blob: e7fe1535542c4b27191b71b2decf449947238adb [file] [log] [blame]
<html>
<head>
<script>
if (window.testRunner)
testRunner.dumpAsText();
function log(msg)
{
document.getElementById('console').appendChild(document.createTextNode(msg + "\n"));
}
function draw()
{
var canvas = document.getElementById("canvas");
var ctx = canvas.getContext("2d");
ctx.drawImage(document.getElementById("img"), 0, 0);
try {
var data = ctx.getImageData(20, 20, 290, 75);
log("FAIL: getImageData succeeded. Canvas not tainted.");
} catch (e) {
log("PASS: getImageData failed. Canvas tainted.");
}
}
</script>
</head>
<body>
<p>This tests that drawing an image that redirects to a remote image to a canvas taints the canvas</p>
<pre id="console"></pre>
<canvas id="canvas" width="330" height="115"></canvas>
<img id="img" onload="draw()" src="/resources/redirect.py?url=http://localhost:8000/security/resources/abe.png">
</body>
</html>