blob: 4a887f3d331cf27ab020c2f5d4a1fa9516a91a8a (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
|
<!doctype html>
<meta charset=utf-8>
<title>Load a no-cors image from a same-origin URL that redirects to a cross-origin URL that redirects to the initial origin</title>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="/common/get-host-info.sub.js"></script>
<script>
setup({ single_test: true });
var image = new Image();
image.onload = function() {
const canvas = document.createElement("canvas");
canvas.width = 100;
canvas.height = 100;
const context = canvas.getContext("2d");
context.drawImage(image, 0, 0, 100, 100);
assert_throws_dom("SecurityError", () => {
context.getImageData(0, 0, 100, 100);
});
done();
}
const info = get_host_info();
const finalURL = get_host_info().HTTP_ORIGIN + "/images/apng.png";
const intermediateURL = get_host_info().HTTP_REMOTE_ORIGIN + "/fetch/api/resources/redirect.py?location=" + finalURL;
image.src = "/fetch/api/resources/redirect.py?location=" + encodeURIComponent(intermediateURL);
</script>
|
