Add same-origin redirect variants to 2d canvas security tests.

2025-08-22 05:45:33 +01:00 · 2017-05-02 14:09:44 -04:00 · 2017-05-02 14:09:44 -04:00 · d143396934
commit d143396934
parent 0abd5bbabd
35 changed files with 647 additions and 102 deletions
--- a/tests/wpt/web-platform-tests/2dcontext/tools/gentestutils.py
+++ b/tests/wpt/web-platform-tests/2dcontext/tools/gentestutils.py
@ -450,6 +450,11 @@ def genTestUtils(TESTOUTPUTDIR, IMAGEOUTPUTDIR, TEMPLATEFILE, NAME2DIRFILE, ISOF
        for s in test.get('scripts', []):
            scripts += '<script src="%s"></script>\n' % (s)

+        variants = test.get('script-variants', {})
+        script_variants = [(v, '<script src="%s"></script>\n' % (s)) for (v, s) in variants.iteritems()]
+        if not script_variants:
+            script_variants = [('', '')]
+
        images = ''
        for i in test.get('images', []):
            id = i.split('/')[-1]
@ -474,38 +479,44 @@ def genTestUtils(TESTOUTPUTDIR, IMAGEOUTPUTDIR, TEMPLATEFILE, NAME2DIRFILE, ISOF

        desc = test.get('desc', '')
        escaped_desc = simpleEscapeJS(desc)
-        template_params = {
-            'name':name, 'name_wrapped':name_wrapped, 'backrefs':backref_html(name),
-            'mapped_name':mapped_name,
-            'desc':desc, 'escaped_desc':escaped_desc,
-            'prev':prev, 'next':next, 'refs':refs, 'notes':notes, 'images':images,
-            'fonts':fonts, 'fonthack':fonthack,
-            'canvas':canvas, 'expected':expectation_html, 'code':code, 'scripts':scripts,
-            'mochi_name':mochi_name, 'mochi_desc':mochi_desc, 'mochi_code':mochi_code,
-            'mochi_setup':mochi_setup, 'mochi_footer':mochi_footer, 'mochi_images':mochi_images,
-            'fallback':fallback
-        }

-        if W3CMODE:
-            f = codecs.open('%s/%s.html' % (TESTOUTPUTDIR, mapped_name), 'w', 'utf-8')
-            f.write(templates['w3c'] % template_params)
-            if ISOFFSCREENCANVAS:
-                f = codecs.open('%s/%s.worker.js' % (TESTOUTPUTDIR, mapped_name), 'w', 'utf-8')
-                f.write(templates['w3cworker'] % template_params)
-        else:
-            f = codecs.open('%s/%s.html' % (TESTOUTPUTDIR, name), 'w', 'utf-8')
-            f.write(templates['standalone'] % template_params)
+        for (variant, extra_script) in script_variants:
+            name_variant = '' if not variant else '.' + variant

-            f = codecs.open('%s/framed.%s.html' % (TESTOUTPUTDIR, name), 'w', 'utf-8')
-            f.write(templates['framed'] % template_params)
+            template_params = {
+                'name':name + name_variant,
+                'name_wrapped':name_wrapped, 'backrefs':backref_html(name),
+                'mapped_name':mapped_name,
+                'desc':desc, 'escaped_desc':escaped_desc,
+                'prev':prev, 'next':next, 'refs':refs, 'notes':notes, 'images':images,
+                'fonts':fonts, 'fonthack':fonthack,
+                'canvas':canvas, 'expected':expectation_html, 'code':code,
+                'scripts':scripts + extra_script,
+                'mochi_name':mochi_name, 'mochi_desc':mochi_desc, 'mochi_code':mochi_code,
+                'mochi_setup':mochi_setup, 'mochi_footer':mochi_footer, 'mochi_images':mochi_images,
+                'fallback':fallback
+            }

-            f = codecs.open('%s/minimal.%s.html' % (TESTOUTPUTDIR, name), 'w', 'utf-8')
-            f.write(templates['minimal'] % template_params)
+            if W3CMODE:
+                f = codecs.open('%s/%s%s.html' % (TESTOUTPUTDIR, mapped_name, name_variant), 'w', 'utf-8')
+                f.write(templates['w3c'] % template_params)
+                if ISOFFSCREENCANVAS:
+                    f = codecs.open('%s/%s%s.worker.js' % (TESTOUTPUTDIR, mapped_name, name_variant), 'w', 'utf-8')
+                    f.write(templates['w3cworker'] % template_params)
+            else:
+                f = codecs.open('%s/%s%s.html' % (TESTOUTPUTDIR, name, name_variant), 'w', 'utf-8')
+                f.write(templates['standalone'] % template_params)

