYuX2-0002az-0V@jessica.w3.org>

http://www.w3.org/Bugs/Public/show_bug.cgi?id=12441

Ian 'Hixie' Hickson <ian@hixie.ch> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |ian@hixie.ch

--- Comment #2 from Ian 'Hixie' Hickson <ian@hixie.ch> 2011-06-21 06:33:50 UTC ---
In non-chrome contexts? Isn't that a huge security vulnerability?

The number of ways this can go wrong seem quite spectacular � iframes are the
obvious example, but also cross-origin videos, reflections of cross-origin
images, plug-ins, SVG filter effects...

-- 
Configure bugmail: http://www.w3.org/Bugs/Public/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.

Received on Tuesday, 21 June 2011 06:33:57 UTC