fetch-canvas-tainting-iframe.html (2144B)
1 <html> 2 <title>iframe for fetch canvas tainting test</title> 3 <script> 4 const NOT_TAINTED = 'NOT_TAINTED'; 5 const TAINTED = 'TAINTED'; 6 const LOAD_ERROR = 'LOAD_ERROR'; 7 8 // Creates an image/video element with src=|url| and an optional |cross_origin| 9 // attibute. Tries to read from the image/video using a canvas element. Returns 10 // NOT_TAINTED if it could be read, TAINTED if it could not be read, and 11 // LOAD_ERROR if loading the image/video failed. 12 function create_test_case_promise(url, cross_origin) { 13 return new Promise(resolve => { 14 if (url.indexOf('PNGIMAGE') != -1) { 15 const img = document.createElement('img'); 16 if (cross_origin != '') { 17 img.crossOrigin = cross_origin; 18 } 19 img.onload = function() { 20 try { 21 const canvas = document.createElement('canvas'); 22 canvas.width = 100; 23 canvas.height = 100; 24 const context = canvas.getContext('2d'); 25 context.drawImage(img, 0, 0); 26 context.getImageData(0, 0, 100, 100); 27 resolve(NOT_TAINTED); 28 } catch (e) { 29 resolve(TAINTED); 30 } 31 }; 32 img.onerror = function() { 33 resolve(LOAD_ERROR); 34 } 35 img.src = url; 36 return; 37 } 38 39 if (url.indexOf('VIDEO') != -1) { 40 const video = document.createElement('video'); 41 video.autoplay = true; 42 video.muted = true; 43 if (cross_origin != '') { 44 video.crossOrigin = cross_origin; 45 } 46 video.onplay = function() { 47 try { 48 const canvas = document.createElement('canvas'); 49 canvas.width = 100; 50 canvas.height = 100; 51 const context = canvas.getContext('2d'); 52 context.drawImage(video, 0, 0); 53 context.getImageData(0, 0, 100, 100); 54 resolve(NOT_TAINTED); 55 } catch (e) { 56 resolve(TAINTED); 57 } 58 }; 59 video.onerror = function() { 60 resolve(LOAD_ERROR); 61 } 62 video.src = url; 63 return; 64 } 65 66 resolve('unknown resource type'); 67 }); 68 } 69 </script> 70 </html>