-        if mochitest:
-            mochitests.append(name)
-            f = codecs.open('%s/mochitests/test_%s.html' % (MISCOUTPUTDIR, name), 'w', 'utf-8')
-            f.write(templates['mochitest'] % template_params)
+                f = codecs.open('%s/framed.%s%s.html' % (TESTOUTPUTDIR, name, name_variant), 'w', 'utf-8')
+                f.write(templates['framed'] % template_params)
+
+                f = codecs.open('%s/minimal.%s%s.html' % (TESTOUTPUTDIR, name, name_variant), 'w', 'utf-8')
+                f.write(templates['minimal'] % template_params)
+
+            if mochitest:
+                mochitests.append(name)
+                f = codecs.open('%s/mochitests/test_%s%s.html' % (MISCOUTPUTDIR, name, name_variant), 'w', 'utf-8')
+                f.write(templates['mochitest'] % template_params)

    def write_mochitest_makefile():
        f = open('%s/mochitests/Makefile.in' % MISCOUTPUTDIR, 'w')
--- a/tests/wpt/web-platform-tests/2dcontext/tools/tests.yaml
+++ b/tests/wpt/web-platform-tests/2dcontext/tools/tests.yaml
@ -864,7 +864,9 @@
    - security.getImageData
  scripts:
    - /common/get-host-info.sub.js
-    - data:text/javascript,addCrossOriginYellowImage()
+  script-variants:
+    cross: data:text/javascript,addCrossOriginYellowImage()
+    redirect: data:text/javascript,addCrossOriginRedirectYellowImage()
  code: |
    ctx.drawImage(document.getElementById('yellow.png'), 0, 0);
    @assert throws SECURITY_ERR canvas.toDataURL();
@ -877,7 +879,9 @@
    - security.drawImage.canvas
  scripts:
    - /common/get-host-info.sub.js
-    - data:text/javascript,addCrossOriginYellowImage()
+  script-variants:
+    cross: data:text/javascript,addCrossOriginYellowImage()
+    redirect: data:text/javascript,addCrossOriginRedirectYellowImage()
  code: |
    var canvas2 = document.createElement('canvas');
    canvas2.width = 100;
@ -895,7 +899,9 @@
    - security.start
  scripts:
    - /common/get-host-info.sub.js
-    - data:text/javascript,addCrossOriginYellowImage()
+  script-variants:
+    cross: data:text/javascript,addCrossOriginYellowImage()
+    redirect: data:text/javascript,addCrossOriginRedirectYellowImage()
  code: |
    var p = ctx.createPattern(document.getElementById('yellow.png'), 'repeat');
    canvas.toDataURL();
@ -909,7 +915,9 @@
    - security.start
  scripts:
    - /common/get-host-info.sub.js
-    - data:text/javascript,addCrossOriginYellowImage()
+  script-variants:
+    cross: data:text/javascript,addCrossOriginYellowImage()
+    redirect: data:text/javascript,addCrossOriginRedirectYellowImage()
  code: |
    var canvas2 = document.createElement('canvas');
    canvas2.width = 100;
@ -932,7 +940,9 @@
    - security.fillStyle.canvas
  scripts:
    - /common/get-host-info.sub.js
-    - data:text/javascript,addCrossOriginYellowImage()
+  script-variants:
+    cross: data:text/javascript,addCrossOriginYellowImage()
+    redirect: data:text/javascript,addCrossOriginRedirectYellowImage()
  code: |
    var canvas2 = document.createElement('canvas');
    canvas2.width = 100;
@ -955,7 +965,9 @@
    - security.fillStyle.image
  scripts:
    - /common/get-host-info.sub.js
-    - data:text/javascript,addCrossOriginYellowImage()
+  script-variants:
+    cross: data:text/javascript,addCrossOriginYellowImage()
+    redirect: data:text/javascript,addCrossOriginRedirectYellowImage()
  code: |
    var p = ctx.createPattern(document.getElementById('yellow.png'), 'repeat');
    ctx.fillStyle = p;
@ -970,7 +982,9 @@
    - security.fillStyle.canvas
  scripts:
    - /common/get-host-info.sub.js
-    - data:text/javascript,addCrossOriginYellowImage()
+  script-variants:
+    cross: data:text/javascript,addCrossOriginYellowImage()
+    redirect: data:text/javascript,addCrossOriginRedirectYellowImage()
  code: |
    var canvas2 = document.createElement('canvas');
    canvas2.width = 100;
@ -990,7 +1004,9 @@
    - security.strokeStyle.image
  scripts:
    - /common/get-host-info.sub.js
-    - data:text/javascript,addCrossOriginYellowImage()
+  script-variants:
+    cross: data:text/javascript,addCrossOriginYellowImage()
+    redirect: data:text/javascript,addCrossOriginRedirectYellowImage()
  code: |
    var p = ctx.createPattern(document.getElementById('yellow.png'), 'repeat');
    ctx.strokeStyle = p;
@ -1005,7 +1021,9 @@
    - security.strokeStyle.canvas
  scripts:
    - /common/get-host-info.sub.js
-    - data:text/javascript,addCrossOriginYellowImage()
+  script-variants:
+    cross: data:text/javascript,addCrossOriginYellowImage()
+    redirect: data:text/javascript,addCrossOriginRedirectYellowImage()
  code: |
    var canvas2 = document.createElement('canvas');
    canvas2.width = 100;
@ -1045,7 +1063,9 @@
    - initial.reset
  scripts:
    - /common/get-host-info.sub.js
-    - data:text/javascript,addCrossOriginYellowImage()
+  script-variants:
+    cross: data:text/javascript,addCrossOriginYellowImage()
+    redirect: data:text/javascript,addCrossOriginRedirectYellowImage()
  code: |
    canvas.width = 50;
    ctx.drawImage(document.getElementById('yellow.png'), 0, 0);
--- a/tests/wpt/web-platform-tests/common/canvas-tests.js
+++ b/tests/wpt/web-platform-tests/common/canvas-tests.js
@ -92,4 +92,13 @@ function addCrossOriginYellowImage()
    img.className = "resource";
    img.src = get_host_info().HTTP_REMOTE_ORIGIN + "/images/yellow.png";
    document.body.appendChild(img);
-}
+}
+
+function addCrossOriginRedirectYellowImage()
+{
+    var img = new Image();
+    img.id = "yellow.png";
+    img.className = "resource";
+    img.src = get_host_info().HTTP_ORIGIN + "/common/redirect.py?location=" +
+        get_host_info().HTTP_REMOTE_ORIGIN + "/images/yellow.png";
+}
--- a/tests/wpt/web-platform-tests/html/semantics/embedded-content/the-canvas-element/security.drawImage.canvas.cross.html
+++ b/tests/wpt/web-platform-tests/html/semantics/embedded-content/the-canvas-element/security.drawImage.canvas.cross.html
@ -1,13 +1,13 @@
 <!DOCTYPE html>
 <!-- DO NOT EDIT! This test has been generated by tools/gentest.py. -->
-<title>Canvas test: security.drawImage.canvas</title>
+<title>Canvas test: security.drawImage.canvas.cross</title>
 <script src="/resources/testharness.js"></script>
 <script src="/resources/testharnessreport.js"></script>
 <script src="/common/canvas-tests.js"></script>
 <link rel="stylesheet" href="/common/canvas-tests.css">
 <body class="show_output">

