- From: Anne van Kesteren <annevk@annevk.nl>
- Date: Sat, 8 Jun 2013 07:09:32 +0100
- To: Alan Stearns <stearns@adobe.com>
- Cc: W3C Style <www-style@w3.org>
On Fri, Jun 7, 2013 at 11:39 AM, Alan Stearns <stearns@adobe.com> wrote: > Would it be sufficient to change the definition to this? > > --- > If the <uri> references an image > which is CORS-same-origin, > the shape is extracted and computed > based on the alpha channel of the > specified image. If the <uri> does > not reference an image or if it > references an image which is not > CORS-same-origin, the effect > is as if the value Œauto¹ had been > specified. > --- > > I'm assuming I would link CORS-same-origin to > http://fetch.spec.whatwg.org/#cors-same-origin This looks like a great start and defines reasonably clearly what to do with all types of responses you might get back (we might change "CORS-same-origin" to a clearer term). It does not define what policy you use for fetching the resource. Currently most everything uses tainted cross-origin, <img>, background-image, etc. CSS should probably define a general fetching policy that states a default and then you need to decide whether you want to deviate from that for certain properties (e.g. for this property only CORS makes sense) or if you want a generic mechanism that is the same for all <url> types. -- http://annevankesteren.nl/
Received on Saturday, 8 June 2013 06:09:59 UTC