tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

image-crossorigin.sub.html (2620B)

      1 <!DOCTYPE HTML>
      2 <html>
      3 <title>Test Crossorigin</title>
      4 <link rel="help" href="https://www.w3.org/TR/SVG/embedded.html#ImageElementCrossoriginAttribute">
      5 <script src="/resources/testharness.js"></script>
      6 <script src="/resources/testharnessreport.js"></script>
      7 
      8 <script class="testbody" type="text/javascript">
      9 
     10  function draw_and_read_image(image, should_throw) {
     11      let c = document.createElement('canvas');
     12      document.body.appendChild(c);
     13      let ctx = c.getContext('2d');
     14      ctx.drawImage(image, 0, 0);
     15 
     16      function get_image_data() {
     17          ctx.getImageData(0, 0, 4, 4);
     18      }
     19 
     20      if (should_throw) {
     21          assert_throws_dom('SecurityError', get_image_data);
     22      } else {
     23          get_image_data();
     24      }
     25 
     26      document.body.removeChild(c);
     27  }
     28 
     29  async_test(t => {
     30      let image = document.createElementNS("http://www.w3.org/2000/svg", "image");
     31      image.setAttribute("href", "/images/green.png");
     32      image.crossOrigin = "anonymous";
     33      image.onload = t.step_func_done(() => {
     34        draw_and_read_image(image, false);
     35      });
     36      image.onerror = t.unreached_func();
     37  }, "Can get pixels of canvas with same origin image drawn");
     38 
     39  async_test(t => {
     40      let image = document.createElementNS("http://www.w3.org/2000/svg", "image");
     41      image.setAttribute("href", "http://{{hosts[][www]}}:{{ports[http][0]}}/images/green.png?pipe=header(Access-Control-Allow-Origin,*)");
     42      image.crossOrigin = "anonymous";
     43      image.onload = t.step_func_done(() => {
     44          draw_and_read_image(image, false);
     45      });
     46      image.onerror = t.unreached_func();
     47  }, "Can get pixels of canvas with CORS enabled cross origin image drawn");
     48 
     49  async_test(t => {
     50      let image = document.createElementNS("http://www.w3.org/2000/svg", "image");
     51      image.setAttribute("href", "http://{{hosts[][www]}}:{{ports[http][0]}}/images/green.png?pipe=header(Access-Control-Allow-Origin,*)");
     52      image.onload = t.step_func_done(() => {
     53          draw_and_read_image(image, true);
     54      });
     55      image.onerror = t.unreached_func();
     56  }, "Can't get pixels of canvas with CORS enabled cross origin image drawn from non-CORS element");
     57 
     58  async_test(t => {
     59      let image = document.createElementNS("http://www.w3.org/2000/svg", "image");
     60      image.setAttribute("href", "http://{{hosts[][www]}}:{{ports[http][0]}}/images/green.png");
     61 
     62      image.onload = t.step_func_done(() => {
     63          draw_and_read_image(image, true);
     64      });
     65      image.onerror = t.unreached_func();
     66  }, "Can't get pixels of canvas with non-CORS enabled cross origin image drawn");
     67 
     68 </script>
     69 </html>