-<h1>security.drawImage.canvas</h1>
+<h1>security.drawImage.canvas.cross</h1>
 <p class="desc">drawImage of unclean canvas makes the canvas origin-unclean</p>


--- a/tests/wpt/web-platform-tests/html/semantics/embedded-content/the-canvas-element/security.drawImage.canvas.redirect.html
+++ b/tests/wpt/web-platform-tests/html/semantics/embedded-content/the-canvas-element/security.drawImage.canvas.redirect.html
@ -0,0 +1,36 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! This test has been generated by tools/gentest.py. -->
+<title>Canvas test: security.drawImage.canvas.redirect</title>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script src="/common/canvas-tests.js"></script>
+<link rel="stylesheet" href="/common/canvas-tests.css">
+<body class="show_output">
+
+<h1>security.drawImage.canvas.redirect</h1>
+<p class="desc">drawImage of unclean canvas makes the canvas origin-unclean</p>
+
+
+<p class="output">Actual output:</p>
+<canvas id="c" class="output" width="100" height="50"><p class="fallback">FAIL (fallback content)</p></canvas>
+
+<ul id="d"></ul>
+<script>
+var t = async_test("drawImage of unclean canvas makes the canvas origin-unclean");
+_addTest(function(canvas, ctx) {
+
+var canvas2 = document.createElement('canvas');
+canvas2.width = 100;
+canvas2.height = 50;
+var ctx2 = canvas2.getContext('2d');
+ctx2.drawImage(document.getElementById('yellow.png'), 0, 0);
+ctx.drawImage(canvas2, 0, 0);
+assert_throws("SECURITY_ERR", function() { canvas.toDataURL(); });
+assert_throws("SECURITY_ERR", function() { ctx.getImageData(0, 0, 1, 1); });
+
+
+});
+</script>
+<script src="/common/get-host-info.sub.js"></script>
+<script src="data:text/javascript,addCrossOriginRedirectYellowImage()"></script>
+
--- a/tests/wpt/web-platform-tests/html/semantics/embedded-content/the-canvas-element/security.drawImage.image.cross.html
+++ b/tests/wpt/web-platform-tests/html/semantics/embedded-content/the-canvas-element/security.drawImage.image.cross.html
@ -1,13 +1,13 @@
 <!DOCTYPE html>
 <!-- DO NOT EDIT! This test has been generated by tools/gentest.py. -->
-<title>Canvas test: security.drawImage.image</title>
+<title>Canvas test: security.drawImage.image.cross</title>
 <script src="/resources/testharness.js"></script>
 <script src="/resources/testharnessreport.js"></script>
 <script src="/common/canvas-tests.js"></script>
 <link rel="stylesheet" href="/common/canvas-tests.css">
 <body class="show_output">

