- From: Hans Schmucker <hansschmucker@gmail.com>
- Date: Fri, 13 Mar 2009 17:24:23 +0100
This problem recently became apparent while trying to process a public video on tinyvid.tv: In article 4.8.11.3 "Security with canvas elements", the origin-clean flag is only set depending on an element's origin. However there are many scenarios where an image/video may actually be public and actively allowing processing on other domains (as indicated by Access-Control-Allow-Origin). Is this an oversight or is there a specific reason why Access Control for Cross-Site Requests should not work for Canvas?
Received on Friday, 13 March 2009 09:24:23 UTC