-<h1>security.drawImage.image</h1>
+<h1>security.drawImage.image.cross</h1>
 <p class="desc">drawImage of different-origin image makes the canvas origin-unclean</p>


--- a/tests/wpt/web-platform-tests/html/semantics/embedded-content/the-canvas-element/security.drawImage.image.redirect.html
+++ b/tests/wpt/web-platform-tests/html/semantics/embedded-content/the-canvas-element/security.drawImage.image.redirect.html
@ -0,0 +1,31 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! This test has been generated by tools/gentest.py. -->
+<title>Canvas test: security.drawImage.image.redirect</title>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script src="/common/canvas-tests.js"></script>
+<link rel="stylesheet" href="/common/canvas-tests.css">
+<body class="show_output">
+
+<h1>security.drawImage.image.redirect</h1>
+<p class="desc">drawImage of different-origin image makes the canvas origin-unclean</p>
+
+
+<p class="output">Actual output:</p>
+<canvas id="c" class="output" width="100" height="50"><p class="fallback">FAIL (fallback content)</p></canvas>
+
+<ul id="d"></ul>
+<script>
+var t = async_test("drawImage of different-origin image makes the canvas origin-unclean");
+_addTest(function(canvas, ctx) {
+
+ctx.drawImage(document.getElementById('yellow.png'), 0, 0);
+assert_throws("SECURITY_ERR", function() { canvas.toDataURL(); });
+assert_throws("SECURITY_ERR", function() { ctx.getImageData(0, 0, 1, 1); });
+
+
+});
+</script>
+<script src="/common/get-host-info.sub.js"></script>
+<script src="data:text/javascript,addCrossOriginRedirectYellowImage()"></script>
+
--- a/tests/wpt/web-platform-tests/html/semantics/embedded-content/the-canvas-element/security.pattern.canvas.fillStyle.cross.html
+++ b/tests/wpt/web-platform-tests/html/semantics/embedded-content/the-canvas-element/security.pattern.canvas.fillStyle.cross.html
@ -1,13 +1,13 @@
 <!DOCTYPE html>
 <!-- DO NOT EDIT! This test has been generated by tools/gentest.py. -->
-<title>Canvas test: security.pattern.canvas.fillStyle</title>
+<title>Canvas test: security.pattern.canvas.fillStyle.cross</title>
 <script src="/resources/testharness.js"></script>
 <script src="/resources/testharnessreport.js"></script>
 <script src="/common/canvas-tests.js"></script>
 <link rel="stylesheet" href="/common/canvas-tests.css">
 <body class="show_output">

-<h1>security.pattern.canvas.fillStyle</h1>
+<h1>security.pattern.canvas.fillStyle.cross</h1>
 <p class="desc">Setting fillStyle to a pattern of an unclean canvas makes the canvas origin-unclean</p>


--- a/tests/wpt/web-platform-tests/html/semantics/embedded-content/the-canvas-element/security.pattern.canvas.fillStyle.redirect.html
+++ b/tests/wpt/web-platform-tests/html/semantics/embedded-content/the-canvas-element/security.pattern.canvas.fillStyle.redirect.html
@ -0,0 +1,38 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! This test has been generated by tools/gentest.py. -->
+<title>Canvas test: security.pattern.canvas.fillStyle.redirect</title>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script src="/common/canvas-tests.js"></script>
+<link rel="stylesheet" href="/common/canvas-tests.css">
+<body class="show_output">
+
+<h1>security.pattern.canvas.fillStyle.redirect</h1>
+<p class="desc">Setting fillStyle to a pattern of an unclean canvas makes the canvas origin-unclean</p>
+
+
+<p class="output">Actual output:</p>
+<canvas id="c" class="output" width="100" height="50"><p class="fallback">FAIL (fallback content)</p></canvas>
+
+<ul id="d"></ul>
+<script>
+var t = async_test("Setting fillStyle to a pattern of an unclean canvas makes the canvas origin-unclean");
+_addTest(function(canvas, ctx) {
+
+var canvas2 = document.createElement('canvas');
+canvas2.width = 100;
+canvas2.height = 50;
+var ctx2 = canvas2.getContext('2d');
+ctx2.drawImage(document.getElementById('yellow.png'), 0, 0);
+var p = ctx.createPattern(canvas2, 'repeat');
+ctx.fillStyle = p;
+ctx.fillStyle = 'red';
+assert_throws("SECURITY_ERR", function() { canvas.toDataURL(); });
+assert_throws("SECURITY_ERR", function() { ctx.getImageData(0, 0, 1, 1); });
+
+
+});
+</script>
+<script src="/common/get-host-info.sub.js"></script>
+<script src="data:text/javascript,addCrossOriginRedirectYellowImage()"></script>
+
--- a/tests/wpt/web-platform-tests/html/semantics/embedded-content/the-canvas-element/security.pattern.canvas.strokeStyle.cross.html
+++ b/tests/wpt/web-platform-tests/html/semantics/embedded-content/the-canvas-element/security.pattern.canvas.strokeStyle.cross.html
@ -1,13 +1,13 @@
 <!DOCTYPE html>
 <!-- DO NOT EDIT! This test has been generated by tools/gentest.py. -->
-<title>Canvas test: security.pattern.canvas.strokeStyle</title>
+<title>Canvas test: security.pattern.canvas.strokeStyle.cross</title>
 <script src="/resources/testharness.js"></script>
 <script src="/resources/testharnessreport.js"></script>
 <script src="/common/canvas-tests.js"></script>
 <link rel="stylesheet" href="/common/canvas-tests.css">
 <body class="show_output">

-<h1>security.pattern.canvas.strokeStyle</h1>
+<h1>security.pattern.canvas.strokeStyle.cross</h1>
 <p class="desc">Setting strokeStyle to a pattern of an unclean canvas makes the canvas origin-unclean</p>


--- a/tests/wpt/web-platform-tests/html/semantics/embedded-content/the-canvas-element/security.pattern.canvas.strokeStyle.redirect.html
+++ b/tests/wpt/web-platform-tests/html/semantics/embedded-content/the-canvas-element/security.pattern.canvas.strokeStyle.redirect.html
@ -0,0 +1,38 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! This test has been generated by tools/gentest.py. -->
+<title>Canvas test: security.pattern.canvas.strokeStyle.redirect</title>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script src="/common/canvas-tests.js"></script>
+<link rel="stylesheet" href="/common/canvas-tests.css">
+<body class="show_output">
+
+<h1>security.pattern.canvas.strokeStyle.redirect</h1>
+<p class="desc">Setting strokeStyle to a pattern of an unclean canvas makes the canvas origin-unclean</p>
+
+
+<p class="output">Actual output:</p>
+<canvas id="c" class="output" width="100" height="50"><p class="fallback">FAIL (fallback content)</p></canvas>
+
+<ul id="d"></ul>
+<script>
+var t = async_test("Setting strokeStyle to a pattern of an unclean canvas makes the canvas origin-unclean");
+_addTest(function(canvas, ctx) {
+
+var canvas2 = document.createElement('canvas');
+canvas2.width = 100;
+canvas2.height = 50;
+var ctx2 = canvas2.getContext('2d');
+ctx2.drawImage(document.getElementById('yellow.png'), 0, 0);
+var p = ctx.createPattern(canvas2, 'repeat');
+ctx.strokeStyle = p;
+ctx.strokeStyle = 'red';
+assert_throws("SECURITY_ERR", function() { canvas.toDataURL(); });
+assert_throws("SECURITY_ERR", function() { ctx.getImageData(0, 0, 1, 1); });
+
+
+});
+</script>
+<script src="/common/get-host-info.sub.js"></script>
+<script src="data:text/javascript,addCrossOriginRedirectYellowImage()"></script>
+
--- a/tests/wpt/web-platform-tests/html/semantics/embedded-content/the-canvas-element/security.pattern.canvas.timing.cross.html
+++ b/tests/wpt/web-platform-tests/html/semantics/embedded-content/the-canvas-element/security.pattern.canvas.timing.cross.html
@ -1,13 +1,13 @@
 <!DOCTYPE html>
 <!-- DO NOT EDIT! This test has been generated by tools/gentest.py. -->
-<title>Canvas test: security.pattern.canvas.timing</title>
+<title>Canvas test: security.pattern.canvas.timing.cross</title>
 <script src="/resources/testharness.js"></script>
 <script src="/resources/testharnessreport.js"></script>
 <script src="/common/canvas-tests.js"></script>
 <link rel="stylesheet" href="/common/canvas-tests.css">
 <body class="show_output">

-<h1>security.pattern.canvas.timing</h1>
+<h1>security.pattern.canvas.timing.cross</h1>
 <p class="desc">Pattern safety depends on whether the source was origin-clean, not on whether it still is clean</p>

 <p class="notes">Disagrees with spec on "is" vs "was"
--- a/tests/wpt/web-platform-tests/html/semantics/embedded-content/the-canvas-element/security.pattern.canvas.timing.redirect.html
+++ b/tests/wpt/web-platform-tests/html/semantics/embedded-content/the-canvas-element/security.pattern.canvas.timing.redirect.html
@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! This test has been generated by tools/gentest.py. -->
+<title>Canvas test: security.pattern.canvas.timing.redirect</title>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script src="/common/canvas-tests.js"></script>
+<link rel="stylesheet" href="/common/canvas-tests.css">
+<body class="show_output">
+
+<h1>security.pattern.canvas.timing.redirect</h1>
+<p class="desc">Pattern safety depends on whether the source was origin-clean, not on whether it still is clean</p>
+
+<p class="notes">Disagrees with spec on "is" vs "was"
+<p class="output">Actual output:</p>
+<canvas id="c" class="output" width="100" height="50"><p class="fallback">FAIL (fallback content)</p></canvas>
+
+<ul id="d"></ul>
+<script>
+var t = async_test("Pattern safety depends on whether the source was origin-clean, not on whether it still is clean");
+_addTest(function(canvas, ctx) {
+
+var canvas2 = document.createElement('canvas');
+canvas2.width = 100;
+canvas2.height = 50;
+var ctx2 = canvas2.getContext('2d');
+ctx2.fillStyle = '#0f0';
+ctx2.fillRect(0, 0, 100, 50);
+var p = ctx.createPattern(canvas2, 'repeat');
+ctx2.drawImage(document.getElementById('yellow.png'), 0, 0); // make canvas2 origin-unclean
+ctx.fillStyle = p;
+ctx.fillRect(0, 0, 100, 50);
+canvas.toDataURL();
+ctx.getImageData(0, 0, 1, 1);
+_assert(true, "true"); // okay if there was no exception
+
+
+});
+</script>
+<script src="/common/get-host-info.sub.js"></script>
+<script src="data:text/javascript,addCrossOriginRedirectYellowImage()"></script>
+
--- a/tests/wpt/web-platform-tests/html/semantics/embedded-content/the-canvas-element/security.pattern.create.cross.html
+++ b/tests/wpt/web-platform-tests/html/semantics/embedded-content/the-canvas-element/security.pattern.create.cross.html
@ -1,13 +1,13 @@
 <!DOCTYPE html>
 <!-- DO NOT EDIT! This test has been generated by tools/gentest.py. -->
-<title>Canvas test: security.pattern.create</title>
+<title>Canvas test: security.pattern.create.cross</title>
 <script src="/resources/testharness.js"></script>
 <script src="/resources/testharnessreport.js"></script>
 <script src="/common/canvas-tests.js"></script>
 <link rel="stylesheet" href="/common/canvas-tests.css">
 <body class="show_output">

-<h1>security.pattern.create</h1>
+<h1>security.pattern.create.cross</h1>
 <p class="desc">Creating an unclean pattern does not make the canvas origin-unclean</p>


--- a/tests/wpt/web-platform-tests/html/semantics/embedded-content/the-canvas-element/security.pattern.create.redirect.html
+++ b/tests/wpt/web-platform-tests/html/semantics/embedded-content/the-canvas-element/security.pattern.create.redirect.html
@ -0,0 +1,32 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! This test has been generated by tools/gentest.py. -->
+<title>Canvas test: security.pattern.create.redirect</title>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script src="/common/canvas-tests.js"></script>
+<link rel="stylesheet" href="/common/canvas-tests.css">
+<body class="show_output">
+
+<h1>security.pattern.create.redirect</h1>
+<p class="desc">Creating an unclean pattern does not make the canvas origin-unclean</p>
+
+
+<p class="output">Actual output:</p>
+<canvas id="c" class="output" width="100" height="50"><p class="fallback">FAIL (fallback content)</p></canvas>
+
+<ul id="d"></ul>
+<script>
+var t = async_test("Creating an unclean pattern does not make the canvas origin-unclean");
+_addTest(function(canvas, ctx) {
+
+var p = ctx.createPattern(document.getElementById('yellow.png'), 'repeat');
+canvas.toDataURL();
+ctx.getImageData(0, 0, 1, 1);
+_assert(true, "true"); // okay if there was no exception
+
+
+});
+</script>
+<script src="/common/get-host-info.sub.js"></script>
+<script src="data:text/javascript,addCrossOriginRedirectYellowImage()"></script>
+
--- a/tests/wpt/web-platform-tests/html/semantics/embedded-content/the-canvas-element/security.pattern.cross.cross.html
+++ b/tests/wpt/web-platform-tests/html/semantics/embedded-content/the-canvas-element/security.pattern.cross.cross.html
@ -1,13 +1,13 @@
 <!DOCTYPE html>
 <!-- DO NOT EDIT! This test has been generated by tools/gentest.py. -->
-<title>Canvas test: security.pattern.cross</title>
+<title>Canvas test: security.pattern.cross.cross</title>
 <script src="/resources/testharness.js"></script>
 <script src="/resources/testharnessreport.js"></script>
 <script src="/common/canvas-tests.js"></script>
 <link rel="stylesheet" href="/common/canvas-tests.css">
 <body class="show_output">

-<h1>security.pattern.cross</h1>
+<h1>security.pattern.cross.cross</h1>
 <p class="desc">Using an unclean pattern makes the target canvas origin-unclean, not the pattern canvas</p>


--- a/tests/wpt/web-platform-tests/html/semantics/embedded-content/the-canvas-element/security.pattern.cross.redirect.html
+++ b/tests/wpt/web-platform-tests/html/semantics/embedded-content/the-canvas-element/security.pattern.cross.redirect.html
@ -0,0 +1,39 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! This test has been generated by tools/gentest.py. -->
+<title>Canvas test: security.pattern.cross.redirect</title>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script src="/common/canvas-tests.js"></script>
+<link rel="stylesheet" href="/common/canvas-tests.css">
+<body class="show_output">
+
+<h1>security.pattern.cross.redirect</h1>
+<p class="desc">Using an unclean pattern makes the target canvas origin-unclean, not the pattern canvas</p>
+
+
+<p class="output">Actual output:</p>
+<canvas id="c" class="output" width="100" height="50"><p class="fallback">FAIL (fallback content)</p></canvas>
+
+<ul id="d"></ul>
+<script>
+var t = async_test("Using an unclean pattern makes the target canvas origin-unclean, not the pattern canvas");
+_addTest(function(canvas, ctx) {
+
+var canvas2 = document.createElement('canvas');
+canvas2.width = 100;
+canvas2.height = 50;
+var ctx2 = canvas2.getContext('2d');
+var p = ctx2.createPattern(document.getElementById('yellow.png'), 'repeat');
+ctx.fillStyle = p;
+ctx.fillRect(0, 0, 100, 50);
+assert_throws("SECURITY_ERR", function() { canvas.toDataURL(); });
+assert_throws("SECURITY_ERR", function() { ctx.getImageData(0, 0, 1, 1); });
+canvas2.toDataURL();
+ctx2.getImageData(0, 0, 1, 1);
+
+
+});
+</script>
+<script src="/common/get-host-info.sub.js"></script>
+<script src="data:text/javascript,addCrossOriginRedirectYellowImage()"></script>
+
--- a/tests/wpt/web-platform-tests/html/semantics/embedded-content/the-canvas-element/security.pattern.image.fillStyle.cross.html
+++ b/tests/wpt/web-platform-tests/html/semantics/embedded-content/the-canvas-element/security.pattern.image.fillStyle.cross.html
@ -1,13 +1,13 @@
 <!DOCTYPE html>
 <!-- DO NOT EDIT! This test has been generated by tools/gentest.py. -->
-<title>Canvas test: security.pattern.image.fillStyle</title>
+<title>Canvas test: security.pattern.image.fillStyle.cross</title>
 <script src="/resources/testharness.js"></script>
 <script src="/resources/testharnessreport.js"></script>
 <script src="/common/canvas-tests.js"></script>
 <link rel="stylesheet" href="/common/canvas-tests.css">
 <body class="show_output">

-<h1>security.pattern.image.fillStyle</h1>
+<h1>security.pattern.image.fillStyle.cross</h1>
 <p class="desc">Setting fillStyle to a pattern of a different-origin image makes the canvas origin-unclean</p>


--- a/tests/wpt/web-platform-tests/html/semantics/embedded-content/the-canvas-element/security.pattern.image.fillStyle.redirect.html
+++ b/tests/wpt/web-platform-tests/html/semantics/embedded-content/the-canvas-element/security.pattern.image.fillStyle.redirect.html
@ -0,0 +1,33 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! This test has been generated by tools/gentest.py. -->
+<title>Canvas test: security.pattern.image.fillStyle.redirect</title>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script src="/common/canvas-tests.js"></script>
+<link rel="stylesheet" href="/common/canvas-tests.css">
+<body class="show_output">
+
+<h1>security.pattern.image.fillStyle.redirect</h1>
+<p class="desc">Setting fillStyle to a pattern of a different-origin image makes the canvas origin-unclean</p>
+
+
+<p class="output">Actual output:</p>
+<canvas id="c" class="output" width="100" height="50"><p class="fallback">FAIL (fallback content)</p></canvas>
+
+<ul id="d"></ul>
+<script>
+var t = async_test("Setting fillStyle to a pattern of a different-origin image makes the canvas origin-unclean");
+_addTest(function(canvas, ctx) {
+
+var p = ctx.createPattern(document.getElementById('yellow.png'), 'repeat');
+ctx.fillStyle = p;
+ctx.fillStyle = 'red';
+assert_throws("SECURITY_ERR", function() { canvas.toDataURL(); });
+assert_throws("SECURITY_ERR", function() { ctx.getImageData(0, 0, 1, 1); });
+
+
+});
+</script>
+<script src="/common/get-host-info.sub.js"></script>
+<script src="data:text/javascript,addCrossOriginRedirectYellowImage()"></script>
+
--- a/tests/wpt/web-platform-tests/html/semantics/embedded-content/the-canvas-element/security.pattern.image.strokeStyle.cross.html
+++ b/tests/wpt/web-platform-tests/html/semantics/embedded-content/the-canvas-element/security.pattern.image.strokeStyle.cross.html
@ -1,13 +1,13 @@
 <!DOCTYPE html>
 <!-- DO NOT EDIT! This test has been generated by tools/gentest.py. -->
-<title>Canvas test: security.pattern.image.strokeStyle</title>
+<title>Canvas test: security.pattern.image.strokeStyle.cross</title>
 <script src="/resources/testharness.js"></script>
 <script src="/resources/testharnessreport.js"></script>
 <script src="/common/canvas-tests.js"></script>
 <link rel="stylesheet" href="/common/canvas-tests.css">
 <body class="show_output">

-<h1>security.pattern.image.strokeStyle</h1>
+<h1>security.pattern.image.strokeStyle.cross</h1>
 <p class="desc">Setting strokeStyle to a pattern of a different-origin image makes the canvas origin-unclean</p>


--- a/tests/wpt/web-platform-tests/html/semantics/embedded-content/the-canvas-element/security.pattern.image.strokeStyle.redirect.html
+++ b/tests/wpt/web-platform-tests/html/semantics/embedded-content/the-canvas-element/security.pattern.image.strokeStyle.redirect.html
@ -0,0 +1,33 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! This test has been generated by tools/gentest.py. -->
+<title>Canvas test: security.pattern.image.strokeStyle.redirect</title>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script src="/common/canvas-tests.js"></script>
+<link rel="stylesheet" href="/common/canvas-tests.css">
+<body class="show_output">
+
+<h1>security.pattern.image.strokeStyle.redirect</h1>
+<p class="desc">Setting strokeStyle to a pattern of a different-origin image makes the canvas origin-unclean</p>
+
+
+<p class="output">Actual output:</p>
+<canvas id="c" class="output" width="100" height="50"><p class="fallback">FAIL (fallback content)</p></canvas>
+
+<ul id="d"></ul>
+<script>
+var t = async_test("Setting strokeStyle to a pattern of a different-origin image makes the canvas origin-unclean");
+_addTest(function(canvas, ctx) {
+
+var p = ctx.createPattern(document.getElementById('yellow.png'), 'repeat');
+ctx.strokeStyle = p;
+ctx.strokeStyle = 'red';
+assert_throws("SECURITY_ERR", function() { canvas.toDataURL(); });
+assert_throws("SECURITY_ERR", function() { ctx.getImageData(0, 0, 1, 1); });
+
+
+});
+</script>
+<script src="/common/get-host-info.sub.js"></script>
+<script src="data:text/javascript,addCrossOriginRedirectYellowImage()"></script>
+
--- a/tests/wpt/web-platform-tests/html/semantics/embedded-content/the-canvas-element/security.reset.cross.html
+++ b/tests/wpt/web-platform-tests/html/semantics/embedded-content/the-canvas-element/security.reset.cross.html
@ -1,13 +1,13 @@
 <!DOCTYPE html>
 <!-- DO NOT EDIT! This test has been generated by tools/gentest.py. -->
-<title>Canvas test: security.reset</title>
+<title>Canvas test: security.reset.cross</title>
 <script src="/resources/testharness.js"></script>
 <script src="/resources/testharnessreport.js"></script>
 <script src="/common/canvas-tests.js"></script>
 <link rel="stylesheet" href="/common/canvas-tests.css">
 <body class="show_output">

-<h1>security.reset</h1>
+<h1>security.reset.cross</h1>
 <p class="desc">Resetting the canvas state does not reset the origin-clean flag</p>


--- a/tests/wpt/web-platform-tests/html/semantics/embedded-content/the-canvas-element/security.reset.redirect.html
+++ b/tests/wpt/web-platform-tests/html/semantics/embedded-content/the-canvas-element/security.reset.redirect.html
@ -0,0 +1,33 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! This test has been generated by tools/gentest.py. -->
+<title>Canvas test: security.reset.redirect</title>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script src="/common/canvas-tests.js"></script>
+<link rel="stylesheet" href="/common/canvas-tests.css">
+<body class="show_output">
+
+<h1>security.reset.redirect</h1>
+<p class="desc">Resetting the canvas state does not reset the origin-clean flag</p>
+
+
+<p class="output">Actual output:</p>
+<canvas id="c" class="output" width="100" height="50"><p class="fallback">FAIL (fallback content)</p></canvas>
+
+<ul id="d"></ul>
+<script>
+var t = async_test("Resetting the canvas state does not reset the origin-clean flag");
+_addTest(function(canvas, ctx) {
+
+canvas.width = 50;
+ctx.drawImage(document.getElementById('yellow.png'), 0, 0);
+assert_throws("SECURITY_ERR", function() { canvas.toDataURL(); });
+canvas.width = 100;
+assert_throws("SECURITY_ERR", function() { canvas.toDataURL(); });
+
+
+});
+</script>
+<script src="/common/get-host-info.sub.js"></script>
+<script src="data:text/javascript,addCrossOriginRedirectYellowImage()"></script>
+